File this one under the title of Unintended Consequences.
After gaining popularity among many Bitcoin and crypto token traders in recent months, P2P trading platform CoinTouch has announced on its website at cointouch.com that it is shutting down due to uncertainty which the new General Data Protection Regulation (GDPR) presents to website operators.
Chris Beach, who created CoinTouch in 2014 after bad experiences with centralised crypto-currency exchanges, said that he is also shutting his Streetlend social lending site for the same reasons.
According to Mr. Beach’s statement on his site, the EU’s new GDPR which formally takes effect on May 25, 2018, creates uncertainty and risk which he couldn’t justify taking, in part because the wording of the new rules are vague and ambiguous.
GDPR threatens website owners with fines of 4% of turnover or €20 million (whichever is higher) if they do not jump through a number of ambiguously-defined hoops. The law, combined with parasitic no-win-no-fee legal firms, puts website owners at risk of vindictive reporting. Young websites and non-profits cannot afford legal teams. Therefore the risk posed by GDPR is unacceptably high.
Mr. Beach said that he asked trusted contacts in the industry for advice on how to make CoinTouch GDPR compliant. They apparently came back with different answers – through no fault of their own, as the law is ambiguously defined. He concluded that he cannot justify running a free service while taking on a legal risk.
So, perversely, this new EU law hurts small website like CoinTouch, but helps reinforce the dominance of Facebook, Google and Twitter, who are able to prepare and defend themselves using established legal teams and cash reserves, and who now face less competition from startups. The EU Cookie Law, EU VAT regulation and now the EU GDPR are all examples of poorly-implemented laws that add complexity and unintended side-effects for businesses within the EU.