> If I run a lemonade stand, and a UK citizen walks up a pays a dollar for a glass of lemonade, then that doesn't give the UK jurisdiction over the lemonade stand.

You are allowed to sell lemonade to British tourists. But if you're shipping lemonade to the UK, you are subject to UK lemonade regulations. That doesn't mean that the UK has jurisdiction over your business and can shut it down or anything like that, but if you travel to the UK or UK banks handle your transactions, they have the right to seize funds and shipments, close your accounts or detain you if you set foot in the UK. Your choice are: follow UK regulations; stop shipping lemonade to the UK; or continue as you were, never go to the UK, and know that the UK can always ban shipments from your stand.

The US does the same thing all the time, and even worse[1]. Lots of piracy sites located in jurisdictions where US copyright laws don't apply are seized by US federal agencies and replaced with a notice about piracy. Those sites haven't broken any laws in the countries they're hosted in, they have no legal presence in the US, and yet the domains are banned/seized and administrators detained if they ever step foot on US soil. The UK is not threatening to seize anyone's site.

[1] https://en.wikipedia.org/wiki/Operation_In_Our_Sites

Why is it the website operators job to figure out where people are from? It isn't even generally possible for them to do correctly. A better analogy would be that a british person hired someone who looked and sounded american to go to the us to buy some lemonade and have it shipped to the uk where having it breaks the law, and then blaming the lemonade stand.

> Why is it the website operators job to figure out where people are from?

Why not? It's their responsibility to comply with UK laws if they want to keep serving British customers and making money off of them. Just because the service is provided online doesn't mean it can go on unregulated. You're acting like this is something new that websites haven't had to do for decades.

> > Why is it the website operators job to figure out where people are from?

> Why not?

Because laws vary from location to location, and it's an unreasonable for a [UK] agency to make demands from an exclusively [US] group under the assumption that they are aware of every possible law in existence. Someone in the [US] can't expect to have reasonable influence over the laws in the [UK] that they're now required to follow? That's a blatantly unfair system. That's why not.

But actually why? You confidently assert that because it has happened before, that's the way it should always be!

You're still trying to apply rules for jurisdiction, that don't map well to the Internet. If I was sending someone to the UK to buy and sell, I think your arguments would make sense. But that's not the analogy that applies here. The better analogy is, people from the UK are traveling across jurisdictional lines, and buying from my shop, based exclusively in my country. My country feels privacy and anonymity are important fundamental rights, and my business exists to that end. Here, instead of trying to control UK citizens, and making it illegal for them to travel to the US to do something they want to prevent, they instead are trying to force the US group to attempt to doxx every user and exclude some of them.

That feels insane to me, what's your take on that examplev

Also, I feel it's important to note, part of the reason they're using this specific tactic, is because they're aware how impossible and intractable their demands actually are. To call internet geolocation complex or error prone would be an understatement. So based exclusively that they're demanding someone other than them should tackle a near impossible task, should be enough of a reason to reject the demand. Legal or not, unreasonable demands deserve rejection.

> Sure they do. When I go to boards.4chan.org, the server recognises my request, including where it's coming from, and returns some content. Similarly, when I buy lemonade from a company, they see my shipping address and ships the lemonade. Seems to me like it maps pretty well.

How do you suspect a given IP address maps to a geographical location?

Does ofcom supply a list of IP addresses based in the UK? What if it's a US resident using a VPN or other anonymizing tool such as Tor?

Like I said, Ofcom is satisfied with IP-based geolocation implemented by other services, so those what ifs are not relevant.

If you don't understand exactly what the parameters are, how can you 1) be sure you're doing it correctly, and not still in violation i.e. has ofcom publicly stated they've reviewed it and agree it's acceptable, or have they just moved on while ominously stating they'll be watching? Seems like a needless risk to hope ofcom doesn't decide they did it wrong and demand retroactive fines. 2) defend the action if they do later to continue or change their mind about if any action is enough?

It's a mistake to ignore the problems and realities of some solution, or half solution, caused a legal demand from without a reasonable claim of jurisdiction.

Honestly, It's a wild take to assert that an ip based geoblock that's guaranteed to be buggy is fine or acceptable just because ofcom hasn't figured out how buggy it actually is yet. Just as it is equally insane to suggest that a foreign government should be able to compel, (or willing to demand) some action by anyone.

A good start would be to use geoip. It's not perfect, but it will almost certainly be enough to make UK happy (the same happens when detecting European for GDPR purposes).

Lmao, why would a web server operator need to care where their clients send requests from? Imagine if half the countries in the world required this, each with distinct requirements on how to handle traffic from their jurisdictions. Insane. Relieve us of the misery of acting as though OFCOM’s requests are reasonable- they are not.

> But if you're shipping lemonade to the UK, you are subject to UK lemonade regulations.

I was with you up until here. Shipping to a physical address, where if you don't specify the country name, it won't arrive. Is very different than shipping to an Internet address, which has no "reasonable" connection to a physical location.

> Your choice are: follow UK regulations [give up the core gimmick of your entire site]; stop shipping lemonade to the UK [the shipping analogy really breaks here, how? and what about vpns? what if the other endpoint is in the UK but the address isn't?]; or continue as you were, never go to the UK, and know that the UK can always ban shipments from your stand.

I don't disagree that [country] can make laws that make society worse... But I don't think it's reasonable to defend them as if these actions aren't egregious. There's the armchair arguments that I enjoy as a thought experiment, but it's still important to point out how antisocial this behavior is.

> The US does the same thing all the time, and even worse [...]

There's an argument to be made they're using a domain registratar in the US, which is subject to those laws (obviously). But what about [other disappointing behavior] because it's worse. Is exactly the example you're arguing against. Precedence of bad stuff is still bad, ideally everyone would point out it's bad, and suggest alternatives to the bad thing, no?

> But I don't think it's reasonable to defend them as if these actions aren't egregious

I'm not defending the Online Safety Act, I think it's a horrible and stupid law. On the other hand, I will defend GDPR, which uses a similar legal framework of enforcement. My argument is that the UK is within its rights to implement and enforce laws as they see fit, not that the laws are good.

> My argument is that the UK is within its rights to implement and enforce laws as they see fit, not that the laws are good.

The argument you are making, is that the laws, and the behavior they're enabling is reasonable.

That may not what you meant to convey, but to abuse an analogy, it is fruit from the poisoned tree. You can't defend some action, without by proxy defending the source. Either the law is reasonable, and ofcom is acting reasonably, or the law is unreasonable, and ofcom is acting unreasonably trying to enforce it. Correct or not, or technically legal in the UK or not.

You can defend the actions of ofcom, as not illegal, but that's not what you're doing, and not the context of this thread.

> The argument you are making, is that the laws, and the behavior they're enabling is reasonable.

I am doing no such thing.

I don't think you're aware of what you're communicating then. Because that is exactly what comes from defending them, and you are defending them.

> The UK is not threatening to seize anyone's site.

Yet? :)

Countries claim juristiction for thing outside their borders all the time. however they place a much higher bar on what they claim. Lemonaid stands are likely safe, but even if it is legal where you live the US will claim pedopillia laws aganst you they can get you.

part of the high bar is claiming juristriction requires sending your army. (Sanctions are often used too which might or might not work). That is why the threat is if the directors travel to the uk - that gives them sone power - but still expect US government to do 'things' if the arrest any US citizen on this.

> If I run a lemonade stand, and a UK citizen walks up a pays a dollar for a glass of lemonade, then that doesn't give the UK jurisdiction over the lemonade stand.

It does... to correct your example, the UK citizen is paying a dollar for the lemonade while in the UK.

Are you saying that if I had a website hosted in Russia that pretended to be your bank and stole all your money from phishing that is perfectly legal?

>Are you saying that if I had a website hosted in Russia that pretended to be your bank and stole all your money from phishing that is perfectly legal?

Website hosted in US publishing truth about Ukraine war - even calling it a war is already a felony in Russia - is it legal or illegal?

I'm personally against stealing money, and i'm for calling a war a war, yet how do we formally codify that into law - there are 200 countries and at any given moment, especially while online, you're probably violating some law of some country. Before internet globalization, the geography based jurisdiction was such an objective approach. Now it is more like "catch me if you can" which is obviously not a solid foundation to build on. Like that plane that had emergency landing in Minsk, and the Belorussian dissident flying on that plane was arrested by the Belorussian police. And many here on HN were critical of MBS when Khashoggi was killed in the Saudi embassy in Istanbul - what if our plane has to make an emergency landing in Riyadh ...

> Website hosted in US publishing truth about Ukraine war - even calling it a war is already a felony in Russia - is it legal or illegal?

That's illegal in Russia. Russia has fined Google more money than exists in the world. It doesn't mean anything, but you bet the CEO of Google isn't going to visit Russia. Russia can choose to block any websites that hurt their feelings. Much like the UK and 4Chan.

> what if our plane has to make an emergency landing in Riyadh ...

Then you hope to God that the people with the bone saws don't read hackernews.

> Website hosted in US publishing truth about Ukraine war - even calling it a war is already a felony in Russia - is it legal or illegal?

Try hosting one of those sites and then fly to Russia and let us know. I think you’ll find it’s quite illegal and will be enforced to the fullest extent of the law the second you enter their jurisdiction.

It turns out it doesn’t actually matter whether you or I think the law in question is BS. We don’t run Russia or determine what laws they enact.

So, my original point was that a business is not under the jurisdiction of the UK just because it offers a service to UK citizen - I probably should have mentioned I'm not in the UK.

Whether the website is illegal or not would depend on Russian law in your example. I'd also suspect that other laws might apply, like wire fraud. Some of those would likely be enforceable in other countries.