> We have to be careful not to move outside the constraints of the API/technical discussion. Most of us can't have a meaningful discussion about GDPR because we are not lawyers.
Obviously, we have to make sure we are not building and promoting something that breaks the law, or encouraging implementors to make something that breaks the law.
So if we don't know enough to avoid that, we had better ask some lawyers where the lines are. (It's not good enough in any country I know anything about just to say "I don't know the law, so I will do whatever makes sense to me".)
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/payment-method-basic-card/issues/72#issuecomment-476176061