RE: GDPR Compliance for Steem - Who Is Responsible? An Update After Speaking With UK Gov.
Ureka has absolutely no enforcement of identity and no trade/commerce involved. Essentially, I place absolutely no requirement for people to be who they say they are and so it is a bit of a stretch to say that I should be liable for massive fines if people's privacy is breached when I actually don't really have any way of identifying the vast majority of them and do not require them to give me any information at all.
That said, I am working with the creators of the open source software that the site is based on to get their framework compliant anyway, which will not really be that hard. Most of what is needed is in there anyway since it is best practise for social systems.
I absolutely agree that the GDPR system lacks coherent logic, but I would expect nothing less!