EU laws applies within the EU, as well as "what people do with EU citizen data online", which makes sense? If you have EU users, your handing of their data is bound by EU law, in the same way that if you have US users, your handling of their data is bound by US laws. (and yes, if Cameroon laws pertaining to data handling then yeah: you're bound to those laws for your Cameroonian users).
This isn't a matter of "the laws are making our life hard": by accepting user data you, as a service, are consenting to following all applicable laws. You have opted in, now you have obligations. Don't want to deal with GDPR? Ask users where they're from and go "sorry, can't let you create an account, we don't want to have to deal with GDPR".
Even if you pretended HN was a "for US only" website (which it of course very much isn't) you still have at least five state laws to comply with (California, Virginia, Colorado, Utah, and Connecticut), and that number's only going to go up.
If you handle data, the easiest way to deal with this whole "oh my god so many laws" is to know where your user data lives, not sell it on without express consent, and have data deletion built in from day one with a "delete all my data (including my account, obviously)" button that users can click themselves. And presto, without any further involvement from your side (unless you lie, and don't actually delete data) you suddenly comply with all data privacy laws, and users don't even need to fill in official request forms relating to specific laws that you then have to deal with within X days. You just have an FAQ entry going "Q: How do I delete my data? A: Go to your account page and click the "remove my account" button".
This isn't a matter of "the laws are making our life hard": by accepting user data you, as a service, are consenting to following all applicable laws. You have opted in, now you have obligations. Don't want to deal with GDPR? Ask users where they're from and go "sorry, can't let you create an account, we don't want to have to deal with GDPR".
Even if you pretended HN was a "for US only" website (which it of course very much isn't) you still have at least five state laws to comply with (California, Virginia, Colorado, Utah, and Connecticut), and that number's only going to go up.
If you handle data, the easiest way to deal with this whole "oh my god so many laws" is to know where your user data lives, not sell it on without express consent, and have data deletion built in from day one with a "delete all my data (including my account, obviously)" button that users can click themselves. And presto, without any further involvement from your side (unless you lie, and don't actually delete data) you suddenly comply with all data privacy laws, and users don't even need to fill in official request forms relating to specific laws that you then have to deal with within X days. You just have an FAQ entry going "Q: How do I delete my data? A: Go to your account page and click the "remove my account" button".