It doesn't contradict the first line. It still refers to US companies with a physical presence in the EU.

You should also have a think about what the implications of what you think it means are. If anyone that posts on someone else's website retained ownership then the site owner couldn't delete it then it would be a spammers charter. It's obvious that applying a little common sense says you have misunderstood it.

So not the forum.

As far as I'm aware the General Data Protection Regulation is only applicable in the EU and I'm not sure how they'll try to enforce that in the United States.

"For U.S. companies that have a physical presence (establishment) in the EU, which increasingly they do, the GDPR can be enforced directly against them by EU member state authorities," Priebe says. "EU authorities have been aggressively pursuing data protection enforcement actions against U.S. companies with locations in the EU for a number of years."

But things get a little murkier for U.S. companies without a physical presence in the EU. According to Priebe, GDPR addresses this issue "by requiring companies without an establishment in the EU ... to designate a 'representative' located in the EU."

This won't apply to every U.S. business — just the ones that are knowingly, and actively, conducting business in the EU. In this vein, EU courts have the discretionary ability to determine if a U.S. company was purposely collecting EU resident data and subverting GDPR compliance. So, in some cases, the inadvertent collection of personal data will be forgiven if it is found to have been occasional and "unlikely to result in a risk to the rights and freedoms of natural persons."

But this all relies on the EU member state's judgment. Some EU countries such as Germany take a harder approach to data privacy, and may not be as lenient.
Last but not least: EU regulators rely on international law to issue fines. Written into GDPR itself is a clause, Priebe says, stating that any action against a company from outside the EU must be issued in accordance with international law.

As it happens, the EU and the U.S. have a pretty good relationship.

"There has [...] been long term and increasing enforcement cooperation between U.S. and EU data protection authorities," Priebe says,
pointing to the negotiations over the EU-U.S. Privacy Shield data sharing agreement, which puts systems in place for the EU to issue complaints and fines against U.S. companies.

She continues: "While we don’t yet have U.S.-EU negotiated civil enforcement mechanisms for the GDPR (and it is unknown whether we ever will), there is still the application of international law and potential cooperation agreements between U.S. and EU law enforcement agencies, which have been increasing in recent years."

The bottom line: EU regulators can fine U.S. companies for violating

When you post something on someone else's website then you give it to them. You never had ownership.

GDPR is about personal data not what you post online.

The post you reported was deleted but it seems the thread was also trashed for whatever reason.

/srs : I fail to understand why retrieving your password by entering your username is enabled. Email is sufficient and more secure.

No, my crawler does nothing but load the page - does not follow or index any links.

I have noticed there are some old profiles that still have an avatar from an external source, and they time out when I try to connect.  Examples:
https://bitcointalk.org/index.php?action=profile;u=3758
https://bitcointalk.org/index.php?action=profile;u=5153

I feel this is somehow related to that issue. 

Oh man, scotaloo. Been a long time since I heard that name. To be fair that github account had a really old password.

Did ya have to change the password and the email, though?