Everyone receives privacy emails in response to the EU (European Union) enacting the GDPR (General Data Protection Regulation) for websites. It can feel like a “burning house” when you also start hearing terrifying proclamations on how to get your own website up to speed. So let’s take a deep breath and tackle reality.
Why the website privacy laws?
The internet has been largely unregulated for the past 20 years. There has been tremendous growth in business. 60 Minutes did a segment last week titled “How Did Google Get So Big?” Facebook’s relationship with Cambridge Analytica and the transfer of users’ personal data also drew attention to the privacy of the website. The internet is now a booming industry used by almost everyone, so regulation is on the horizon.
A few months ago, website owners were quick to get SSL certificates for their websites and make them look more user-friendly and Google search. SSL not only changes your website from HTTP to HTTPS, it also offers a level of protection for the web visitor … the consumer.
So now the EU has stepped in with laws that require disclosure of how websites treat personal data. Again, this is for the web visitor … the consumer. It offers a means of understanding whether your personal data is collected and how it is used.
I don’t live in Europe – Why does the GDPR apply to my website?
Businesses are approaching new EU regulations in the US in the way of adopting the GDPR as a matter of practice because it provides consumer security. People like to know that nothing harmful is happening to their personal information. If you saw any of Mark Zuckerberg’s testimony in front of Congress, you probably noticed that many of the questions were about what information is being collected and where it is going. This is why you get emails from everyone!
What does GDPR compliance look like?
The GDPR is all about disclosure, so when adopting the GDPR as a guide, compliance starts with two words “declaration and consent.” Best practices are to have a Privacy Statement and request consent when using your website to obtain user information.
The Privacy Statement can be written from an example page found in the latest version of WordPress (version 4.9.6). This new page is a guide and your own website may contain elements that differ from this outline. This new page can be added to your website structure, preferably via a link at the bottom of the website.
To demonstrate consent, a checkbox can be added to any form that collects information from a web visitor. Checking the box confirms that they know that they are giving you personal data.
It’s time to start. Having these parts of the new regulations on your website will indicate to users that you are a good webmaster.