gdpr

gdprwptool

GDPR comes into effect today. Although it directly affects organisations based in the EU, with today’s globalisation it actually impacts everyone that

offer goods or services to, or monitor the behaviour of, EU data subjects.

Implications for personal websites like mine is minimal, especially since I don’t have any other users, nor do I offer goods and services via e-commerce. I don’t allow comments, so I’m not collecting or processing data from anyone. I have no mailing lists or other means of outreach or communication. The only potential area is third-party cookies from plug-ins and embedded posts but I think I’m okay there.

Someone wrote a detailed WordPress GDPR guide. Everyone who runs a personal or business wp site should read it. Some typical ways a standard wp installation will collect data:

  • user registration
  • comments
  • contact forms
  • analytics
  • logging or security plugins

Again, I think I’m okay there. WP has automatically updated with a tool for exporting and erasing personal data. I probably need to include some wording on the collection and processing of data at some point. I’m sure there will be standard wording available as templates.

Even though people know gdpr is coming for years, lots of corporate sites are caught unprepared. A bunch of US newspapers, including LA Times, Chicago Tribune, has shut down or stripped their websites for EU visitors. Instapaper users in the EU are suffering the same fate. So instead of complying with the regulation, they’re choosing to keep their heads in the sand. These aren’t small personal sites, but big high traffic sites.

Makes me think they are collecting and using people’s personal data for purposes that users haven’t consented to. Advertising is the culprit here, what else. From Jason Straight from a company that sets up gdpr compliance programs for businesses:

For many years it’s been, ‘How much data can we trick people into giving us?’

I think gdpr is wonderful. Its aim is to protect users from the rampant disregard for personal data that has flooded the internet in recent years. Time to fight back.