Perspective of first seven interesting days of GDPR
GDPR Day
At 12:01 on the 25th May 2018, something historic happened over night.
If you were thinking it was the start of the last Friday in May, you would be right, but that wasn’t the historical reason.
It was to do with the increase of emails in your inbox about privacy policies…
Have you got it now?
Yes, that’s right, GDPR!
The new General Data Protection Regulations came into force last Friday, and unless you’ve been living under a rock, or your email address was on nobody’s mailing list, then I’m sure you may be aware of it.
If you’re not aware, then on the 25 May 2018 the 1998 Data Protection Act was replaced in UK Law by the new European Union General Data Protection Regulations. Regardless of the UK outcome after Brexit, the law will remain in place until it is superseded or amended by future governments.
Who enforces GDPR?
For governance in the UK, the ICO Information Commissioner’s Office is the place for all regulation on GDPR. Visit the ICO for further information.
GDPR where to start?
First of all, I’m not a legal expert. So all comments in this post are just opinions. If you want a legal expert on GDPR then I recommend Suzanne Dibble who has a great pack for small businesses to get inline with GDPR. She has grown her Facebook group GDPR for Online Entrepreneurs to over 33,000 members in 3 months, and is a great resource for further GDPR related questions. I fully recommend checking out her Facebook group.
For a lot of people in the UK, across the EU, and outside the EU as it’s so over reaching, so that many people have been unaware of the law coming into force. The new law was actually created two years ago. Why has there been such a poor delayed rollout is a mystery to many, specifically as this affects not just all businesses, but every consumer and their personal data.
You can see in the BBC Newsnight’s clip below on the eve of the new law coming into force, the details of some of the new laws for GDPR.
Why GDPR is good for business?
Personally, the new laws are a long time overdue, and overall are a positive step forward for businesses and more importantly the consumer. As we are all consumers, we now have more rights on who holds our data. The use of people’s data is so powerful, and it is only right that the consumer should provide the required consent to a particular business to allow them to have their data. Our Privacy Policy at Cosmik Carrot was updated several weeks ago with the details of how we look after our client’s data.
The lead up to the 25th May for GDPR day gave everyone with their mailing lists the opportunity to ask the ‘person’ if they wanted to continue to receive their future emails after that date. This is why the majority of inboxes were overloaded with desperate pleas of emails begging people to stay on their mailing list and ‘opt-in’.
Reactions to GDPR
During several conversations on the run up to implementation of GDPR both here in the UK and across parts of Europe, and the USA, I heard a lot of anti-GDPR comments. However, GDPR is not going away, and would be a step backwards for data protection if it did. The only thing everyone can do, is to ‘Embrace GDPR’.
Repeating the message of ‘Embracing GDPR’ to some fellow developers in the USA, was returned with a very simple negative position. We will block all EU traffic to our website so we don’t have to comply with it.
I couldn’t believe this was a possible position from some respected developers in the WordPress community. However, this appears to have been turned into a reality, and on quite a large scale.
Until further notice since the 25th May 2018, the following newspapers in the USA, are no longer viewable from an IP address that is now governed under the new General Data Protection Regulations.
We may be looking back in history and realise that the day GDPR came into force, was the day the world wide web became ‘less world wide’. The U.S. newspapers may remove their block in time once they feel they are compliant with GDPR to increase their global readership again. However, it is rather surprising that such large media organisations were not ready for GDPR in time. This could be viewed as quite concerning that weren’t ready in time, and also more worryingly what they currently do with their data for their users.
The right to complain
As part of new laws, individuals now have the right to complain about companies if they feel that they haven’t provided consent for them to do so.
Within the first few hours of GDPR coming into force, Facebook, Google, Instagram, and WhatsApp all had complaints filled against them on the grounds of ‘targeted advertising without consent‘. The complaints case was filed by the Privacy group ‘noyb.eu” with a potential penalty of up to €7 billion in total.
It will be interesting to see how the case unfolds across the several countries that those companies have their jurisdiction in.
From GDPR non compliance to the overzealous
Several high profile companies on the run up to GDPR did their best to comply with the new rules, however some of them were unnecessary reactions to the laws, which were either correct on the rules, over the top, or just plain silly. Here are the best one’s on the GDPR Hall of Shame for a laugh.
President Trump and E.U. differences
As GDPR is such an over-reaching law outside of the EU, it was inevitable that this was going to become political at some point with national differences. How this didn’t become a high level news topic before the new laws came into force is bizarre, and maybe an understanding how little politicians globally knew about this new EU law.
As of the 30th May, the Washington Post has reported that President Trump will likely bring up the data protection regulations inline with EU tariffs and trade issues in the near future. This is following a lot of US Companies complaining about the new regulations and not understanding them.
There has been talk of California introducing a similar GDPR law for all citizens in that state of USA. If that is to proceed, and the already adoption and embracement by some of the biggest US companies (Google, Facebook, Apple) across America, then it is likely that the USA will fall in line and embrace GDPR fully. This has to be the positive step forward for all consumers and the continual global world wide web.
Looking for website compliance with the new laws
If you’re looking to get your website GDPR compliant, as it’s never too late to do so, then contact us here with your details and then we’ll take it from there with you.
