I had a photographer call me this week in a GDPR panic. “Steve, I’m going to have to shut down my websites!” he said.
“What are you talking about?”
“It’s that _ _ _ _ _ _ _ _ GDPR! I got a call from a web designer and he said I can be liable for fines of over $20,000,000 for one infraction…he wants $500 to make my website GDPR compatible! I don’t have that kind of money…what else can I do?”
“Well, first of all, you can take a breath before you hyperventilate. You are not going to have to shut down your websites, and you are not going to have to pay the GDPR a multi-million dollar fine,” I told him.
Unscrupulous people are contacting businesses (especially SMALL businesses) and trying to panic them into paying big bucks for a small fix on their websites. The deadline is May 25, 2018. So you aren’t compliant? BFD. Neither is 90% of the websites out there–relax.
The General Data Protection Regulation (GDPR) is a European Union (EU) law taking effect on May 25, 2018. The goal of GDPR is to give EU citizens control over their personal data and change the data privacy approach of organizati
ons across the world. Why they get to apply it to US websites, I have no idea. Someone in DC decided it would be a good idea. So much for wanting to cut back on regulations.
After May 25th, 2018, businesses that are not in GDPR compliance can face fines up to 4% of a company’s annual global revenue OR €20 million (about @ $25 million today)– whichever is greater. That will get your attention, to be sure. But, is this enough reason to cause your hemorrhoids to flare up? Does this apply to my little website?
However, you don’t get that big hit for your first infraction. It will start with a warning, then a reprimand, and if you continue to violate the law, then the large fines will hit.
The good news is that if you are using WordPress for your website, WordPress 4.9.6 now comes with several GDPR enhancement tools. And there are plug-ins that make the whole thing easy-peasy, so forget paying some fast talking code geek big bucks to fix your site. WordPress.org has one that is ZERO COST! You can find a list of available plug-ins, along with more GDPR information, at the WPBEGINNER website.
Hey…I’m Still Using HTML…What Do I Do?
I Do Email Marketing…Am I Affected By GDPR?
Yes. For more information, check out this post from Aweber.
Wrapping Things Up…
Ready or not, GDPR will go into effect on May 25, 2018. If your website is not compliant before then, don’t panic. Just continue to work towards compliance and get it done asap.
The likelihood of you getting a fine the day after this rule goes into effect are pretty close to zero…for two reasons. First, there are a LOT of websites in existence…over 1.5 BILLION to be precise (but about 200 million are actually active). Now unless these rule weasels have added a LOT of people to their enforcement squad, they are going to be a little behind the curve. And SECOND, because the European Union’s website states that first, you’ll get a warning, then you get a reprimand. Fines are the LAST RESORT if you fail to comply and knowingly ignore the law.
With the recent data breaches of large companies (Equifax, Yahoo, Target, et al), it’s important that these standards are adopted globally. The EU is not out to get you (well, they SAY they aren’t anyway). They’re doing this to protect user data and restore trust in online businesses. As the world becomes more and more a digital world, we need these standards to try to stop–or at least impede–bad actors that want to do us harm.