What is the GDPR?
Over the past few weeks, you’ve probably seen an uptick in the number of emails in your inbox. The European Union has passed legislation known as the General Data Protection Regulation, aka the GDPR. The purpose of the GDPR is to protect one’s privacy online. In a nutshell, your information online has a much greater amount of protection. There is much greater transparency about how companies use your personal information.
In fact, this even effects bloggers and pretty much anyone with a website. And it even bears impact if you are not physically located within the European Union. Say what? Yes, the EU now has a big influence on you as a blogger or content creator. So if you haven’t already, now’s the time to “get on the stick” as they say where I’m from. In other words, it’s time to take action about your GDPR compliance.
But don’t just take my word for it. Instead, let’s hear from someone who knows his stuff. The Awesome Muse turned to a legal specialist in cyber security and regulation.
Attorney Robert Cattanach is a partner at the international law firm Dorsey & Whitney. He has previously worked as a trial attorney for the United States Department of Justice. Cattanach was also special counsel to the Secretary of the Navy. Today he practices in the areas of regulatory litigation, including cybersecurity and data breaches, privacy and telecommunications, civil and criminal enforcement proceedings and international Regulatory Compliance.
He has been following the GDPR closely; he has been receiving calls from US businesses trying to interpret the new regulation. We are pleased he took the time to share some information with us.
***Please note that The Awesome Muse, its writers and editor is not an attorney, nor is this article to be considered legal advice.***
4 GDPR misperceptions addressed by attorney Robert Cattanach
Do you need to be GDPR compliant? Attorney Robert Cattanach addresses 4 common misperceptions about how to handle compliance as a blogger in the US.
The GDPR legislation has had unexpected impacts on US companies that have been both over and under stated.
There are a lot of misperceptions about the GDPR in the US and Canada. Four of those misperceptions are:
If I don’t have operations in Europe, it [GDPR] doesn’t apply.
Wrong. Any US company offering goods or service to EU residents – i.e.anyone with a website – is likely required to comply,” Cattanach says.
If I am covered by the GDPR I have to appoint a Data Protection Officer (DPO) in the EU.
Wrong. A US company’s obligation to appoint a DPO, or even a designated representative, is a complex and highly fact-depedent analysis,” Cattanach says.
If I’m a small to medium-sized US company, there’s virtually zero chance of any enforcement action against me so I can just wait until we understand better how it’s all going to work.
Maybe – maybe – right. EU regulators will likely target the larger companies, especially US tech companies, at first but GDPR allows private citizens to lodge complaints, and even bring class actions. All it will take is one disgruntled customer or employee whistle-blower to spotlight someone who thought they could fly below the radar for a few years. If your appetite for risk is voracious, you might avoid detection for a while. But if you completely ignore GDPR and get caught, the financial exposure to penalties and long-term scrutiny could be breathtaking,” Cattanach says.
What’s a blogger to do about the GDPR?
Thank you to Robert Cattanach for providing the above clarifications about how the GDPR impacts US bloggers. There’s a lot of confusing information swirling around out there. But there are some reliable solutions you can use. However, nothing I mention here is a substitute for consulting with your attorney for advice tailored to your specific needs.
But WordPress has your back. If you haven’t installed the latest update, it’s time to do so as they have hooked you up with some helpful privacy tools. You’ll find some privacy statement templates and other privacy tools to get you started. And best of all, there’s no charge for these.
There are also some plugins to help you with your compliance obligations:
- Cookiebot – manages your cookie consent and notice
- GDPR Cookie Compliance – another cookie consent and notice option
Please note that these plugins do not satisfy all of your GDPR compliance, but they do help provide solutions to parts of your compliance obligation.
If you send emails to a list, you’ll be glad to know that most of the third-party email providers have programs in place to help you meet your compliance obligations.
We hope that this helps clear up some of the confusion surrounding the GDPR.
You may also enjoy reading:
We know you work really hard as a blogger. Here are some great tips for your friends to help you share your blog.
Another great tool to help you promote your blog is Boardbooster. Have you tried Boardbooster Tribes yet? They really help expand your reach.
If you’re reading this and you’re not a blogger but have been considering starting a blog, check out our tips on why you should be blogging for your business.