You may have noticed many of the websites you frequent are updating their privacy policies and asking you to agree to new rules. For internet giants like Google and Amazon, as well as smaller mom and pop shops, changes are coming. In preparation for a shift in laws, and attitudes, companies are quietly rewriting their contracts. Some are even rolling out new data tools. We at Web Design by Knight are doing the very same thing. We have been quietly reviewing the websites of each of our clients. In the cases where we perform additional services like blogs or email, we’re making sure our procedures and yours are in perfect compliance with the new rule: General Data Protection Regulation (GDPR). We think GDPR is going to help clean up some of the messiness of the internet. Here’s a little more about it.

What is GDPR?

In 2016, the European Union passed the General Data Protection Regulation, changing the rules on how companies can share and manage personal data. Technically, GDPR only applies to EU citizens’ data, but because the internet is global, almost everyone will be affected.

New Rules Go Into Effect May 25th

The EU has made several attempts already to protect the privacy of their citizens. GDPR takes those measures a step further. After GDPR takes affect, companies will need explicit and informed consent from a user, before they can collect their data. GDPR also requires users have a way to revoke consent. They can even request all the data a company has collected about them, as a way to verify that consent. For a long time companies have been used to collecting your data and sharing it, whenever and with whomever they choose. GDPR will be a game changer for online advertising.

Yes, there will be penalties. Maximum fines per violation are set at four percent of a company’s global turnover (or $20 million, whichever is larger). These fines show the EU takes privacy quite seriously. For Google or Facebook, no big deal. But a fine like that would finish most small firms.

What Will Change?

For our clients, not much. As your web management company we’ve already addressed it. As is the case with your security, constant software updates, functionality, and appearance, we at Web Design by Knight work constantly, quietly and diligently to make sure your site is secure, compliant and optimized. For internet users, the most noticeable changes will be in “Terms of Service” and other warnings. The new GDPR steps up the requirements for consent, which means companies will be asking permission to collect your data. In practical terms it means more “click to proceed” boxes.

The Biggest Changes Will be Happening Behind the Scenes

GDPR also sets rules for what companies do with the data they collect. That means companies have to formulate a new game plan for how they deal with analytics and advertising.  For years, advertisers have been allowed to buy and sell info on customers behind the scenes. None of these practices were ever made public. GDPR will change all that, adding more sophisticated requirements for collecting, and more responsibility for reporting, when and where your data is used.

Will the Internet be Less Creepy?

Absolutely maybe. Compliance and enforcement are two different things. Breaking the rules will be costly, but we will have to wait and see how motivated EU regulators will be to hold violators accountable.

What we do know is it will make data collection more laborious and costly than ever before, and so some companies may scale back. For some larger companies it may be easier just to separate their EU customers, as to avoid GDPR altogether. Most companies are opting for one privacy policy for all users. Separating EU customers could mean European users see and use a very different internet than the rest of the world.