Everyone is receiving privacy emails in response to the EU (European Union) GDPR (General Data Protection Regulation) being enacted for websites. It can feel like a “house on fire” when you also start hearing fearful proclamations about making your own website compliant. So let’s take a deep breath and face reality.

Why Website Privacy Laws?

The Internet has been largely unregulated for the last 20 years or more. There has been tremendous growth in business. 60 Minutes did a segment last week called “How did Google get so big?” Facebook’s relationship with Cambridge Analytica and the transfer of users’ personal data also drew attention to the website’s privacy. The internet is now a booming industry used by just about everyone, so regulation is on the horizon.

A few months ago, website owners were rushing to get SSL certificates for their websites and make them appear more favorable to users and Google search. SSL not only changes your website from HTTP to HTTPS, it also offers a level of protection for the web visitor… the consumer.

So now the EU has stepped in with laws requiring disclosure of how websites treat personal data. Once again, this is for the web visitor…the consumer. It offers a means to understand if your personal data is collected and how it is used.

I don’t live in Europe: why does GDPR apply to my website?

Businesses are adapting to the new EU regulations in the US in the form of adopting GDPR as a matter of practice because it provides consumer security. People like to know that nothing is wrong with their personal information. If he saw any of Mark Zuckerberg’s testimony in front of Congress, he probably noticed that a lot of the questions were about what information is collected and where it goes. That’s why you’re getting emails from everyone!

What does GDPR compliance look like?

GDPR is all about disclosure, so by adopting GDPR as a guide, compliance starts with two words “declaration and consent”. Best practices are to have a Privacy Statement and ask for Consent when using your website to collect information from users.

The Privacy Statement can be written from an example page found in the latest version of WordPress (version 4.9.6). This is a new page is a guide and your own website may contain elements that differ from this scheme. This new page can be added to your website structure, preferably via a link at the bottom of the website.

To demonstrate consent, a checkbox can be added to any form that collects information from a web visitor. Checking the box confirms that they know they are giving you personal data.

It’s time to start. Having these pieces of the new regulations in place on your website will indicate to users that you are a good webmaster!