1. Home
  2. Forums Index
  3. WebmasterWorld / Website Regulatory Compliance 11:56 pm May 20, 2026

Forum Moderators: webwork

Message Too Old, No Replies

The GDPR is just one step; not the beginning nor the end

         

iamlost

6:51 pm on Aug 22, 2018 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



A lengthy tangential comment replying to comments from GDPR might be causing higher bounce rate [webmasterworld.com] and others; posted here so as not to further disrupt those threads actual topic.

While the current focus is on the EU's GDPR it is worth mentioning that a good many jurisdictions have and/or are planning increasingly stringent data and privacy laws. Including states within the overarching USA. Rather a lot of online standard behaviour is already in violation somewhere, it's just that somewhere is increasingly everywhere.

To those that are upset at the GDPR I have two comments:
1. Just wait until the ePrivacy regulations (superseding eP directives) goes into effect...
2. The GDPR protects personal data as set out in Article 8 of the European Charter of Human Rights; the upcoming ePrivacy is meant to protect privacy as set out in Article 7. The web is simply being told it's not exempt.

Oh, and meta data will soon needs be treated as personal/private data...

Before anyone gets on their high horse or NIMBY of choice remember that the Internet/web is global and jurisdictional requirements vary. Blocking certain traffic is a viable option if one is sufficiently opposed to particular geo requirements. For instance I refuse to use servers in certain jurisdictions. Yet another business decision.

The ignorance and incompetence that is just as widespread offline is simply more obvious online.

That webdevs will be increasingly held responsible for their sites behaviour despite not knowing how to configure WP/themes/plugins beyond defaults or just what all those third party inclusions are up to is better late than never.

That many/most enterprise sites (let alone small medium ones) are incompetent in their GDPR compliance visitor interface (waves to Leosghost) and/or resulting site behaviour means that once again there is a significant competitive advantage to the nimble.

Rather than complain take advantage. Be the best in yet another vector of webdev. And know the current and prospective applicable jurisdiction behaviours so as not be 'surprised'. For example both keyplr and I tested GDPR visitor interfaces long prior to their being required. And then we went universally live - offering equal rights/privilege to all not just EU visitors. I'm sure our interfaces are different but appropriate to our sites and audiences and not the typical back button inducing overlays. The point is that we saw what was coming and prepared - unlike the vast majority of competitors who did not and largely are not. Competitive advantage!

Most jurisdictions have not been broadly enforcing their regulations, however as the EU goes so I expect smaller jurisdictions to follow. Do you know the variations among the US states, of the US federally? Do you know what is required by Canada, Australia, or other TTP countries? Etc.

Are you broadly compliant or restricted to a relatively small locale?
Are you in angry denial?
Or are you proactive and adapting before your competitors?

tangor

2:46 am on Aug 23, 2018 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



In addition to all above, the ad servicing companies (think adsense) which webmasters cut and paste will soon be facing their own problems for privacy/tracking and data mining of personally identifiable information (PII). When that happens (and it will) expect there to be changes to the old style advertising model where "publishers" just pasted ad scripts willy nilly. I suspect there will have to be some kind of AGREEMENTS and CONTRACTS involved to insure the ads are placed properly and that the publisher is a responsible party. Plan ahead. Webmasters will have to be compliant in safe-guarding ANY PII that crosses their systems.

More, your ISPs will have to also be in compliance and they might want MORE info about who "you" are before selling space on their systems (again, responsible for their compliance to privacy issues). I suspect a few "webmasters" out there will not be that happy in that regard.

One (I suspect unintended) consequence of chasing User Privacy Protections will be the ultimate elimination of Anonymity (governments are desperate to end that!). In the real world you can't have both with equal enforcement, much as one might wish.

Sadly, this will ultimately end up with UNIVERSAL PERSONAL IDENTIFICATION CARDS for each person on the planet, much less the web and guess who would have all that info?

One of those "beware what you ask for" questions is seeing that worst nightmares are only beginning. Not conspiracy, just logical extensions of where humans go with every "regulation" implemented. X leads to Y and Z, somewhere down the line, is the result. History proves this is correct, sadly few know history these days or have the critical thinking to do logical extrapolation.

Dimitri

1:14 pm on Aug 23, 2018 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member Top Contributors Of The Month



At some point, the EU was requiring data about EU citizens to be hosted physically in the EU, Internet Giants more or less bypassed this, by obtaining a more or less implicit consent from their user to transfer their data to the USA.

With the GDPR, I no longer see mentions of requirements about where the data are hosted. Just that users have to be clearly informed.

But imagine is one day, the EU enforces a requirement that EU 's citizens data be kept in the EU and at the same time , the USA forcing US citizens data to be kept in the US. Imagine the mess it would cause, especially for small or even average web masters.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. WebmasterWorld / Website Regulatory Compliance 11:56 pm May 20, 2026