Paper boy holding tablet and shouting

This week I have mostly been pulling this website into GDPR (General Data Protection Regulation) compliance, and it was something of an odyssey.  The GDPR crept up on us, we’ve been focusing on other things and although we were EU Cookie Law compliant for the most part, the GDPR is a much wider and more complex requirement.

I don’t necessarily think it is a bad thing, but it is having a massively negative effect on a lot of website owners. Particularly micro-businesses and bloggers. I have seen various bloggers, who have good-sized audiences, talk about giving up on blogging completely as turning off comments (which are covered by the GDPR)  runs contrary to the purpose of their blogs. Think mum blogs, food blogs etc. I myself will be advising a couple of clients to turn off commenting as they do not need it, and having commenting available opens up a whole can of worms about data collection. In leaving a comment, the commenter may open themselves up to having Personally Identifiable Information (PPI.. haha) online.  That comment then constitutes data that we have to protect, and delete if requested. Imagine if you have a healthy comment section, it could turn into a full-time job just keeping track of everything.

Commenters are (usually) not registered users, so there is not a ‘user’ that can delete their comments without contacting the ‘data protection’ officer/champion/whatever ridiculous term we can come up with. There is a good plugin that covers this – Delete me, but that requires the person wanting to delete their data to be actually registered on the site. Something we don’t do here. I will most likely be using this for a couple of client sites. 

It’s been a learning curve, and one that I still have some distance to travel as we maintain a website for a charity that involves ecommerce and user accounts. Hopefully the journey gets more efficient each time. As the GDPR comes into force in 8 days, time is something of a luxury we don’t have. 

Pin It on Pinterest