• About
    • History of Dallas SEO
    • SEO Expert Witness Services
  • Contact
  • Topics
    • Bing
    • Blogging
    • Branding
    • Domain Names
    • Google
    • Internet Marketing
    • Link Building
    • Local Search
    • Marketing
    • Public Relations
    • Reputation Management
    • Search Engine Marketing
    • Search Engine Optimization
    • Search Engines
    • Social Media
    • Tech
  • Advertise
  • Email Newsletter

Bill Hartzer

Bill Hartzer on Search, Marketing, Tech, and Domains.

SEMrush

Home » Internet Marketing » What is GDPR And Why Should You Care?

What is GDPR And Why Should You Care?

Posted on May 9, 2018 Written by Bill Hartzer

GDPR Compliance

What exactly is GDPR, and if you have a US-based business with a website, why should you care about the upcoming deadline of May 25, 2018? I recently talked to a few businesses, and they didn’t know anything about it. And, they’ve never heard of it. As someone who is involved daily with digital marketing and search engine optimization of websites, I have to tell you that if you’re an EU-based business then you’ll need to comply with the new GDPR regulations by May 25, 2018. If you’re not in the EU, then you actually should care about it, as it will have an affect on your website–at a minimum, your Google Analytics data.

Jump To

  • What is GDPR?
  • GDPR Questions and Answers for US-Based Companies
    • Does GDPR affect US companies? YES
    • What types of PI data is included in GDPR?
    • What are the fines for not being compliant?
    • Do US companies need to worry about EU enforcement? YES
    • What US-based Companies Should Consider

What is GDPR?

To answer that question, it’s best answered by my friend Jenny Halasz, who wrote an article about it in Search Engine Journal:

“GDPR is short for General Data Protection Regulation, and it’s going into effect on May 25, 2018 in the European Union and the associated countries. Its purpose is to finally make good on a legal question from several years ago about how data is used and whether individuals own the data that they create by interacting with websites online. The courts ruled that individuals are the owners of their data, not the corporations (or websites) that collect the data. Therefore, it must be deleted on a regular basis so that customers don’t have to constantly contact websites they may have visited and ask them to delete their data.”

While the GDPR is specific to businesses with websites in the European Union countries, most websites don’t currently block visitors from visiting their websites from EU countries. Even US-based businesses should consider whether or not they need to delete that data or not. Of biggest concern at this point is how Google Analytics deals with the data that’s collected, and if a setting isn’t changed in the GA account by May 25, they could lose all of the Google Analytics historical data older than a certain number of months, which is 26 months.

After consulting with a few of my legal contacts, they basically told me that the biggest concern for US-based companies is that someone in the US could sue a business with a website for not complying with GDPR-like regulations. In my professional opinion, even though a US-based company doesn’t do business in the EU, they do get EU-based website visitors. We don’t know how EU regulators are going to enforce these regulations at this point. Regardless, US-based companies with websites should be aware of GDPR, and consult their legal team before deciding whether or not they will retain the data or not.

For US-based websites, there are choices, as I personally see it:

  • Do nothing, and keep retaining the data. Set Google Analytics so you retain all of the historical data.
  • Comply with GDPR regulations and delete all data older than 26 months.
  • Completely block all traffic and visitors to your website that come from European Union countries, telling them they can’t access the website.
  • If a visitor comes from an EU country’s IP address, you could redirect them to a landing page telling them that you don’t comply with GDPR, so you’re not letting them access your website.
  • If a visitor comes from an EU country’s IP address, you could have a popup come up or a message on the website that tells them that you DO comply with GDPR, and you don’t save data older than 26 months.

Those are few options—at this point, for US-based business I recommend that you DO continue to collect the data via Google Analytics and update the GDPR settings. You can find out more information here: https://support.google.com/analytics/answer/3379636. Here’s a screen shot of what the Google Analytics settings looks like:

google analytics GDPR

GDPR Questions and Answers for US-Based Companies

Here is a list of several different questions and answers, along with data points that explain the GDPR implications for US-based companies. However, even if you are outside the US, then you still will want to understand these points.

Does GDPR affect US companies? YES

  • If your company has an online presence, a website that can be accessed by any person in the world (which you more than likely do), then you need to be very aware of what’s going on with GDPR. (via Business.com)
  • Any company that stores or processes personal information about EU citizens within EU states must comply with the GDPR, even if they do not have a business presence within the EU.
  • Gartner predicts that almost 50 percent of U.S. businesses will not be able to comply with GDPR in time.
  • A PwC survey showed that 92 percent of U.S. companies consider GDPR a top data protection priority.

    What types of PI data is included in GDPR?

    Thee are certain types of PI data (personally identifiable data) that is included in GDPR. Here’s more info about the Personally Identifiable data involved in GDPR.

    • Basic identity information such as name, address and ID numbers
    • Web data such as location, IP address, cookie data and RFID tags
    • Health and genetic data
    • Biometric data
    • Racial or ethnic data
    • Political opinions
    • Sexual orientation

    What are the fines for not being compliant?

    What are fines for being non-compliant with GDPR? They are pretty large.

    • Data breach within 72 hours
      – Option for Class Action lawsuits
      – Suspension of personal data processing in case of non-compliance
      – In addition to fines up to 2% of annual revenue or €10 million for technical infringements
    • Non-compliance with fundamental principles and rights
      – 4% of annual revenue
      – or €20 million

    Do US companies need to worry about EU enforcement? YES

    • Agreement Between the UNITED STATES OF AMERICA and the EUROPEAN UNION – This gives the EU the ability to sue US companies (Reference – Article 3(F)
    • Evidence of past US settlements over Privacy Shield

    What US-based Companies Should Consider

    If you are a US-based company, what other things should you consider?

    • Past lawsuits in the EU over privacy and the right to be forgotten
    • Politics
    • Corporate tax cuts bringing $ back to America
    • Recent blow up of privacy and censorship via Facebook, Google, and Twitter

    Keep in mind that I’m not a lawyer—so I do recommend that you consult with your legal team before making any changes related to GDPR. And, if you decide to block EU visitors, there are ways to do that–and I can help steer you in the right direction. Or, if you have questions about GDPR, and whether or not you’re compliant or not, let me know and I can help.

Filed Under: Internet Marketing

SEMrush

About Bill Hartzer

Bill Hartzer is CEO of Hartzer Consulting, an SEO Consulting firm that includes services such as search engine optimization, technical SEO audits, domain name consulting, and online reputation management. As an SEO Expert, Mr. Hartzer frequently serves as an SEO Expert Witness and Domain Name Expert Witness in legal cases worldwide.

Recent Posts

  • ChatGPT Versus Google Bard: Which is Better? March 22, 2023
  • All Domain Names Need SSL: Parked Domains Are Losing Traffic, Revenue March 17, 2023
  • Google is Finally Sunsetting Google Glass March 16, 2023
  • Microsoft Teams Free Classic Shutting Down April 12, 2023 February 21, 2023
  • GoDaddy Customer Loses Domain Name Due to Auto Renew Fail February 9, 2023
  • dotDB is Not Shutting Down February 1, 2023
  • Someone Stole My Domain Name: Here’s What You Do January 4, 2023
  • Web Hosting Services Market to Grow to $254.86 Billion by 2029 December 13, 2022
  • This SEO Blog Post Was Written by ChatGPT December 8, 2022
  • Facebook Rolling Out Facebook Articles December 7, 2022
  • Doing SEO is Better Than… December 6, 2022
  • Tucows and GoDaddy Report Q3 2022 Results November 6, 2022
  • How to Measure App Events Sourced by Organic Search and SEO September 20, 2022
  • Google Allegedly Eavesdrops and Monitors the Brain 24 hours a Day to Control Humanity September 14, 2022
  • Why You Shouldn’t Hire SEOs Based on An Email September 13, 2022
  • Global SEO Market to Reach $122.11 Billion by 2028 September 9, 2022
  • Bluehost Launches New Commerce Solutions for WordPress September 8, 2022
  • Which CMS? How to Choose the Best CMS for Your Purposes August 29, 2022
  • Accidental SEO Manager: Interview with Ash Nallawalla August 15, 2022
  • Sometimes Google Isn’t Family Friendly August 1, 2022

US Agency Awards Judge

DFWSEM logo

Bill Hartzer is a Brand Ambassador for:



Industry Friends

I Love SEO
WTFSEO
SEO By the Sea
Jeff Lenney
Jeff Gabriel
Phil Drinkwater
Dixon Jones
Brian Hartzer
Navah Hopkins
DNAccess

Connect With Bill Hartzer

Bill Hartzer on Twitter
Bill Hartzer on Instagram
Hartzer Consulting on Facebook
Bill Hartzer on Facebook
Bill Hartzer on YouTube

Categories

  • Advertising (19)
  • Bing Search Engine (6)
  • Blogging (42)
  • Branding (12)
  • Domain Names (212)
  • Google (237)
  • Internet Marketing (25)
  • Internet Usage (85)
  • Link Building (53)
  • Local Search (39)
  • Marketing (182)
  • Marketing Foo (30)
  • Pay Per Click (3)
  • Podcast (18)
  • Public Relations (8)
  • Reputation Management (9)
  • Search Engine Marketing (44)
  • Search Engine Marketing Events (48)
  • Search Engine Marketing Firms (19)
  • Search Engine Marketing Jobs (33)
  • Search Engine Optimization (164)
  • Search Engines (204)
  • Social Media (192)
  • Tech (7)
  • Web Analytics (17)
  • Webinars (1)

Note: All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only, and are mentioned only to help my readers. All other trademarks cited herein are the property of their respective owners. Use of these names, logos, and brands does not imply endorsement.




Hartzer Consulting



Website, Content, and Marketing by Hartzer Consulting, LLC.

Copyright © 2023 ·