Data protection / GDPR

Hi all

On a recent thread the topic of the EU’s GDPR data-protection legislation came up. For those who don’t work for large companies, you may appreciate seeing how seriously they are taking it.

Yes it’s a pain but there are good reasons behind it – you only have to look at the huge leak of data by Facebook to Cambridge Analytica to see why.

Anyway, this letter deals with surveys, just one aspect of the legislation.

For those of you thinking “I don’t live in the EU, it doesn’t apply to me”, be aware that it does apply if your client has any exposure to EU countries, for instance if any of it is aimed at the EU audience.

All the best


I wonder how the Guardian newspaper will manage after it’s emerged they collected data on hundreds of millions of Facebook users through their smartphone app. Apple once said that for them computers are the products, whereas for companies like Google and Facebook you are the product…

Parts of this new legislation shouldn’t bother small businesses too much in theory, but there may be areas like the one mentioned above where we’ll have to be careful. I’m about to start on a website for a client that will have a members only area for teachers showing kids with learning difficulties and I made a point of pushing her to check whether she would have problems with this new law.

As mentioned about Apple: (Though it’s behind a paywall and I’m not sure if it’s free-to-view or not.)

The gist of the article is that Apple has a conservative approach to using customer data and that the Facebook case shows that this is the right tack.

Tim Cook said of the Facebook issue: “I wouldn’t be in this situation.” He criticised Facebook for not reviewing that apps that use its social network.

If anyone wants to look into it a bit more, there’s this:

We don’t know 100% for sure what Apple does with our data, however they made a very public statement about safeguarding our privacy, whereas Android and Facebook apparently go out of their way to know as much about us as possible and their business is selling that data. I’m therefore more inclined to trust Apple and I wonder how much will actually change with Facebook etc, because people will keep clicking accept buttons.

I’ve received a few invites to very expensive one day courses to learn about this new law and it smacks of opportunists trying to scare the living daylights out of small businesses for quick profit.

1 Like

I often wonder if ET was subliminally warning us to future events when he kept saying “phone home”.

Personal data mining is the unforeseen but most profitable commodity in todays world. People would be frightened if they understood its magnitude and how its being used, bought and sold.

1 Like

And here is what Apple is doing.

Over on the Rapidweaver forums I’ve seen a few designers getting rather uptight about the GDPR legislation and in one case BDSG, which I have since learned is the German implementation of GDPR. Why does all of this sound like it was hatched in an East German cold war committee room?

Some are taking it to rather unnecessary extremes in my opinion, such as asking developers to redesign their stacks and asking questions over whether the use of Google fonts or a CDN, such as CloudFlare will put them in breach of the new regulations. The key point seems to be that everything should be self-hosted on servers inside the EU to avoid potential legal issues in the future.

I can’t help feeling they are making life deliberately difficult for themselves, but then I remember the EU VAT laws that were ultimately as bonkers as first described. Is there anything in Blocs we need to consider here when building websites? In Rapidweaver for example, you can select an option to have Font Awesome and jQuery loaded locally, rather than via a CDN. Perhaps this is one for @Norm to address. though I’m sure he’d rather be enjoying a cool beer, given the first flash of decent weather we’ve had this year.

1 Like