What Is General Data Protection Regulation 2018, (GDPR)?
The General Data Protection Regulation (GDPR) is a new European Union law that will go into effect in May 2018 to regulate the processing of personal data in connection with commercial activities.
Should I be concerned with Greneral Data Protection Regulation (GDPR)?
No, I do not! Because it does not apply to me as a small business owner.
It is amazing to see how internet marketing has created so many fears and anxiety amount small business owners, including people in the Wealthy Affiliate Community. I just don’t understand why people believe in an online PR stunt, when they can just visit the EU commission to read the regulation itself.
Here, you can read it from the EU: https://ec.europa.eu/info/law/law-topic/data-protection_en
I wasn’t planning to write this post today until this morning while watching CBS this morning. Do you know what I saw on the news that I think small business owners should be more concerned than GDPR? The end of Net Neutrality! Yes, today. This means internet company can implement special price for content providers. This will affect your pocket more than GDPR. Guess what? Nobody cares! Because no internet marketing hypes, that is why.
How I approach GDPR?
Unlike the general public, I was trained to approach a new piece of legislation by looking at the shortest section, the exceptions to the rule. If I can find an exception, I put the legislation back on the shelf until the next time. I will also write this post looking at the exceptions.
Recently, I read an article that told small business owners: “it is better off to implement GDPR than relying on the exceptions.” Lol. Then they asked business owners to register for their GDPR expert compliant audit, got to love these marketers.
So, what are exceptions under GDPR?
- It only applies to processing data related to commercial activities.
Nothing to explain here.
- The processed data must be personal data. GDPR defines personal data “as information that relates to an identified or identifiable living individual.”
Here you can read about it: https://ec.europa.eu/info/law/law-topic/data-protection/reform/what-personal-data_en#examples-of-personal-data
This means collecting email alone does not fall under the regulation. It only applies if the email is like this firstname.lastname@example.org with this email you can identify the person, but an email email@example.com is not considered personal data.
To me, if you are just collecting email alone, it does not fall under general data protection regulation (GDPR), unless, you collect name and address.
- Let’s look at Small Business exception. Article 30, business under 250 employees.
This exception does not apply if “processing personal data is a core part of your business and your activity does create risks for individuals.” I am not going into the legal interpretation of this language, because I believe it does not apply to anyone here in WA.
Collecting email alone does not fall under GDPR. It must be more. Visit the EU page and read some examples they have put up. You will get a clear picture of GDPR. Ignore the internet PR is just going to confuse you more.
Let me be honest with everyone here in the Wealthy Affiliate Community, I don’t believe the EU Commission can enforce the regulation on every business worldwide. This is just comment senses.
There are more exceptions, but I will not go into it. I think these exceptions cover also everyone here in WA. I encourage you to visit the EU commission website to read it for yourself.
Lastly, please do not believe in anyone calls themselves expert on GDPR. I can tell you this, it is a scam, because GDPR has not even implemented. Even the EU Commission does not have a clear understanding of how this regulation will be enforced. You will also have the court systems worldwide to deal with. I don’t understand how can someone claim as an expert when the law has not even implemented? Most of the stuff online are individual opinions and guesses, including my blog here. If you decide to hire one of these experts, ask the expert to give you a guarantee of protection from GDPR to see how they answer.
This is my opinion and it is not intended as a legal advice or will this establish any attorney client relationship. You are encouraged to contact your own attorney to address your specific situation.