Data protection (GDPR)
In May 2018 Europe upgrades to the General Data Protection Regulation (GDPR), the biggest overhaul of data protection and privacy since 1995.
Why you need to know
If you do business in or with Europe, GDPR applies to you, even if you are not located within Europe. It will also apply to UK businesses trading within Europe regardless of Brexit. The rules apply to the data you collect and use within your business as well as the data you collect and use in your web sites and apps.
A healthy approach to data protection and privacy will protect your business as well as your users in these politically uncertain times.
What will it mean for you
GDPR is a complete overhaul with upgraded rules and requirements for anyone collecting, processing, storing, and sharing personal data. The amount of work you will have to do to come into healthy compliance will depend on how familiar you were with the existing data protection and privacy rules. These rules, both old and new, are about everyday business processes, not tick boxes or legal statements.
What about after Brexit?
The UK is going into GDPR regardless of Brexit. The question is what comes after that.
- By me:
- My guide to compliance for designers and developers
- My guide to compliance for small businesses and startups (Business Gateway)
- Me and Dan Barker’s guide to compliance for e-commerce businesses
- How GDPR will change the way you develop (Smashing Magazine)
- Intro to the Privacy by Design framework (Smashing Magazine)
- WP Campus: GDPR, privacy, and WordPress
- WP Tavern podcast: GDPR and user privacy
- WordPress 4.9.6 privacy notice tool (thanks team!)
- Afterbrexit.tech side blog where I monitor EU tech policy through the Brexit process
- All blog posts on data protection
- Official EU links:
- National data protection authorities: