Even bloggers who don’t make any income on their sites need to pay attention to privacy regulations. And a new law just took effect on Jan. 1!
As more governments pass new privacy regulations to protect consumer data, bloggers have to make sure they stay clear on the law.
First, there was the GDPR. The General Data Privacy Regulation took effect in Europe in May 2018. It requires site owners to clearly state what personal data they collect and get implicit permission to collect it. That’s why you’ve seen sites asking incessantly for permission to collect cookies. (Unfortunately, the request isn’t about cookies of the chocolate chip or peanut butter variety.)
For bloggers, even those not in Europe, where the regulation passed, they still must comply.
If a citizen of the European Union visits your site, the law applies to you.
If you’re half a world away — or at least across the ocean — from the EU, it’s a scary thought that you could be fined for not obey the rules.
But now a new set of privacy regulations are in effect as of New Year’s Day. This one comes from California. The California Consumer Protection Act includes similarities to GDPR. But there are differences.
So what’s a web site owner to do? Therein lies the rub.
The onus remains on us, even though getting clear information on what, exactly, we’re supposed to do can be a challenge.
For a while, I used a plugin called GDPR Cookie Compliance. I liked the plugin because it promised to handle everything necessary as simply as possible. It also claimed to be CCPA compliant, yet I didn’t see anything specific to that new law.
Not wanting to take chances, I opted for a new option.
I did a little homework in researching plugin options and found a plugin called Complianz.
It’s important to note that I don’t have any affiliate arrangement, so if you decide to use the plugin, I don’t get any kind of compensation.
A free version allows you to choose which area — European Union, the United Kingdom, or California — that your website targets.
That’s a bit confusing, though, because no matter which one you target, your site must cover rules for all of them. At least, that’s the way I understand it.
A premium version, for $55 [US] per year, automatically scans your site and the location of your visitor and then presents the appropriate permission request for a visitor in that region. So if you’re visiting this site from Europe, you get a GDPR-compliant version. If you’re visiting from California, (or presumably anywhere in the U.S.), you get a CCPA version.
It’s very important that websites respect users’ privacy.
But it’s also very important that the sites have a way to make sure they are compliant that doesn’t kill their budget. (Or, for that matter, dig too deeply into a budget that doesn’t even exist!)
I don’t yet know what impact if any this will have on tracking web stats. I’ve heard conflicting information that some web owners are reporting a dip in stats because of GDPR.
I suppose only time will tell on that one.