Get Started Now With Shutterstock

The Marketer’s Guide to EU’s General Data Protection Regulation

The majority of Relevance readers live and work in the US. However, the EU’s General Data Protection Regulation (GDPR) has the potential to impact any business with a website no matter its geography. There’s potential to be fined even if you don’t have customers in the EU. Businesses around the world are working on or have finished their compliance to this new regulation. It goes into effect May 25, 2018.

There are two primary groups that must comply with the GDPR:

  1. Businesses located in the EU
  2. Businesses not located in the EU, if they offer free or paid goods or services to EU residents or monitor their behavior (Ebook downloads?)

It’s designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy.

It seeks to apply these three updates to the existing 1995 law:

  1. A new transparency framework
  2. A new compliance journey
  3. A new punishment regime

Here’s some important information to know regarding the change and its penalties:

  • Companies have 72 hours after learning of a data breach to send a notification to your regulators
  • Fines can reach 4% of annual global revenue (or €20 million, whichever is greater)
  • Consumers now have the right to have data deleted, the right to move data (data portability), and the right to object to data processing, among others

The below is a truncated list of a person’s “data bill of rights.”

Breach Notification – companies must notify individuals if their data has potentially been accessed.

Right to Access – companies must provide individuals with electronic access to their data.

Right to be Forgotten – businesses must delete and cancel all third-party processing of an individual’s data if requested.

Data Portability – individuals can request their data in a commonly used digital format and move it to another data controller.

Privacy by Design – calls for the inclusion of data protection from the onset of the designing of systems.

My biggest concern with this new law is a potential wave of ambulance-chasing European lawyers making lists of US and other foreign companies out of compliance this year to sue. It might even cause some small online businesses to pull out of Europe entirely.

My advice to companies that do NO business in Europe and never intend to is to simply block all European IP addresses. There’s no need to be compliant with the regulation or be harassed by ambulance chasers.

Chad Pollitt

https://www.relevance.com/wp-content/uploads/2018/02/Chad-150x150.jpgChad Pollitt, a decorated veteran of Operation Iraqi Freedom and former US Army Commander, is the Co-founder of Relevance, the world's first and only website dedicated to content promotion, news and insights, and is the current VP of Marketing for inPowered.

​He’s also a former Adjunct Professor of Internet Marketing at the Indiana University Kelley School of Business and current Adjunct Instructor of Content Marketing at the Rutgers University Business School. Chad is a member of the Advisory Board for native advertising platforms, inPowered and AdHive.

Recognized as a top 20 CMO influencer, Chad authored "51 Things Your Mother Taught You About Inbound Marketing." He is a regular contributor to industry media outlets, including the Huffington Post, Social Media Today and Guardian.

  • 1.3K
  • 05/22

Champion Sponsors

Relevance is proud to present our Champion Sponsors that help make our site possible.