As we enter 2018, there are two things that are guaranteed:

  • We are going to continue to see an increase in cyber attacks
  • We are going to see an increase in regulation

As the attacks continue, and as the amount of damage to citizens around the world continues to skyrocket, governments are stepping in and putting more regulations in place. And the latest of those from the European Union is the General Data Protection Regulation (GDPR).

One thing we do know for sure is GDPR is going to be enforced – this regulation looks like it is going to have teeth. Unlike other regulations where the fines have been so low as to be negligible, it appears that GDPR will be strongly enforced with significant penalties.

Another thing we know for sure is that GDPR applies to any organization that collects and stores data about individuals on its website. And if even one person from Europe enters their personal information on your public website and hits submit, then you’re covered by GDPR and subject to all its provisions.

But what don’t we know?

Can the EU Really Enforce This?

We used to live in a world where physical boundaries were relevant. If I was physically in the US I abided by the US laws. If I wasn’t in the US, I didn’t have to abide by its laws. Now with the Internet and cybercrime, you could be anywhere in the world and still have to abide by another country’s laws. So the real questions is can the EU actually enforce this against US companies that do not have a presence in the EU?

In theory the answer is yes. If you are a US company and you have information on European citizens that you are not protecting in compliance with GDPR, then EU authorities can still come after you and could still fine you. But would it be in a US court? A European court? How would that work? But here’s my suggestion – don’t be the first one to find out!

Can You Make it so People Waive Their Rights by Entering Their Data?

This answer is no. If people enter their personal data on your website, and they are an EU citizen, then they must be protected. This means that you can’t have a message on your site to the effect of “If you enter your information, you are waiving your rights to GDPR.” Or similarly, “We don’t comply with GDPR, so it’s your choice to enter your data.” What’s still up in the air is whether you can just tell people not to enter their data at all because you don’t plan to comply.

If your website outlines what data is saved and what it will be used for does that establish an agreement between you and the submitter?

This is a case where clear documentation and communication will make the difference. Your website should clearly state what data you’re going to collect and save and where it’s going to be saved. If you get dinged, this could help limit your liability. (Note, I am not a lawyer and this should not be construed as legal advice.) What’s clear is that the enforcement bodies are going to look at whether you have a documented approach to handling data, did you follow your stated procedures, and did you make a good faith effort to protect the data. Intent and practice are important here.

You’ll be hearing a lot more about GDPR as the deadline approaches. If you want to learn more, contact us a call for more information.

Did you miss our recent webinar on 5 Things You Might

Previous articleDr. David Karli- What can be found in the Gym Food Store
Next articleWays to Increase Your Sales
Star of Discovery Channel’s “Undercover Billionaire,” Grant Cardone owns and operates seven privately held companies and a private equity real estate firm, Cardone Capital, with a multifamily portfolio of assets under management valued at over $4 billion. He is the Top Crowdfunder in the world, raising over $900 million in equity via social media. Known internationally as the leading expert on sales, marketing, and scaling businesses, Cardone is a New York Times bestselling author of 11 business books, including “The 10X Rule,” which led to Cardone establishing the 10X Global Movement and the 10X Growth Conference, now the largest business and entrepreneur conference in the world. The online business and sales educational platform he created, Cardone University, serves over 411,000 individuals and Forbes 100 corporate clients throughout the world. Voted the top Marketing Influencer to watch by Forbes, Cardone uses his massive 15 million plus following to give back via his Grant Cardone Foundation, a non-profit organization dedicated to mentoring underserved, at-risk adolescents in financial literacy, especially those without father figures.