We’ll start with good news and address the second question first. Members of the eClincher community mostly manage the Internet and social media presence of certain brands, personalities and topics. If you fit that description, then emerging European GDPR regulations shouldn’t have much impact on what you’re doing now and you can continue working pretty much the same way.
As for the first question, “What is GDPR?” — it’s a topic you should understand, so please read on. If you wind up with further questions about compliance as it relates to you, you should certainly do more research and possibly consult with a lawyer.
What Is GDPR?
You may be noticing a lot of recent emails from social media and web services about updates to terms of service and privacy policies. This rising frequency is the race by these services to be compliant with GDPR before it goes into effect on May 25.
GDPR protections originate from Europe but essentially apply to Internet users worldwide
GDPR stands for General Data Protection Regulation and it applies to services consumed in any of the 28 European Union member countries. Plus there’s a parallel version called Data Protection Bill that applies in the UK as that country leaves the EU through its Brexit initiative. It doesn’t matter where a company’s based in terms of corporate headquarters or data architecture. If service is provided to users in the EU or UK, which comprise most of Europe, then the provider has to comply. So this applies to Twitter, Pinterest, LinkedIn, Google (including Youtube) and Facebook (including Instagram).
These companies have to implement “privacy by design”. That means their users need access to clear understanding of who’s doing what with personal data. They also need to expressly consent to this arrangement. This is the basis of the emails about new terms and policies you may be receiving. Additionally, providers of web services must take measures to:
- only process data within authorized purposes
- assure particular levels of information security
- ensure that data are accurate
- delete content under certain conditions
- minimize exposure of user identities
- notify authorities and subjects about breaches should they occur
There are all sorts of specific measures that must be taken in these directions. The goals are greater privacy, transparency, and security in how people’s personal data are managed. This may drive some changes in areas like integrations between web services and personalization of advertising.
How does GDPR apply to me?
For now, if you’re just posting to social media services and not running one, there may not be specific work for you to do. The overarching steps being taken by the major social media services address GDPR compliance requirements.
But, if you think what you’re doing with social media may have particular GDPR implications, we advise you to seek legal advice. For example, if you’re importing content from social media engagement to CRM (customer relationship management) systems, that may be a topic on which you should achieve clarity. And you may also want to look into GDPR implications of other activities like opt-in/out practices applied to promotional emails. If you’re feeling that GDPR implications for you are something to understand better, here’s a service that may be helpful to your considerations.
Overall, the onset of GDPR is consistent with trends of Internet users demanding more respect. Their confidence is the ultimate key to all of the enormous value achieved with the Internet. This is important for your consideration regardless of whether there are any specific steps you take for GDPR compliance. Be open about what you’re doing and why, and respectful of your communities.
Users of social media and Internet services expect privacy, security and transparency
Something else interesting about GDPR is that it illustrates how completely global the Internet is. These are European laws, applying strongly to US incorporated companies, and setting standards that become effective for users worldwide.
Will there be further regulations more specific to what people post on social media and how they engage? Perhaps. Regardless, it’s advisable to use the onset of GDPR as an opportunity for each of us to consider our social media conduct and whether we’re as open and respectful as possible. Then, take steps accordingly.
eClincher and GDPR
We have done a diligent assessment of GDPR and how it applies to eClincher software. We’ve been doing work related to changes by the services with which we interface, which has gone smoothly, and the experiences our customers and users have are substantially remaining the same. eClincher services are GDPR ready, and we’ve created a page on our web site elaborating.
We’ll finish this post with one last disclaimer and suggestion. We are not lawyers. eClincher is a software company. This post is based on our research and understanding, but should not be considered legal advice. Have questions about how these new laws apply to you? We recommend consulting with appropriate, credentialed experts.