Not Implementing GDPR – Are You Feeling Lucky?

It is not hard to be in compliance with the EU's GDPR.
It is not hard to be in compliance with the EU’s GDPR.

So far only one of my US based webmaster clients has taken notice of the changes needed to their website to be EU compliant with the new GDPR rules on EU citizen privacy.

This is what I hear from clients:

  1. I do not sell in the EU so this does not apply to me.
  2. I don’t care if I have EU visitors. No one will prosecute me.
  3. I guess I am feeling lucky and so am not doing anything.

Let me demystify something please.

  1. It is not complicated to make these changes.
  2. There are free cookie handling scripts for this.
  3. Your privacy policy needs just a few minor changes.

For most clients we work with, the implementation would be under one hour and the cookie acceptance script is free unless you are on https and then expect to pay about $100 for the script.

The site update is not obtrusive, yet gives you protection. Although our own website does not get a lot of traffic from the European Union, factor 30 day traffic times 12 months. That number is high enough to think twice about saying no one will find me out.

One of our clients who said he did not want us to implement the updates, and said he was feeling lucky. But later sent an email and said go ahead and make the changes. He was feeling lucky but also wanted to be safe.

From my point of view, making this relatively simple update for most sites is a no brainer and I am baffled as to why more US business sites are not updating to this important change.

Being transparent with website visitors is important, not hard to do, and is the right thing to do. That is what the EU’s GDPR is all about.