One month from today, the European Union’s General Data Protection Regulation (GDPR) will start being enforced. This has been a large topic of conversation around my industry over the last 12-18 months and recently I’ve seen awareness popping up in the technology circles I follow. For those that aren’t familiar with what GDPR is, Helen Brown, of the Helen Brown Group offers a good synopsis:
As I’ve mentioned before, this is a European-based piece of legislation, but every company and nonprofit in the world will have to comply with it if they have EU-based constituents in their database. The GDPR regulates (amongst many other things) WHAT data you’re allowed to hold, HOW LONG you may hold it, and the WAYS you must communicate to your constituency their rights regarding that data. There are certain pieces of information you CANNOT hold in your database (without explicit consent), and many of them are demographic data we here in the US take for granted as being relatively harmless.
Early in this blog’s development, I implemented Google Analytics for the site. It was already rolled into the Jekyll theme I’d chosen and it seemed to be an easy way for me to track traffic to the site. In the year or so since I started the site, I think I can count the number of times I’ve looked at the site’s stats on one hand. I never set out to build this site for anyone but myself and don’t really care how many unique page views I get, so I made the decision today to remove Google Analytics from the site entirely.
Would I have been in violation of GDPR had I not removed it? I’m not sure, but I decided it didn’t hurt. I wasn’t using the data, and I don’t really care about stats or page views. Removing Google Analytics just means that, when you visit the site, you can feel comfortable knowing that I’m not tracking you in any way.
For more information on GDPR, here are some links that may be of interest: