GDPR Hall of Shame for 2018

Just in case you haven’t had enough news and information about GDPR, or the General Data Protection Regulation here is more news and information about GDPR. However, it’s time to lighten the mood a bit.

The flood of email that hit your Inbox with those four pesky little letters has really been sent to help safeguard your privacy. The GDPR regulations are supposed to make the websites you visit show you how they use your personal information and give you ways to control what can and cannot be stored or shared by that website.

Because all of your favorite websites now have to ask your permission to store their visitor’s data,  you have to accept their new privacy policies even though you already accepted their privacy policies, allow them access to things you granted years ago, and click Yes to continue receiving their newsletters and snarky emails about GDPR.

Many websites worked hard to meet the deadline and make a smooth transition from “We’re going to secretly use your data however we please and never tell you about it” to the new “Oh darn, the glory days are over – Click Here to have complete control over what we can and cannot share.” For most sites, this change involved making it easy for you to accept the new settings with a single master Click on a box that said Yes.

Although they had two years to make the necessary changes to their sites and policies, other websites appear to either believe the new rules aren’t going to affect them at all or left the job of updating their site until the very last minute. Instead of making it easy for their visitors to grant the permission as they wished, some sites just shut down all access to visitors from the European Union, which is where the whole GDPR thing was born. Others shut down altogether, an approach that seems a little extreme to me.

Now infamous for it’s interesting approach to the “ease of use” idea, Tumblr has become the poster child for How Not to Make GDPR Easy. Instead of creating a single Opt-Out button for the users who wish to deny Tumblr the use of to their personal data, Tumblr forced anyone who wished to continue to use their website to click through 322 opt-in buttons. That’s three hundred and twenty-two.

Those 322 Opt-In buttons landed Tumblr in First Place in the newly-formed GDPR Hall of Shame. And rightly so. I can’t help but wonder how many users felt it was easier to just abandon or close down their Tumblr website then to click 322 times.

My personal favorite of all of the fall-out, or, I mean, effects of the new GDPR rules has got to be the appliances that began questioning their owners. Televisions, refrigerators, and other objects began forcing their users to accept new Privacy Policies or clicking through the Opt-In or Out process before they could use them again. That’s the best.

Last but definitely not least, the website Zoom wins an award for either Standing Up to the Man, or just plain getting the whole concept of GDPR completely wrong. I’ll let you decide. Instead of giving their customers the options to Opt-Out, accept new Privacy Policies, or Opt-In to only the content they wished to receive, Zoom emailed out an invitation to Opt-In, or, Opt-In, but a little less In. Since the fines for getting it wrong can be substantial I suspect Zoom will find a new approach before long.

The Hall of Shame list is long and worth a good laugh if you read the whole thing. However, the idea of GDPR is really a solid step forward toward protecting the personal data collected by websites and controlling how that data is used.

If you would like more information on GDPR or wish to discuss your own website needs, please contact us here at GreenCup Digital and let us keep you out of the GDPR Hall of Shame.