Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Avoiding the 7 Deadly Sins of GDPR Non-Compliance - Pubcon 2018

822 views

Published on

This presentation was given at Pubcon Pro, in Las Vegas NV on October 17, 2018. In the presentation I explain the steps I took to protect myself and become compliant with a WordPress website.

Published in: Technology
  • Be the first to comment

Avoiding the 7 Deadly Sins of GDPR Non-Compliance - Pubcon 2018

  1. 1. #pubcon Avoiding the 7 Deadly Sins of Non-Compliance Presented by: Scott Hendison GDPR
  2. 2. #pubcon
  3. 3. #pubcon What Will We cover? What is GDPR?
  4. 4. #pubcon What Will We cover? What is GDPR? Who must comply?
  5. 5. #pubcon What Will We cover? What is GDPR? Who must comply? Who is covered?
  6. 6. #pubcon What Will We cover? What is GDPR? Who must comply? Who is covered? What does it take to comply?
  7. 7. #pubcon What Will We cover? What is GDPR? Who must comply? Who is covered? What does it take to comply? How did I comply?
  8. 8. #pubcon What is GDPR?
  9. 9. #pubcon What is GDPR? G D P R
  10. 10. #pubcon What is GDPR? Get to D P R
  11. 11. #pubcon What is GDPR? Get to Deny P R
  12. 12. #pubcon What is GDPR? Get to Deny Personal R
  13. 13. #pubcon What is GDPR? Get to Deny Personal Responsibility
  14. 14. #pubcon What is GDPR? G D P R
  15. 15. #pubcon What is GDPR? Gang of D P R
  16. 16. #pubcon What is GDPR? Gang of Data P R
  17. 17. #pubcon What is GDPR? Gang of Data Protection R
  18. 18. #pubcon What is GDPR? Gang of Data Protection Racketeers
  19. 19. #pubcon What is GDPR? What global entity grants them that inalienable right?
  20. 20. #pubcon What is GDPR? What global entity grants them that inalienable right? It’s your content, on your domain, that you pay for.
  21. 21. #pubcon What is GDPR? What global entity grants them that inalienable right? It’s your content, on your domain, that you pay for. Can any country just pass any law they want, and actually expect to collect from violators?
  22. 22. #pubcon What is GDPR? GDPR is a set of regulations designed to enrich the EU, protecting you from yourself as you hop from site to site with a sense of narcissistic entitlement, expecting to get free access to anything you want.
  23. 23. #pubcon What is GDPR? GDPR is a set of regulations designed to enrich the EU, protecting you from yourself as you hop from site to site with a sense of narcissistic entitlement, expecting to get free access to anything you want. </rant>
  24. 24. #pubcon What is GDPR? General Data Protection Regulation
  25. 25. #pubcon What is GDPR? As of May 25th 2018, all websites, anywhere in the world, are being forced to comply with certain privacy rules and regulations, which come with financial penalties for non-compliance.
  26. 26. #pubcon Who Must Comply With GDPR? Do you collect any info?
  27. 27. #pubcon Who Must Comply With GDPR? Do you collect any info? Do you sell any products?
  28. 28. #pubcon Who Must Comply With GDPR? Do you collect any info? Do you sell any products? Do you have newsletter subscribers?
  29. 29. #pubcon Who Must Comply With GDPR? Do you collect any info? Do you sell any products? Do you have newsletter subscribers? Do you allow blog comments?
  30. 30. #pubcon Who Must Comply With GDPR? Do you collect any info? Do you sell any products? Do you have newsletter subscribers? Do you allow blog comments? Do you use Google Analytics?
  31. 31. #pubcon Who Must Comply With GDPR? Do you collect any info? Do you sell any products? Do you have newsletter subscribers? Do you allow blog comments? Do you use Google Analytics? Do advertising cookies or pixels exist on your site?
  32. 32. #pubcon Who Must Comply With GDPR? Do you collect any info? Do you sell any products? Do you have newsletter subscribers? Do you allow blog comments? Do you use Google Analytics? Do advertising cookies or pixels exist on your site? Do you offer quotes, or let users submit contact forms?
  33. 33. #pubcon Who Must Comply With GDPR? ThenYOU are responsible
  34. 34. #pubcon Who Must Comply With GDPR? ThenYOU are responsible Every post, every comment, every form, and every web visitor that comes to your now has rights to your free stuff.
  35. 35. #pubcon Who Must Comply With GDPR? ThenYOU are responsible Every post, every comment, every form, and every web visitor that comes to your now has rights to your free stuff. Your failure to not only notify users of those rights, but to facilitate the exercise of those rights, can cost you money.
  36. 36. #pubcon Why Must You Comply with GDPR? Lower Level Fines Up to €10 million, or 2% of the worldwide annual revenue of the prior financial year, whichever is higher
  37. 37. #pubcon Why Must You Comply with GDPR? Lower Level Fines Up to €10 million, or 2% of the worldwide annual revenue of the prior financial year, whichever is higher Upper Level Fines Up to €20 million, or 4% of the worldwide annual revenue of the prior financial year, whichever is higher
  38. 38. #pubcon Why Must You Comply with GDPR? Want some worse news?
  39. 39. #pubcon
  40. 40. #pubcon
  41. 41. #pubcon
  42. 42. #pubcon
  43. 43. #pubcon Who is Covered by GDPR?
  44. 44. #pubcon Who is Covered by GDPR? Anyone that is located in the EU while browsing.
  45. 45. #pubcon Who is Covered by GDPR? Anyone that is located in the EU while browsing. It’s where you are, not who you are, or where you live.
  46. 46. #pubcon Who is Covered by GDPR? Anyone that is located in the EU while browsing. It’s where you are, not who you are, or where you live. Some experts and even attorneys, disagree on the interpretation of the law.
  47. 47. #pubcon How do you comply with GDPR? Block all traffic from the EU
  48. 48. #pubcon How do you comply with GDPR? Block all traffic from the EU
  49. 49. #pubcon How do you comply with GDPR? Block all traffic from the EU
  50. 50. #pubcon How do you comply with GDPR?
  51. 51. #pubcon How do you comply with GDPR? Block all traffic from the EU
  52. 52. #pubcon How do you comply with GDPR? Block all traffic from the EU
  53. 53. #pubcon How do you comply with GDPR? Block all traffic from the EU You can block them at server level -There are LOT of options - .htaccess,Apache modules, routing tables, Cloudflare has a PAID option, and there are even WordPress Plugins.
  54. 54. #pubcon How do you comply with GDPR? What if you can’t just block EU traffic?
  55. 55. #pubcon How do you comply with GDPR? What if you can’t just block EU traffic? Avoid the 7 deadly sins of GDPR non compliance
  56. 56. #pubcon How do you comply with GDPR? Must show users a cookie notice upon entry
  57. 57. #pubcon How do you comply with GDPR? Must show users a cookie notice upon entry Must clearly define how data might be used in T & C
  58. 58. #pubcon How do you comply with GDPR? Must show users a cookie notice upon entry Must clearly define how data might be used in T & C Must also spell it out clearly in the sites privacy policy
  59. 59. #pubcon How do you comply with GDPR? Must show users a cookie notice upon entry Must clearly define how data might be used in T & C Must also spell it out clearly in the sites privacy policy Must provide a way for users to request what data is held
  60. 60. #pubcon How do you comply with GDPR? Must show users a cookie notice upon entry Must clearly define how data might be used in T & C Must also spell it out clearly in the sites privacy policy Must provide a way for users to request what data is held Must provide a way for users to remove their data
  61. 61. #pubcon How do you comply with GDPR? Must show users a cookie notice upon entry Must clearly define how data might be used in T & C Must also spell it out clearly in the sites privacy policy Must provide a way for users to request what data is held Must provide a way for users to remove their data Must provide a way for users to rectify their data
  62. 62. #pubcon How do you comply with GDPR? Must show users a cookie notice upon entry Must clearly define how data might be used in T & C Must also spell it out clearly in the sites privacy policy Must provide a way for users to request what data is held Must provide a way for users to remove their data Must provide a way for users to rectify their data Must notify users if there is any breach of that data
  63. 63. #pubcon How do you comply with GDPR? That’s all you need to do
  64. 64. #pubcon How did I comply with GDPR?
  65. 65. #pubcon How did I comply with GDPR? Multiple options and plugins are available
  66. 66. #pubcon How did I comply with GDPR? There was no free complete WP solution at the time, so we chose a premium plugin by a company named Teknikforce
  67. 67. #pubcon How did I comply with GDPR? There was no free complete WP solution at the time, so we chose a premium plugin by a company named Teknikforce Corny video and a low budget sales platform, but the plugin is solid and the support is amazing. Live chat too.
  68. 68. #pubcon How did I comply with GDPR? There was no free complete WP solution at the time, so we chose a premium plugin by a company named Teknikforce Corny video and a low budget sales platform, but the plugin is solid and the support is amazing. Live chat too. WP GDPR Fix - http://bit.ly/wpgdprfix
  69. 69. #pubcon How did I comply with GDPR? Must show users a cookie notice upon entry
  70. 70. #pubcon
  71. 71. #pubcon
  72. 72. #pubcon
  73. 73. #pubcon
  74. 74. #pubcon
  75. 75. #pubcon How did I comply with GDPR? Must show users a cookie notice upon entry Must clearly define how data might be used in T & C
  76. 76. #pubcon How do you comply with GDPR? Multiple options and plugins are already available, and here’s what I used for my own site and for a travel site…
  77. 77. #pubcon
  78. 78. #pubcon
  79. 79. #pubcon How did I comply with GDPR? Must show users a cookie notice upon entry Must clearly define how data might be used in T & C Must also spell it out clearly in the sites privacy policy
  80. 80. #pubcon How do you comply with GDPR? Must show users a cookie notice upon entry Must clearly define how data might be used in T & C Must also spell it out clearly in the sites privacy policy
  81. 81. #pubcon
  82. 82. #pubcon
  83. 83. #pubcon How did I comply with GDPR? Must show users a cookie notice upon entry Must clearly define how data might be used in T & C Must also spell it out clearly in the sites privacy policy Must provide a way for users to request what data is held
  84. 84. #pubcon How do you comply with GDPR? Multiple options and plugins are already available, and here’s what I used for my own site and for a travel site… http://www.searchcommander.com/gdpr
  85. 85. #pubcon
  86. 86. #pubcon
  87. 87. #pubcon How did I comply with GDPR? Must show users a cookie notice upon entry Must clearly define how data might be used in T & C Must also spell it out clearly in the sites privacy policy Must provide a way for users to request what data is held Must provide a way for users to remove their data
  88. 88. #pubcon How do you comply with GDPR? Multiple options and plugins are already available, and here’s what I used for my own site and for a travel site…
  89. 89. #pubcon
  90. 90. #pubcon
  91. 91. #pubcon How did I comply with GDPR? Must show users a cookie notice upon entry Must clearly define how data might be used in T & C Must also spell it out clearly in the sites privacy policy Must provide a way for users to request what data is held Must provide a way for users to remove their data Must provide a way for users to rectify their data
  92. 92. #pubcon How do you comply with GDPR? Multiple options and plugins are already available, and here’s what I used for my own site and for a travel site…
  93. 93. #pubcon
  94. 94. #pubcon
  95. 95. #pubcon How did I comply with GDPR? Must show users a cookie notice upon entry Must clearly define how data might be used in T & C Must also spell it out clearly in the sites privacy policy Must provide a way for users to request what data is held Must provide a way for users to remove their data Must provide a way for users to rectify their data Must notify users if there is any breach of that data
  96. 96. #pubcon
  97. 97. #pubcon How did I comply with GDPR? They include two more options also…
  98. 98. #pubcon
  99. 99. #pubcon How do you comply with GDPR? Multiple options and plugins are already available, and here’s what I used for my own site and for a travel site…
  100. 100. #pubcon
  101. 101. #pubcon How do you comply with GDPR?
  102. 102. #pubcon Takeaways Time to get on board…
  103. 103. #pubcon Takeaways Time to get on board…
  104. 104. #pubcon What‘s Next After GDPR? I predict that pretty soon they’ll be trying to enforce what content you can put on your own website…
  105. 105. #pubcon What is GDPR? Do you collect any info?
  106. 106. #pubcon What is GDPR? Do you collect any info?
  107. 107. #pubcon What‘s Next After GDPR? 30% of content inVOD platforms must be European
  108. 108. #pubcon What‘s Next After GDPR? 30% of content inVOD platforms must be European During certain hours, there’s a limit of 20% advertising.
  109. 109. #pubcon What‘s Next After GDPR? 30% of content inVOD platforms must be European During certain hours, there’s a limit of 20% advertising. VOD platforms are also expected to contribute to the development of EU productions either by investing directly, or by contributing to “National Funds”.
  110. 110. #pubcon What‘s Next After GDPR? Alabama Arizona Colorado Iowa Louisiana Nebraska Oregon South Carolina South Dakota Vermont Virginia
  111. 111. #pubcon What‘s Next After GDPR? California passed the most sweeping law
  112. 112. #pubcon Californias Covered Entities Businesses with more than 25 million in annual revenue
  113. 113. #pubcon Californias Covered Entities Businesses with more than 25 million in annual revenue Alone or in combination buys, receives, sells or shares for commercial purposes the personal information of 50,000 or more consumers, households or devices on an annual basis
  114. 114. #pubcon Californias Covered Entities Businesses with more than 25 million in annual revenue Alone or in combination buys, receives, sells or shares for commercial purposes the personal information of 50,000 or more consumers, households or devices on an annual basis Derives 50 percent or more of its annual revenues from selling consumers' personal information
  115. 115. #pubcon Slides can be downloaded here… http://bit.ly/scottgdpr18 Scott Hendison scott@searchcommander.com https://www.searchcommander.com Thank You

×