Is some privacy too much to ask?

We explore some of the issues related to GDPR, DSGVO, PIPEDA, CCPA, or COPPA, including how to deal with all this privacy goop!

In some cases, yes, it is

The wolverine is a fierce, solitary animal. These creatures have been known to kill animals more than four times their own size just for a little damned privacy. I can respect that. I have been making a study of Web privacy for several months now to help my clients comply with new, scary-sounding privacy legislation. This article is not going into the dark alphabet forest of issues related to GDPR, DSGVO, PIPEDA, CCPA, or COPPA. I’m going to share some of the practical things that I am doing and offering to prevent my clients from running afoul of these regulations (as I understand them).

Big disclaimer …

Like with anything, there are good, better and best levels of compliance on these regulations and unless you are doing loads of business with customers in the EU, UK, Canada, and California, AND you are not in the business of capturing and selling website visitor data, you can probably get by with a minimum of fuss. But I’m not an attorney, and if you are concerned about your company’s privacy law compliance you should get the help you need, and not trust what your web developer says.

I had no idea we were serving cookies!

Cookies. What a friendly sounding name for the little packets of info that can be compiled by big data monsters to develop a profile of what we do while online and using our phones. Some programmer named Lou figured that these little nuggets of info could be useful to store what’s in somebody’s shopping cart or if someone is logged-in or not. Later, the EU got worried about the practices related to third-party tracking cookies and the potential for privacy abuses. And this in large part, triggered the spate of privacy legislation we enjoy today. And yes, your site is using cookies.

How do I check on my site?

So, maybe you were wondering … how can I get a trusted, third-party assessment of the privacy and security robustness (robustosity?) of my site without getting trapped by some spammy sales pitch generator? Easy, look to Europe! Sweden even.

These privacy minded folk have a tool where you can plug in your website address and get a free instant analysis of all of your site’s privacy related faults – along with suggestions on how to fix them all.

It might scare you a little, so get your tinfoil ready! to the rescue

Recently, I installed and configured the WordPress “Complianz Privacy Suite” plugin for a client. This software automates the scanning of the site to identify and report on all the cookies that are in play, and the paid version generates all the compliance policy web pages clients need. It serves up the right cookie policy notice (those “we use cookies” popups you see around the web) based on where your web site visitor is coming from. It takes a few hours to configure based on a privacy policy questionnaire (faster if you know all the answers).

Let’s just agree that in the majority of situations, there is no need to capture personally identifiable information (PII) from the people visiting our websites (unless they fill out a contact form or buy something and there is a clear business purpose at hand). The Google Analytics we routinely install for clients is always configured to not collect PII and to anonymize IP addresses. Not everyone has a basic privacy policy page on their site and this can be easily remedied – I have an example of such a page on my site and if you want one, please let me know.


Share your name and email address with me, and I’ll notify you when I add a news item to my website.  The audience for these articles is Detroit Web Forge website and marketing services clients. I will share news about what’s going on with web hosting and demonstrate good email marketing practices using free tools like MailChimp. Your email will not be shared, sold or abused in any way. Thanks!