As an American, any reason I should care about the GDPR?

7 replies
Want to know if there is any reason at all to comply with the GDPR as an American citizen? Right now I have zero intention to ever do so.
#american #care #gdpr #reason
Avatar of Unregistered
  • Profile picture of the author Will Edwards
    The short answer is 'yes' - just as non-American marketers need to pay attention to the requirements of the FTC. Such codes and practices exist to protect consumers and as professional marketers, we should want to fully comply.

    Sooner or later, US legislation is sure to follow the principles enshrined within GDPR, so if you comply now, not only will you be seen to be acting ethically, you will also be one step ahead of the game when the legislation eventually arrives.
    {{ DiscussionBoard.errors[11551701].message }}
  • Profile picture of the author adsorbable
    Its good to know the basics of the policies. Your website may not include europe right now, but if you have plans to scale up and expand into that region, then its good to follow best practices
    {{ DiscussionBoard.errors[11551811].message }}
  • Profile picture of the author dave_hermansen
    If your website only sells to America and you do not collect personal information from or send things (even free PDFs) to Europeans, no, you do not need to concern yourself with European regulations. Keep in mind, however, that this even means free sign-ups to newsletters or RSS feeds. Of course, you should already have opt-outs in place for those things as well as opt-outs for your email lists.

    Unlike Will Edwards, I would not advise you to waste time implementing things that may never happen in the U.S. - especially by a federal legislative body that for more than a decade does not seem to be able to pass even the most basic laws and regulations.

    Worry about it when you need to worry about it.
    Signature - FREE TRAINING - Learn How to Build Your Own eCommerce Website
    My PROVEN ecommerce process, as seen on: Fox Business News, the NY Times & Flippa
    {{ DiscussionBoard.errors[11552012].message }}
  • If you're an American citizen and you're NOT collecting data (email, IP, names, religion, age, gender etc.) of EU citizens then GDPR doesn't apply to you. The GDPR regulations are there to protect EU citizens as natural persons (meaning NOT business entities - GDPR doesn't cover your marketing to EU companies) and their data privacy.

    If you are collecting data of EU citizens though, then you are technically legally obliged to comply with the GDPR. The regulations were implemented in 2018, and they have started handing out fines already, but things are still not very clear even within the EU. Mostly large companies, or companies who have gotten media attention have been targetted. Many businesses in the EU comply deficiently with the GDPR as things stand of right now. It will still take a few years until things settle down and become more clear, and the agencies really get up to speed with the fines.

    Now whether you should comply or not is a decision for you to take. The fines are 2% of revenue, capped at 10 million USD. To get fined, you actually need to get caught. Data Protection agencies will not go looking for you and your websites unless you are a relatively large enterprise, you have media attention, or your customers/prospects officially report you (which involves sending paperwork to the agencies). If you ask me, for most people on here, it's very unlikely that such a thing will happen unless you're doing outright frauduluous stuff on a massive scale. But as I said, it's everyone's decision as to what to do.

    I recommend at minimum sticking to standards of decency and good ethics. If someone unsubscribes from your email list, don't resubscribe them without permission or keep sending them stuff. Don't sell your lists to third parties unless you have obtained consent first. Don't buy large email lists containing data of EU citizens that were built in a dubious way. Etc. This will decrease the likelihood of anyone having any problems with you.
    {{ DiscussionBoard.errors[11552046].message }}
  • Profile picture of the author dave_hermansen
    Of particular note is the fact that there is no actual provision of GDPR that states how they will be able to legally collect fines from businesses that are not in Europe (they have some language about how they will try to work with other countries for compliance enforcement but that's about it). It's similar to U.S. Commerce Clause issues that prevent states from imposing their laws and taxation on other states without a Congressional law.

    Sure, Europe can say "we fine you xxx amount of Euros" but how do they collect? There is no U.S. law that states that you have to comply with GDPR. A U.S. court may or may not decide to enforce the GDPR but that can be appealed and appealed and appealed until it reaches the Supreme Court who ultimately should decide that, barring a U.S. federal law, it is unconstitutional to force U.S. businesses to comply with laws of another country. (NOTE: this is far from a likely scenario for Europe to go through all of this for some piddling little U.S. website.)

    Of course, if you have an entity in Europe, you're stuck but otherwise, until the U.S. Congress creates a law, stating you have to comply with GDPR and that the U.S. government can force those fines on a U.S. business, it's just a hope by Europe that a U.S. business will comply.

    Here's an interesting discussion about it on Stack Exchange.
    Signature - FREE TRAINING - Learn How to Build Your Own eCommerce Website
    My PROVEN ecommerce process, as seen on: Fox Business News, the NY Times & Flippa
    {{ DiscussionBoard.errors[11552280].message }}
  • Profile picture of the author ChrisBa
    Originally Posted by Marakatapolis View Post

    Want to know if there is any reason at all to comply with the GDPR as an American citizen? Right now I have zero intention to ever do so.
    You should care if you are promoting to Europeans

    [Moderator's note: please refer to sig file rules]
    {{ DiscussionBoard.errors[11552727].message }}
  • Profile picture of the author 0ccul7
    If you are working with EU people or if you store their info, then you should be educating yourself about GDPR.
    {{ DiscussionBoard.errors[11552974].message }}
Avatar of Unregistered

Trending Topics