But it isn’t simply all about the overall design or user experience—although this definitely plays a huge part in web development—but also the way that these various websites store user data. There are talks back and forth all the time about the ethics of being able to use data in such a way. And naturally, these sorts of conversations bring about certain laws and regulations to light. The General Data Protection Regulation (GDPR) is one of the more recent regulations to come about. But how important is this new law? How could it possibly affect web development practices?
GDPR: A Breakdown
The stipulations of GDPR are fairly simple. First enforced in 2018, the regulation revolves around data protection and privacy, specifically in the European Union (EU). The regulation doesn’t only cover citizens and residents in the EU but also those who are simply visiting. Moreover, it specifically covers personal data. This means any info that can be related to an individual person, which extends as well to sensitive data—details about health, political or religious beliefs, and other similar confidential information.
So which websites exactly are meant to keep track of GDPR compliance? Any site that has the intention of targeting those in the EU as its audience would therefore need to track the data of the people in the area. Not being able to comply with the conditions of the GDPR can result in some casualties for the company, including a possible €20 million fine.
The 8 Rights of GDPR
As broad as the term “data protection” can be, the GDPR revolves around eight specific rights that help give a sense of direction for web developers. When in doubt, web developers can simply think back to these rights.
1. Right to be informed
2. Right of access
Users have the right to be able to acquire their data when they ask for it. It is, after all, their own personal information. It must also be given in the necessary format.
3. Right to rectification
If, for example, a user has provided insufficient or incorrect data, he or she has the right to be able to correct it.
4. Right to be forgotten
At any given point in time, users can ask for their personal information or data to be erased if there’s no reason for it to be stored.
5. Right to restrict processing
There’s a difference between simply storing data and actually processing it. Users have the right to request for a site to not process their personal information.
6. Right to portability
Again, since the data is the users’ own, they have the right to use it again and request for it in the proper format.
7. Right to object
Sometimes, user data is used for marketing or research purposes. People are allowed to object to this if they deem it invasive of their privacy.
8. Right to automatic decision making
Certain services involve automatic decision-making, which has specified rules that involve the user giving permission.
The Web Landscape, According to the GDPR
With all of these guidelines and rules, what does this mean for web development? Well, for one, it would involve a lot more transparency. There’s this system of record-keeping that’s required of the different websites to prove that they were, in fact, following the guidelines of the GDPR. And with a hefty fine for violations, it’s fairly safe to say that a lot of these sites are bound to comply. Users are also likely to feel safer and more trusting when it comes to typing down personal data.
Of course, the establishment of such a rule—no matter how air-tight it may be—can’t erase all misdoings completely. There may be ill-intentioned companies who will somehow find a way around the compliance procedures and documents. It’s possible that there may be a few cracks in the safe. After all, we’re all still taking small steps to the protection of data privacy, and so we won’t exactly know what other issues could arise in the future.
However, there’s no denying that the GDPR is definitely a big help in this sense. It has clear and actionable guidelines as well as serious consequences. It’s a step in the right direction, especially in an age where privacy seems to almost be a privilege. Regulations such as the GDPR certainly serve as a hope for the future of the web development landscape and could influence a lot of lawmakers outside the EU to follow similar regulations.