Select Page
What Content Creators Must Know about COPPA.

What Content Creators Must Know about COPPA.

If you are feeling stressed and confused about YouTube, COPPA, Content Creation and the FTC you are not alone. The recent and historic fine levied on YouTube and parent company Google by the FTC is a clear indicator to content creators on all platforms that winter change is coming. I have gotten quite a few questions about this because I am a lawyer and a content creator..so let’s talk about it a bit more.

What can content creators do?

First, the fact that you are paying attention is a huge plus. You are taking action to make sure that your content isn’t going to create problems for you. If you are on a non-monetized platform, pay attention to the rules regarding collecting or encouraging the collection of information. If you are on YouTube then you are aware that you need to start indicating if your content is made for children and understand what content could be considered to have an ‘intended audience’ of children under 13. 

Is your content ‘child-oriented’?

The FTC published a Six-Step Compliance Guide in 2013. Despite this YouTube asked the FTC for further clarification last week. This is likely because YouTube is getting screamed at by content creators who have no idea how to comply and YouTube is doing its best to pass all the responsibility for compliance along to creators. This despite the fact that the FTC listed how YouTube must comply, and the fact that COPPA was enacted into law before YouTube even existed and they have blatantly ignored it for over 13 years…but I digress…

‘Child Oriented’ or whether the ‘Intended Audience’ is under 13 is determined by the FTC by evaluating the following factors. 

  1. The subject matter
  2. Visual content
  3. Use of animated characters or child-oriented activities & incentives
  4. The kind of music or other audio content
  5. Age of models
  6. Presence of child celebrities or celebrities who appeal to children
  7. Language or other characteristics of the site
  8. Whether advertising that promotes or appears on the site is directed to children &
  9. Competent and reliable empirical evidence about the age of the audience 

If you are thinking that this could be literally anything and this isn’t helpful at all, you aren’t alone. With regard to the content, you create remember that COPPA doesn’t forbid content created for children under the age of 13. It prohibits certain tracking behaviors. So if you make content that falls under one of these prongs as a YouTube creator first you need to make sure to indicate it on the YouTube platform itself.

Next, you need to be aware of what you shouldn’t be doing.

What does COPPA prohibit?

“ You cannot collect information online regarding children (any under 13) through means like passive tracking, requesting, prompting, or encouraging them to submit personal information or enabling a child to make personal information available in an identifiable form” FTC.gov. This is where YouTube got into the shit. YouTube was tracking viewers of ‘children-oriented’ content and serve ads based on tracking behavior. 

If children under the age of 13 are being tracked by cookies like Google Adsense or Facebook pixel then the operator of the website MUST have VERIFIABLE PARENTAL CONSENT. Yuuuppp. This is what YouTube was lacking. However, I think the FTC is really clear that the WEBSITE OPERATOR is the one responsible, that would be YouTube. 

This prohibition on collecting information extends to usernames and screen names. Yes, that means asking viewers to comment is problematic. The first step is understanding your content and making sure it’s clear who it’s intended for. The second step is understanding what you can and can’t do.

What can creators do to protect themselves?

While I think YouTube will continue to try to pass the responsibility to creators it is ultimately YouTube who has the power to stop tracking. What this likely means for creators whose content can be considered child-oriented is that their ad revenue will go down, they will see monetization turned off on some content, they will see comments potentially disabled on some content. We know that engagement drives how videos show up in search and how they are suggested by YouTube so videos will likely be suggested less. Creators need to be ready to ride this out while YouTube figures out how and if they will continue to serve ads on child-oriented content. 

One of the most important things in all of this is that Creators make sure they don’t encourage information to be shared, that means not asking for comments or for engagement that requires a screen name or username to be shared. That they do not host giveaways where there is no age verification to ensure minors under 13 don’t enter. The onus is on YouTube but creators will get thrown under the bus in a second. So be smart, stay informed (you can always follow me on social cause I am not going to stop talking about this anytime soon @theemilydbaker… shameless plug over) and talk to other creators in your space. 

I also have two podcast episodes on this topic, or you can find Get Legit Law & Sh!t in your favorite podcast player.

If you have any questions hit the contact form below, I am here to help.

If you have a community that needs this information I am here to help. Shoot me an email to hello@emilydbaker.com. I am happy to talk to your community, podcast, or channel about how to Get Legit™.

Emily D. Baker, Esq.

Emily D. Baker, Esq.

Badass Lawyer for Online Business

Emily has been running business for 15 years and has ove 13 years of legal experience. She spent 10 years at the Los Angeles County District attorney's office where she truly learned to be a solopreneur. Emily has built her consulting and speaking business from the ground up, in her garage jamming out to 90's music. She specializes in no BS practical advice for the starting and scaling online entreprenur. Emily will tell you what the business gurus can't in a way that is both hillarious and empowering.

Questions for Emily? Just Ask...

8 + 6 =

YouTube & Google Fined 170 Million for violating Children’s Privacy Laws

YouTube & Google Fined 170 Million for violating Children’s Privacy Laws

In a historic move, the FTC has fined YouTube and it’s parent company Google 170 Million for violations of the Children’s Privacy Law. Let’s break it down, who is the FTC, what is the Children’s Online Privacy Protection Act (COPPA), WTF did YouTube do to get this much hate and what comes next. 

Now it’s time for a Break Down

1. The FTC

The Federal Trade Commission (FTC) is a federal government agency in the United States who is tasked primarily with consumer protection through stopping ‘unfair, deceptive or fraudulent practices in the marketplace’ -FTC.gov. In the last 10 or more years, the FTC has been really busy regulating online practices, this includes protecting consumer and children’s privacy, regulating advertising practices and regulating how private information may be tracked online. The FTC does this by passing regulations and acts like the Children’s Online Privacy Protection Act (COPPA). 

2. COPPA (not the Cabana)

Which brings us too …what the hell is COPPA. COPPA was enacted in 1998 and is one of the many laws governing how we interact online and it states in part that websites “cannot collect information online regarding children (any under 13) through means like passive tracking, requesting, prompting, or encouraging them to submit personal information or enabling a child to make personal information available in an identifiable form”. www.ftc.gov . There are a substantial number of guidelines in the law which I cover in detail on the Get Legit Law & Sh!t podcast. But know, that the FTC breaks that shit down …all the way.

3. How Did We Get Here?

So why is the FTC salty with Google and YouTube? First, it’s not just the FTC, the state of New York also sued Google & YouTube in this case …but for the sake of being brief, I will continue to just refer to the FTC. The FTC states in their complaint that YouTube violated COPPA by using cookies to track viewers of YouTube channels with child-directed consent. The FTC states that YouTube earned millions of dollars by using these cookies to deliver targeted advertisements to viewers of these channels.

The thing that really pissed off the FTC is the fact that YouTube touted itself as “#1 website regularly visited by kids” and as being “today’s leader in reaching children age 6-11” and by stating to advertisers Mattel and Hasbro essentially that YouTube was the best place to reach kids and was competitive with any TV channel out there. Look, just from my kids’ behavior, I believe all of it. My kids love YouTube, their friends love YouTube and if I don’t buy some merch from Ryan of Ryan’s Toy Review this Christmas my 7-year-old may try to find a new family.

FTC Chairman Joe Simons stated in the agencies press release that “YouTube touted its popularity with children to prospective corporate clients yet when it came to complying with COPPA the company refused to acknowledge that portions of its platform were clearly directed to kids. There’s no excuse for YouTube’s violations of the law”.  

The FTC even included the following images in its press release just to drive home the point that YouTube held itself out as an attractive offering for advertisers based on their access to children. But this isn’t a first for Google. As the image from the FTC shows Google has been fined 258.2 million in fines since 2012 for privacy violations. 

But Wait…There’s More.

In addition to the fines, the fine requires Google and YouTube to develop, implement and maintain a system that permits channel owners to identify their child-directed content on YouTube so that YouTube can ensure that it’s complying with COPPA= and companies must notify channel owners that their child-directed content may be subject to COPPA and provide annual training about complying with COPPA for employees who deal with YouTube channel owers. YouTube also must show that they are obtaining verifiable parental consent before collecting personal information from children.

As of December 12, 2019, YouTube has reached out to the FTC for further guidance to help creators comply with COPPA. Notice how YouTube is shifting the burden of compliance away from the platform and onto creators?? Last time I checked it was YouTube and Google who are in charge of serving ads on creator channels. YouTube is in sole control of what ads are shown and even if ads are shown on a particular channel. Yes, YouTube has made it possible for content creators to state if their content is directed at children, but YouTube has provided little other guidance, so this is an evolving issue and there will be more on this to come! 

Tune in for Get Legit Law & Sh!t next week for my suggestions to creators and all website owners on COPPA compliance and a few other interesting ways the FTC has been cracking down. 

If you have a community that needs this information I am here to help. Shoot me an email to hello@emilydbaker.com. I am happy to talk to your community, podcast, or channel about how to Get Legit™.

Emily D. Baker, Esq.

Emily D. Baker, Esq.

Badass Lawyer for Online Business

Emily has been running business for 15 years and has ove 13 years of legal experience. She spent 10 years at the Los Angeles County District attorney's office where she truly learned to be a solopreneur. Emily has built her consulting and speaking business from the ground up, in her garage jamming out to 90's music. She specializes in no BS practical advice for the starting and scaling online entreprenur. Emily will tell you what the business gurus can't in a way that is both hillarious and empowering.

Questions for Emily? Just Ask...

9 + 4 =

AB5 & How It Screws YouTube Creators

AB5 & How It Screws YouTube Creators

I have said it before, California is special. But this new law may just screw a whole bunch of YouTube creators. Even if you aren’t in California you need to pay attention because this now exists in California, New Jersey, Massachusetts and Connecticut. It’s the growing trend and it will continue to grow in states across the US. As goes California goes the nation.

Last week California codified an existing California Supreme Court decision Dynamex Operations west, Inc. v. Superior Court of Los Angeles. This ruling changed the way that Independent contractors (sometimes called 1099) are classified. This new law will have far reaching impact on the intended industries as well as some unintended consequences that suck.

What’s the point of the ‘Uber Law’

Yes, AB5 is being referred to as the ‘Uber’ law because under the new test Uber is one of the biggest companies that will face sweeping changes classifying all drivers from independent contractors to employees. The thought of Ca. legislatures is that they are protecting individuals who work exclusively for one company from being exploited and not having benefits such as health care, unemployment etc. I am sure it has nothing to do with increased revenue from taxes paid to the sate when someone is an employee. What it means for companies like Uber is a 20%-30% overhead increase and likely an increase in rates in Ca., as well as a decrease in Uber drivers in Ca. But drivers aren’t the only industry impacted.

So what’s the ‘Test’.

California is now embracing what’s referred to as the “ABC” test to determine if someone is actually an Independent Contractor or if they are an Employee. The law, and court decision state that a person can only be classified as an independent contractor if all of the following are true.

  1. The person is free from the control and direction of the hiring entity in connection with the performance of the work, both under the contract for the performance of the work and in fact
  2. The person performs work that is outside the usual course of the hiring entity’s business.
  3. The person is customarily engaged in an independently established trade, occupation, or business of the same nature as that involved in the work performed.

California AB 5 Section 2 amending the labor code section 2750.3  emphasis added. 

Why is this a problem for YouTube Creators in California

If you are a content creator who hires an outside editor or videographer they will be considered in the usual course of the hiring entity’s business.’ because creating videos comprises those actions. That means the person you are working with would have to be the creators employee. Here is what that looks like…they have to be paid W-2…like through a payroll company and the creator will need to pay payroll and likely unemployment taxes for that employee. The creator will become responsible for adhering to the labor laws in Ca., including work hours, break periods. The creator can also be sued for work place discrimination, harassment and workers compensation if your employee gets hurt out on a shoot. The creator will need to have insurance to cover their business, oh yea …and will need an actual business. I would never advise hiring employees as a sole proprietor. This means forming an LLC or C-Corporation and adhering to all those rules and regulations as well.  Take a deep breath and let’s dive into this more …I have some suggestions.

Emily WTF, that is a whole lot! Are there other options??

Yes, AB 5 has a number of exceptions that some may improperly apply to YouTube cretors. The problem is that there is an exemption to one of the main exceptions. That being an exception for still photographers or photojournalists. But in that exception there is an exemption. This clause is not applicable to an individual who works on motion pictures, which includes, but is not limited to, projects produced for theatrical, television, internet streaming for any device….. I understand that the temptation is to immediately argue that a YouTube video is not a Motion Picture.  However, it is. The labor code in a different section defines motion picture in part as any other moving images, including those  created for entertainment purposes transmitted by web cast or any other technology that is nor in use. 

I know, that was some deep lawyer shit. But Calififornias definition of motion picture clearly includes YouTube videos. Keep breathing.

So Now What.

You have to be a business. The people you work with also have to be businesses. The only way to salvage this without creating an employee relationship is to properly fit under the business to business exceptions to this law. So how do you do that?? Depending on your business I would consider becoming an LLC, it’s the least formal commercial entity in California. Just know that becoming an LLC in California starts with about $1,000 in fees and there is an annual $800.00 mandatory tax to start. There are regulations to keeping your LLC legit but that is a post for another day. 

If you are a business entity you also need:

Your business entity to be in GOOD STANDING

A business license

An EIN

A business bank account (not just a separate account, and actual BUSINESS ACCOUNT)

Possibly a DBA/FBN

Proper business accounting and legal practices 

A business location

A business address

 

It is your responsibility as the creator to get this sorted before January 2020. You have to ask the people you pay to work with you if they are a legal business entity. Only then will you be able to prove that you have a business-to-business contracting relationship and not an employer/employee relationship. 

There are numerous other considerations in whether a relationship is a business to business one or not, but most importantly the business you are contracted with must work with other businesses and must set their own hours and location of work.

Deep Breath.

If you are totally freaking out, I get it. Call me. I provide legal consulting to creators and online businesses all day, erry day. It’s my jam. It’s my job to know this stuff. You are aware now so you can do it right. If you are interested in creating an LLC in California you can do that through the Secretary of State or, you can contact me through the form below for help with that. 

If you are creating a valid business to business relationship make sure you have the appropriate contracts in place …a handshake and an agreement isn’t sufficient. You have to have legal agreements with the business you are working for. My Get Legit Shop is a great place to start. I suggest the Independent Contractor agreement! 

If you have a community that needs this information I am here to help. Shoot me an email to hello@emilydbaker.com. I am happy to talk to your community, podcast, channel about how to Get Legit™.

Want to see if an LLC is right for you?? I’ve got you…..fill out the form below!

Emily D. Baker, Esq.

Emily D. Baker, Esq.

Badass Lawyer for Online Business

Emily has been running business for 15 years and has ove 13 years of legal experience. She spent 10 years at the Los Angeles County District attorney's office where she truly learned to be a solopreneur. Emily has built her consulting and speaking business from the ground up, in her garage jamming out to 90's music. She specializes in no BS practical advice for the starting and scaling online entreprenur. Emily will tell you what the business gurus can't in a way that is both hillarious and empowering.

Questions for Emily? Just Ask...

14 + 14 =

WTF is the CLOUD Act & why it matters to you.

WTF is the CLOUD Act & why it matters to you.

What the CLOUD Act Is.

The United States and the UK just signed the first-ever bilateral data-sharing agreement called the CLOUD Act, which means Clarifying Lawful Overseas Use of Data. So you may be asking yourself WTF is that and why does it matter. Well, this first of its kind legislation allows law enforcement to request access to electronic data directly from the tech companies in either country. So the FBI can request data from UK based companies and UK law enforcement can request data directly from companies like Facebook and Google. Here is what’s concerning to this former prosecutor, the Act allows the request WITHOUT a warrant or strong probable cause. In the US this act was slipped quietly into a spending bill (don’t you hate it when they do that!). Now there are other treaties and acts in place to allow countries to cooperate with each other in regards to threats, potentially criminal behavior, but this takes it further.

What is the big deal?

If there is no requirement of a warrant who is vetting the propriety of the requests? Is it up to the tech companies to stand up to law enforcement requests? However, it does put some context to Facebook’s recent announcements that one of their primary focuses will be encrypting data. Facebook released a post titled ‘a Privacy-Focused Vision For Social Networking’ on March 6, 2019. I believe that Facebook saw the writing on the wall, knew that CLOUD was in the pipeline and was aware of CLOUD’s one massive exception. Encryption.

Yup, the CLOUD Act cannot reach data that is encrypted end to end. So while Apple and Facebook are pushing harder into encryption the US Government is demanding that Facebook allow backdoor (unencrypted) access to data. I don’t always agree with Facebook but in this instance I completely get it. Facebook doesn’t want to have to be a gatekeeper in this way and is likely freaked the fuck out that law enforcement can request data without a warrant. If the data is encrypted Facebook can simply shrug and say ‘sorry bro…nothing we can do’. 

Why it matters?

What is so interesting to me is that the story to the public continues to be increased privacy…. Governments are pushing data privacy with GDPR (the EU’s General Data Protection Regulation) and California’s soon to be enacted CCPA (California Consumer Privacy Act). So on one hand data is becoming harder to access as an online business or marketer, but it’s getting a bit easier to access for government agencies, and I can’t yet reconcile the two.

Look, I understand that acts of terror and mass harm are coordinated online. International sex trafficking is a real issue not to mention other areas of cybercrime that would take me down a totally different rabbit hole of weapons and organ trading….. But the public conversation is that your data is going to be more private, more secure and harder to access, what is actually happening is that your data will be easier to obtain in some situations. 

I think the conversation should include all of it. If you have even heard of the CLOUD ACT before will you drop me a comment, because unless you travel in deeply nerdy cybersecurity or government regulatory circles I am guessing that this is news to you. So let’s start the dialogue. Let me know what you think in the comments, does this freak you out? Do you get the ‘greater good’ argument for making data easier for law enforcement to obtain? Do you agree with Facebook pushing to encrypt data end to end to avoid all this? 

Let’s keep this conversation going! 

www.Instagram.com/TheEmilyDBaker

For More on This Story

https://wccftech.com/cloud-act-passed/

https://www.jurist.org/news/2019/10/us-uk-sign-landmark-data-sharing-agreement/

https://wccftech.com/us-uk-bilateral-data-sharing-agreement-cloud-act/

If you have an Etsy store or a handmade business - this post is for you! Did you know that you need to have a licensing agreement to make products with someone else's logo? Click to read more!
Emily D. Baker, Esq.

Emily D. Baker, Esq.

Badass Lawyer for Online Business

Emily has been running business for 15 years and has ove 13 years of legal experience. She spent 10 years at the Los Angeles County District attorney's office where she truly learned to be a solopreneur. Emily has built her consulting and speaking business from the ground up, in her garage jamming out to 90's music. She specializes in no BS practical advice for the starting and scaling online entreprenur. Emily will tell you what the business gurus can't in a way that is both hillarious and empowering.

Questions for Emily? Just Ask...

10 + 7 =

10 Tips To Protect Your Website Content

10 Tips To Protect Your Website Content

I know how much time it takes to build a website and an online business…heck, I have done both myself. I also know that you want to serve people with your content and products so when people rip off your shit it sucks! It doesn’t matter if they are stealing a product name, website copy, images or your whole business feel, it’s theft. More and more the online business space is becoming the wild west and it can be hard to get those intentionally and unintentionally stealing your stuff to knock it off. So let’s focus on protecting your content so you don’t have to start dealing with cease and desist letters and DMCA (Digital Millennium Copyright Act) takedown notices (though if you need those things, e-mail me, I’m here to help).

These 10 tips will put you not only protect your content but it also puts you in the best position to defend yourself if your content is taken. The benefit of being a lawyer and an online business owner is that I can tell you what other business gurus can’t. Well…let’s get to it.

Start with basic Website Protection

1. Terms of Use –  While you aren’t legally required to have Terms of Use on your site, it is a good idea. The Terms of Use tell others how they are allowed to interact with your content. It’s your contract with the user if you will. You can set terms of use that content on your site may not be altered when shared, may only be shared using the provided methods and set up a way for people to contact you if they want to share your content outside of the stated uses…hello brand deals. The Terms of Use also give you leverage if someone violates them, think of social media sites and YouTube banning and suing over TOU violations. These terms are enforceable and are the first step in protecting your content.

2. Privacy Policy – You are legally required to have this one if your website promotes or sells anything…if your website doesn’t do this please email me and let me know why you have a site because I haven’t yet met anyone who doesn’t promote or sell. Your privacy policy tells others how you protect their data. While this may not seem at its face like it’s protecting you, it is. If you don’t have a proper privacy policy it’s more difficult to go after someone for violating the rules on your site. You are less inclined to fight for your content protection when you are also not fully legally protected. Having your business protected from a three hundred and sixty-degree standpoint allows you to stand firm. Trust me, when I am going after people on behalf of my clients this is one of the first things I look at to see how ‘serious’ of a business they are. Being protected like a business allows you to protect your content like a business.

3. California Privacy Rights Statement – This is a quick note because it is a pet peeve of mine. A  proper (legally required) privacy policy must have a California Privacy Rights Statement. All the documents I sell contain this disclaimer but if you are using your own Privacy Policy and this isn’t in there, pop your email down below and I will send you one. As I said, pet peeve. California requires any site that does business with residents of California to have this statement in their Privacy Policy.

4. Jurisdiction and Venue Clauses -These handy little clauses are necessary to make sure that if you do have a dispute regarding your site, or regarding the theft of your content and intellectual property, that it happens where you live and not where they live. This is tremendously helpful knowing that you don’t have to haul all over the country to defend your site, you can make people come an answer in your home jurisdiction, which is often enough of a deterrent to get them to work with you.

Let’s Talk Copyright!

5. Copyright Disclaimer – You need this on the bottom of every page of your site. It should read © property of (Your Name or Legal Business Name) (current year) all rights reserved.  For example © property of Ask Now, Inc. 2019.

6. Embedded Copyright – You can embed a copyright notice in most photo editing software and on the backend of sites like WordPress. Just adding the same sentence as above without the year is sufficient. Having this embedded in your images makes it easier for you to show that they originated with you if it ever comes to that.

PRO-TIP – You have a common law copyright in the things you create and you can also register your copyright online . For social sites like Facebook you can upload copyright protected images if you have issues with things like your logo or created designs being used by others.

Practical Tips to try right now!

7. Name It and Claim It – I can’t stress this enough. If you have that ‘thing’ that you are becoming known for, Name it and Claim It. Claiming it includes grabbing the URL for it, making sure you can get the socials and taking up that digital real estate so that someone can’t easily move in on your thing.

8. Google Alert – Set up a google alert for your key phrases, when you name it and claim it this becomes easier. This way if someone is starting to advertise a product with the same name you should be alerted to it. I also use google alerts for things I am really interested in keeping up on…like the LuLaRoe lawsuits but that’s a topic for another blog post….

9. CopyScape – This is a great service that searches the web for duplicate content and is also really helpful for checking for plagiarism.  

10. Google Image Look Up – Yes, this is what those guys used to find people cat-fishing online. You can put an image into google to look up where else that image appears on the web. Follow the link and put any image or image URL into Google Images. Try it with your logo or a photo of your product, or even your own image. It can be really interesting to see where things pop up. This can also be useful if you want to see where someone purchased the great flat lay images they are using….if they don’t have right click disabled that is.

    Pro TipDisable Right Click! Yes! You can disable the ability to right click on content on your website. There are a number of plugin options that will disable the right click function that would allow someone to easily click and copy content from your site. Go to your website and see how easy it is to grab content. What your goal is here is to ensure that people can share your content the way you want them too, be that sharing to pinterest or facebook, make sure you give them only one way to do it, so they don’t steal it.  I like Right Click Disable Original for WordPress but there are others.

    If you feel like it’s all a bit much, that’s ok. The legal stuff in business can be really overwhelming, but that’s why I am here! I take the scary out of this legal stuff. Sign up with my email squad down below and I promise I will keep you in the loop with what you need to know, without flooding your email box!

     

    If you are a small business owner with a website or you're thinking about setting up a website here are 10 Tips you need to know!
    Send me my California Privacy Policy Supplement!

    I will send you a supplement ready to be added into your websites Privacy Policy. Let's get your sh*t legal. If you want to keep getting updates like this simply subscribe!

    Subscribe
    Unsubscribe

    Hang With Me  On Social 

    Emily D. Baker, Esq.

    Emily D. Baker, Esq.

    Badass Lawyer for Online Business

    Emily has been running business for 15 years and has ove 13 years of legal experience. She spent 10 years at the Los Angeles County District attorney's office where she truly learned to be a solopreneur. Emily has built her consulting and speaking business from the ground up, in her garage jamming out to 90's music. She specializes in no BS practical advice for the starting and scaling online entreprenur. Emily will tell you what the business gurus can't in a way that is both hillarious and empowering.

    Contact Emily

    3 + 2 =

    GDPR Explained. What is it and does it apply to your site?

    GDPR Explained. What is it and does it apply to your site?

    First, I have to say that I am a lawyer, but this article is not legal advice. I am here to explain GDPR and help you navigate if GDPR applies to you and your website. My goal is to help you decide what steps if any, you may need to take on your website. I am all about practical solutions. If you are a large website that deals with collecting or processing vast amounts of personal data a GDPR specialist is necessary. If you are an online business in the United States and you aren’t sure where to start, keep reading.

    What is GDPR and why is everyone taking it?

    GDPR stands for General Data Protection Regulation and is a law passed in the EU to unify the Data Privacy laws across the region. This law was adopted by the EU parliament April 2016 and takes effect May 25, 2018. You may ask, why am I just hearing about this? First, large companies have been dealing with this through their regulatory and compliance departments or agencies. But, for online entrepreneurs…a lot of us don’t have compliance or regulatory departments! So the information gets to you when the news get’s to it. In the US a few factors have brought this into the conversation. First; the Cambridge Analytica Scandal. You know where like 87 million people had their personal information shared and stored without their knowledge? Second,  the Facebook Congressional hearings and Third the deadline for GDPR compliance is approaching. I am here to make the complicated a little more accessible.

    Does GDPR apply to me?

    Yes if you collect, store or process personal data; AND

    • Are located in an EU member country, or
    • You primarily conduct business in an EU member country; or
    • You target residents of an EU country; or
    • You accept the currency of an EU country; or
    • You ship to an EU country

    What is considered Personal Data under GDPR?

       The GDPR expands the definition of personal data from more traditional uses. It is not just data that relates to an identified or identifiable person. It includes all information that can be used to identify a person such as IP addresses, cookie strings, social media posts and shares, online contacts and mobile device IDs.

    What do I need to do to make sure my website is compliant?

    The answer here is tougher because it depends on what information your site collects. If you have an understanding of the type of personal information you collect, then you can look through the information provided here and decide what you need to do. This includes (at a minimum) providing an opt-in, providing a clear privacy policy and making sure that if people opt-out you are not storing their information. That said if you site processes or collects large amounts of personal data you need to work with a GDPR specialist. But I do have some tips and resources for you to apply as appropriate to your situation.

    • Website Privacy Policy – You have to have a good website privacy policy!! If you do not have one yet you can purchase a privacy policy from me. If you already have a privacy policy be sure it includes the following
      • A clear and easy to understand explanation of what information your site collects and tracks and what you do with that information.
      • You can also list the privacy policies of the services you use, I have included this in my Website Privacy Policy Supplement which you can receive by signing up below.
      • A way for visitors to block tracking
    • Notification – This can be in the footer of your website that your site uses tracking data. See this example from Facebook or you can receive my  US Privacy Policy Supplement below!
      • Facebook Example “We use technologies, such as cookies, to customize content and advertising, to provide social media features and to analyze traffic to the site. We also share information about your use of our site with our trusted social media, advertising and analytics partners. [See details – link to your privacy policy.]”  
    • Consent or Opt-In – The current practice in the US is to state in the website Terms of Use and Privacy Policy that your use of the website is consent to the policies and that if you don’t consent you should discontinue use.  This isn’t enough for GDPR.

    What comes next?

    Even if your site isn’t required to comply with GDPR it is likely that all of the tracking services (think Facebook and Google) will start to require some type of disclosure on your website as a condition of their use. They will do this by updating their own policies and terms of use. At the end of the day having consistent standards for disclosures of data tracking is the way we are going. It’s easier to start heading that direction now and to show your community and customers that you care about their data and are going above and beyond what is required (because eventually, that will be the standard). I have updated my own privacy policy to include the information provided in the supplement (which you can receive down below), but my site is not under GDPR and at this point, I am choosing not to use the affirmative Opt-In methods, but that could change!

    Want to be the first to know about changes that affect online business? Be sure to sign up for my e-mail list so I can help keep your online business protected so you can focus on the important stuff!

    Want to test your tolerance for legal writing? Check out the actual legislation here.

    Are you a small business owner with a website? Have you heard of GDRP but have no idea what it means or if it applies to you? Click through to learn more about this!!

    At a Glance

    Does GDPR apply to me?

    Yes if you collect, store or process personal data; AND

    • Are located in an EU member country, or
    • You primarily conduct business in an EU member country; or
    • You target residents of an EU country; or
    • You accept the currency of an EU country; or
    • You ship to an EU country

    Check out my video explaining GDPR!

    Emily D. Baker, Esq.

    Emily D. Baker, Esq.

    Badass Lawyer for Online Business

    Emily has been running business for 15 years and has ove 13 years of legal experience. She spent 10 years at the Los Angeles County District attorney's office where she truly learned to be a solopreneur. Emily has built her consulting and speaking business from the ground up, in her garage jamming out to 90's music. She specializes in no BS practical advice for the starting and scaling online entreprenur. Emily will tell you what the business gurus can't in a way that is both hillarious and empowering.

    Contact Emily

    5 + 8 =

    30 Productivity Tips from Entrepreneurs  

    30 Productivity Tips from Entrepreneurs  

    I am  happy to be included in this blog post from Becky Mollenkamp, and I am really excited to share it with you. Becky put together a great lots of Prodictivity tips from entrepreneurs from a wide variety of businesses. 

        Though the tips come from a group of people who go their own way, these tips can be incorporated into anyone’s day to make them more productive! Also I love sharing anytime my name is in print and I didn’t print it myself! 

    Enjoy this great article

      

    As an entrepreneur and small business owner, do you struggle to be productive? Here we have assembled 30 tips from real entrepreneurs on how to be more productive!

      Want to stay in the loop? Join my email tribe!

    Emily D. Baker, Esq.

    Emily D. Baker, Esq.

    Badass Lawyer for Online Business

    Emily has been running business for 15 years and has ove 13 years of legal experience. She spent 10 years at the Los Angeles County District attorney's office where she truly learned to be a solopreneur. Emily has built her consulting and speaking business from the ground up, in her garage jamming out to 90's music. She specializes in no BS practical advice for the starting and scaling online entreprenur. Emily will tell you what the business gurus can't in a way that is both hillarious and empowering.

    Questions for Emily? Just Ask...

    15 + 15 =

    Pin It on Pinterest