DreamHost is GDPR Compliant
Did you happen to catch Mark Zuckerberg getting reamed this week by members of the European Parliament as he dodged one question after another in one of the most bizarre interview formats of all time? No?
It. Was. Awesome.
Privacy Matters in Europe
Belgium’s Guy Verhofstadt, my new favorite person in the world, asked honest and tough questions that ultimately never got answered. But you can clearly see the fire in his eyes and the passion in his voice for protecting internet users’ personal data.
How can you not love this man? Throughout the entire hearing, I wanted to high-five and hug him all at the same time! And then I’d treat him to a fine steak dinner and we’d be friends forever.
Unlike the countless (and clueless) softballs thrown by some members of our own Congress back in April, members of the European Parliament pulled no punches. They asked educated, pointed questions and made absolutely clear that the safety of user data was paramount among their concerns.
Facebook may have been the subject of this hearing, but Europe’s support of internet user privacy, and indeed the very right to be forgotten, has been a recurring theme in their quest to help EU members have a say in how their personal information is used.
Privacy issues often take center stage in Europe, and nowhere is that more evident than in the many, many pages of the General Data Protection Regulation, or GDPR, which takes effect today.
Related: The History of Internet Privacy
Debated for four years and ultimately passed in 2016, the GDPR is groundbreaking regulation created to give EU citizens full control over their personal data on a modern internet that often seeks to monetize and exploit that very same data at every opportunity.
The GDPR gives legal rights to people whose personal data is collected and used by online businesses and other groups. It even imposes penalties against these service providers for misused or mishandled personal information.
You can read the full text of the order at gdpr-info.eu. It’s long and good and, much like this hot dog, should make you feel better about being alive.
Over the last few weeks, you’ve no doubt been getting a crapload of spam from anyone who’s ever collected your personal information trumpeting their new privacy policies.
That’s a weird coincidence, right? What are the chances that all of these people got together and decided to make the internet better on their own, all at the same time!?
The obvious truth is that they’re not updating their policies because it’s in your best interest.
They’re doing it because the GDPR is forcing them to, AND it’s financially in their best interest to retain their European users. 🙂
You may have noticed we made a conscious decision to not spam you about it, too. You’re welcome.
NEW: Privacy Center
All current DreamHost users now have access to a new section of their control panel that we’re calling the Privacy Center.
As of today, you’ll be able to use the Privacy Center to set your DreamHost email contact preferences. We’re working to add even more functionality to it in the future – not strictly required by the GDPR – allowing you to specify your preferences for even more control of your personal information.
The goal of our Privacy Center is for you to be able to control as much of your personal information as possible all in one place.
Internal Process Changes
How we handle data behind the scenes has changed a bit as well. Without boring you too much, I can say that we’re GDPR compliant “back of house” as well.
For example, we now delete web server log files after 72 hours and will soon be encrypting them altogether.
Nothing is changing about our free WHOIS Privacy Protection. If you’re currently masking your domain registration details using our privacy settings, those settings will remain in place.
Enom, our domain registration partner, has implemented their own implementation of GDPR’s rules: a gated WHOIS system.
Until ICANN pulls its head out of its ass and enacts permanent rule changes rather than panicked last-minute stopgap measures, we believe that Enom’s approach is probably the best way to handle things for the time being.
Related: What Is Domain Privacy Protection?
GDPR is a European regulation, so if you’re in the U.S., you shouldn’t have to care about any of this, right?
Wrong. Any online organization that provides service to EU members, regardless of where in the world it may be located, is required to treat those members in accordance with the GDPR regulations. That means that GDPR’s ultimate implementation is likely to have some impact on nearly every internet user.
We believe that GDPR represents an advance in the rights of all internet users, and we’ll be applying all of these changes to our entire user base — not just those users located in the European Union.
The GDPR represents a giant step forward in protecting the personal information of anyone who has ever typed their name or email address into an internet-connected computer.
DreamHost’s vision statement is, and has been, very simple: “People have the freedom to choose how their digital content is shared.”
Personally identifiable information falls under that umbrella, and we’re thankful to — and grateful for — a European Parliament that has seen fit to bring this same sentiment to the global stage.