In this episode with Donata Stroink-Skillrud from the Termageddon.
More info on Donata and Termageddon
Santiago Leon 0:10
Donata Stroink-Skillrud 1:29
Thank you so much, very excited to be here and very excited to talk to you about privacy. I met
Santiago Leon 1:35
you at wordcamp, Miami, almost a year ago before the pandemic and you had a wonderful presentation. It really like when I saw that presentation at wordcamps. Like, I’m going to skip the CSS workshop go to this one. Tell me a little bit about yourself.
Donata Stroink-Skillrud 1:55
Santiago Leon 2:57
And of course, in recent current events, the major, major news when it came to private policy was in Europe with GDPR. And that’s something that we’ll get into later in the show. First toes I mean, tell us about your company and the services that it provides.
Donata Stroink-Skillrud 3:18
Santiago Leon 4:30
And this is very important. Like, you know, each company or a you know, every industry needs a Pacific customized disclaimer text or any type of policy tells the importance of how custom these policies should be.
Donata Stroink-Skillrud 4:46
Santiago Leon 6:22
and target and does all that I actually met some people that do copy and paste of competitors. So it’s quite interesting. The whole dynamic if you do that, anyways, um, as we mentioned before, GDPR was news about two years ago, I believe, it’d be less than that, um, how much of an impact has that been so far? And how do you provide services for that? Yeah, so
Donata Stroink-Skillrud 6:47
GDPR has been a hot topic for a while now. And it’s actually one of the most like misunderstood privacy laws of all time, I would say, especially for us based businesses. So a lot of people have this idea that, you know, okay, I have this website, and people from Europe can go on to this website. So that means I need to comply with GDPR. And that’s really not the case. So, you know, if you have a website that’s accessible from the EU, that’s not enough to make you comply with GDPR. So, you know, real quick, you need to comply with GDPR. If you meet one of three factors, so one, you’re located in the European Union. So if you’re already there, then you know, you need to comply with that law, to if you offer goods or services to EU residents. And, you know, that would mean providing your website in French, for example, or shipping to France, or providing directions to your office from France, you know, or if you’re tracking the behavior of EU residents online, and that’s where most websites get caught up. So you know, websites that have Google Analytics, or any other type of analytics service would be considered tracking the behavior of E residents online. And that’s when you need to comply with GDPR. And I think, from my perspective, at least, what I’ve seen with GDPR is one, it kind of brought privacy to the forefront of people’s minds, especially business people. It’s a law that’s very highly enforced. I mean, there’s constantly new cases, and constantly new fines being issued for GDPR non compliance. So it’s really kind of brought privacy to the forefront a lot of business owners. And then another kind of shift that I’ve seen is the cookie pop up notice, you know, so agree to the cookies, or give us your consent to us collecting cookies. Those are really the main shifts that I’ve seen with GDPR. I mean, almost every website now has the cookie pop up notice whether or not they actually need it, or whether or not it’s actually compliant.
Santiago Leon 8:58
And and I’ve noticed that a lot when I visit European new sites. I’m a huge European sports soccer fan. And I every time I go to their website, they always prompt me with a notice step cookies or accept privacy. I’m not sure if I have to do that every time in Europe, or is that just something that? I mean, I’m from the US I and and I have to click it all the time? I don’t know.
Donata Stroink-Skillrud 9:22
Yeah, so depends on the setting. So some websites will store your consent settings for a while. But you can’t store the consent settings forever, that’s not compliant with the law. So you know, periodically, they have to ask for your consent again. And one thing that I do have to say for anyone that’s listening is, you know, just having a cookie consent checkbox is not all that you need. So you can’t just go and download some random plugin and put up the consent checkbox and then you’re done. There’s some criteria that needs to be met by that consent. So If you go to a website and you see, you know, we collect cookies and the only button, the only choice that you have is accept, that’s actually not compliant. So consumers need to have the ability to deny those cookies. So on your website, non essential cookies should be disabled by default. And non essential cookies are cookies that are not necessary for, for your website to function. So a great example of that would be Google Analytics. So if you need to comply with GDPR, non essential cookies must be disabled by default. And then essential cookies are enabled by default, and you don’t need to get consent for those because otherwise your website wouldn’t work. But when it comes to non essential cookies, you need to give people an actual choice. So there should be an Accept button. And there should be a deny button. And you know, you can just say accept or by using this website, we assume that you’re okay with this, unfortunately, that’s not compliant. So whatever plugin or cookie consent solution that you’re using, make sure it’s actually compliant with the law, and make sure that it actually gives someone a clear choice of, you know, accept or deny.
Santiago Leon 11:14
And how has the I mean, has the EU added more more laws to this GDPR situation where like, every year, like the website has to up, like update their, like their wording a bit? Is that something that you’ve seen?
Donata Stroink-Skillrud 11:32
Santiago Leon 12:14
stateside, I know, I’ve been hearing certain states want to implement something similar to what they did in the EU, I believe California was one of them. Have you seen this going on? I mean, we’ll be implemented here in the States? Or do you think we’ll be, you know, certain states that will probably be asking for you to do some type of consent?
Donata Stroink-Skillrud 12:35
Santiago Leon 14:56
No, no. How would it look like obviously if we did this Say side, similar to over there in Europe, would it be, you know, like all in one paragraph and just hit accept or or we’ll have to hit it twice. I said, Okay, the US accept and then Europe accept Is that something that you foresee happening or just be one, one statement?
Donata Stroink-Skillrud 15:19
Santiago Leon 16:20
Yeah, that makes sense. And especially when it comes to like, website, aesthetics, you know, if you’re keeping the user for like a, you know, more than 10 seconds, except in policies, they’re probably going to go and exit to another website or something. Yeah, makes perfect sense. Um, are you still seeing websites that are not putting any privacy statements a lot? Or you’re seeing majority of them? Like, I mean, I’m placing this statements on their website?
Donata Stroink-Skillrud 16:53
I think it depends on the industry, right. So I think some industries are a lot more in tune with what’s happening right now. So we have a lot of clients, all of whom use our service to create privacy policies, I’d say, you know, some of the industries that are more forward thinking, you know, real estate, we see a lot of real estate agents creating privacy policies now, because a lot of people are moving in between states or in between countries. So they get a lot of form submissions from other places. So that’s, you know, kind of one industry that I see that’s leading this effort. I also see a lot more website designers and website design agencies create their privacy policies, which is awesome to see. And I think that’s because they’re familiar with the technology. And they kind of, they’re always one step ahead. And you know, what’s really interesting is one industry that I see that’s really behind, and I think this is kind of the cobblers children have the worst shoes kind of syndrome. But lawyers, I see a lot of law firms, you know, that practice and like employment law, or like personal injury that don’t have privacy policies, which I think is very interesting, to say the least. And it kind of just shows, you know, how us attorneys have different focuses in different areas. You know, so an attorney that knows about privacy probably won’t know about personal injury, than an attorney that knows about business contracts probably won’t work too much in privacy. And, you know, I think that’s very interesting to note as well.
Santiago Leon 18:31
That’s the price. We mentioned lawyers. So it’s quite interesting. Um, as we spoke earlier, within, like, early on, you speak at work camps. Tell me your involvement with WordPress, and the WordPress community?
Donata Stroink-Skillrud 18:50
Sure. Um, so I’m a huge fan of WordPress. Our main website is actually built on WordPress, and I have never been able to find a community that’s anywhere near the involvement of WordPress, right. So, you know, I’m part of the American Bar Association, the International Association of privacy professionals, which are really great organizations. And I mean, you learn a lot, right, and you meet a lot of people. But I feel like the WordPress community is the one community where I’ve actually made friends that I’ve kept in touch with, which is really amazing. And, you know, not being able to go to word camps in the last year has definitely been difficult. Since, you know, that was a huge thing that we were doing. We’re doing a lot of word camps. And I was speaking at a lot of word camps. And I’m doing a lot of virtual speaking events now. But I absolutely miss seeing all of my friends who live in like different states and stuff that I met through word camps. You know, so I think it’s an awesome community and I hope that we’re all able to kind of meet up in person soon.
Santiago Leon 19:58
I agree. I think in person is better than a video call. Tell us about your company, your services, which you provide, I see that not just websites, but also applications. But just to reiterate, tell us what platforms that you can help out business owners to have a website or an app and reiterate that. So
Donata Stroink-Skillrud 20:22
yeah, so we do work with websites and applications. And really, we work with any business that collects personal information. So if you have a contact form that collects names, emails, phone numbers, addresses, anything like that, if you have email newsletter, signup forms, if you have like account creation forms, if you’re using analytics, services, stuff like that, that’s where we can help you create your policies and keep them up to date.
Santiago Leon 20:50
Something very important for all of you guys, I, you know, I added some stuff on my WordPress site, obviously, I’m not a big company, but I know that I like my, like my private private policy that WordPress provides, which is very generic, which might be a bad thing. You might not as you might think that’s probably a bad thing. Um, tell us about WordPress and the resources, the resources that they provide for for private policy that you’ve seen so far?
Donata Stroink-Skillrud 21:23
Santiago Leon 22:12
Donata Stroink-Skillrud 22:37
I think Facebook is always going to have issues over privacy, you know, they want to make money, and they sell data. And that’s how they make their money. So they sell it to, you know, advertising companies and anyone that will essentially buy it. And, you know, I think Apple is attempting to position themselves in the market as a privacy focused company. And that’s actually a huge differentiator right now between competitors, is the caring about privacy, and people will use certain products more over others because of privacy concerns. So I think Apple’s trying to bank cash in on the fact that more and more consumers care about privacy. And I think to them, it’s kind of a PR move more than anything else. And I think Facebook has had a lot of issues with privacy for a very long time. Will they ever kind of dig themselves out of this hole that they put themselves into? I’m not sure. I mean, Facebook is the reason why we have certain privacy laws because of the Cambridge analytical scandal. And because Facebook CEO refused to show up for hearings or was, you know, disrespectful to lawmakers. So we’re kind of in this patchwork of privacy laws that small businesses have gotten caught up into thanks to Facebook. So I think they just have a lot of bad feeling from from lawmakers and legislators. And I don’t think they’re kind of doing enough to take that back.
Santiago Leon 24:11
Yeah, it’s quite interesting with Facebook, and they’re calling Apple their competitors, which I guess you can say that, um, but I could definitely see Facebook, possibly reintroducing their own phone, their own hardware, but that’s a side tangent.
Donata Stroink-Skillrud 24:25
I’m not sure if anybody’s gonna buy that. I certainly wouldn’t. Knowing that all of that data would be potentially scraped and sold to marketers, you know,
Santiago Leon 24:34
Donata Stroink-Skillrud 24:35
I’m not sure if I would sign up for that.
Santiago Leon 24:37
Yeah, yeah. be interesting. Who will answer it like everyone’s in trapped either an apple or like Android on platform, so it’d be it’d be interesting. Anyways, uh, the nada what is the best way to reach you and to find out more about your company?
Donata Stroink-Skillrud 24:52
Santiago Leon 25:17
And I love it. It’s funny cuz your privacy prompt has like three options. It says use assert cookies only allow a collection or allow all cookies. So it’s, I mean, I’ve never seen that. That’s, that’s great.
Donata Stroink-Skillrud 25:35
So that cookie pop up is actually provided by a company called cookie bot. So we don’t provide our own cookie consent pop ups, but I do recommend that you check out either cookie bot or user centrix. They both provide really good products and I believe they’re both have WordPress plugins too.
Santiago Leon 25:53
There you have it. This is a privacy podcast, very unique. I love it. I think it’s very important for anyone that’s watching this for their website. Of course a lot of listeners are website owners are WordPress fanatics. And this is something that you’re going to have to follow in these couple years not going away anytime soon. And there might be some more stuff coming up in the near future. The Nona I appreciate you coming on to the to the SAM productions. Any closing words before we go?
Donata Stroink-Skillrud 26:19
Santiago Leon 26:27
Precisely. Thanks for coming on.
Donata Stroink-Skillrud 26:29
Thank you for having me.
Transcribed by https://otter.ai