Have you noticed an uptick of emails from companies like Slack, Google, or PayPal, announcing new privacy policies and terms and conditions? Why the sudden onslaught of updates? The answer is easy. The companies sending these notices are changing their policies to meet the requirements of the European Union’s General Data Protection Regulation (EU GDPR or just GDPR), which will put powerful new enforcement mechanisms into place, starting on May 25, 2018.
If you’re a U.S. resident, or working at a U.S. nonprofit or foundation you may wonder what, if anything, the GDPR has to do with you. Good question. There’s no simple answer for everyone outside the EU. But just as those companies (all of which are based in the U.S.) revisit their policies and practices because of the new law, it’s a good idea for you to do so, too.
First, the GDPR probably applies to you, whether you know it or not. It’s possible – depending on where your clients and donors live, where your data is stored, or where you provide services – that your organization is subject to fines for not following the new law. In this case, compliance is more than just a good idea, it’s required.
Second, the GDPR is a prompt for a worldwide checkup on safe, ethical, and effective data practices. Many of the GDPR’s provisions align with the data governance principles and responsible data practices that we at Digital Impact advocate for in civil society. Think of the GDPR as providing a framework and set of user-centered guidelines about data that may just align with your mission.
Many resources and consultancies are popping up to help organizations comply with the GDPR. Digital Impact is here to help you navigate through it. We’re on the lookout for credible, accessible, and affordable resources with particular resonance to nonprofits, foundations, and civil society. In the coming months with help from our community, we’ll be curating new content, holding conversations about data governance and GDPR, and fostering discussion at digitalimpact.org/gdpr.
Check out our starting list of GDPR resources, send us others that you’ve found, and join the community in conversation. Want to share your view on the GDPR with the world? Become a Digital Impact contributor. And if there are topics, tools, or templates you need but can’t find, let us know. Maybe the Digital Impact community can help.
Lucy Bernholz is a Senior Research Scholar at Stanford University’s Center on Philanthropy and Civil Society and Director of the Digital Civil Society Lab. She writes extensively on philanthropy, technology, and policy on her award winning blog, Philanthropy 2173.
Image by Franck Veschi via Unsplash (CC BY 2.0)