GDPR and Why I Decided to Kill Off My Newsletters

You’ve probably received a lot of emails in the last month related to privacy policy updates. This was all in response to the GDPR privacy laws.

I had zero interest in figuring out if my sites might be in violation of a privacy law because someone in Europe decided that I wasn’t fully compliant. I do, however, run several websites, and many of the visitors come from Europe. So I spent a few hours reading what I should be concerned with and I was still confused.

My big take away was there were 3 things I could do to greatly reduce my risk of being in violation of GDPR.

  1. Post a Privacy Policy, which I did for all my main websites. There are now tools built into WordPress that assist with this process as well as data collection tools for readers.
  2. Anonymize Google Analytics tracking. You can either anonymize or annoy. Annoy means putting up overlays saying you are collecting cookies. As a user, I hate those, so I choose the anonymize route. The WP Disable plugin has a checkbox option to anonymize Google Analytics data.
  3. Make sure all your newsletter subscribers agree to receive any marketing related material from that newsletter that they already signed up for. I wasn’t sure what my users agreed to or if my content could be defined as marketing. MailChimp had custom forms to get consent, but I could not tell from their dashboard which users agreed to the consent form. Did they need to agree? It was not clear.

So, I decided to kill off the newsletters for the 3 websites I have that use MailChimp. It is not worth the risk or effort. Plus, I dislike making them. I’d rather work on a new post than craft some clever email that inspires the reader to first open the email and then to follow a link from that email.

I know that Tim Ferriss and some of his guests swear by the newsletter. Maybe it makes more sense when your traffic is at a super high level? Perhaps if I had a personal assistant, I would task them with this tedious task. But I don’t.

My site gets between 4,000 – 7,000 visitors a day. The newsletter had around 800 subscribers. That is low, but I refuse to use pop-ups to harvest emails. My personal code is to never implement something on my website that I would hate as a user. Of those 800 subscribers, only 15-20% even open the newsletters and only 4% click on a link. 4% of 800 is 32 people. Totally not worth it. Not worth my time or any future legal risk because I didn’t follow European laws to the letter.

My plan is to sit this out for a year and reassess. The GDPR lawsuits have already started. They are going after the big players such as Facebook and Google first. How far will it go? Beats me. Some American newspapers, who we can assume have qualified legal counsel, have started blocking access to their websites from Europe. It isn’t worth the risk to them.

If you want updates to this site, use RSS. A tweet with a link will also go out on the @CriticalMAS Twitter account for new posts.

I also concede that I might be overreacting, but I’m all about reducing unnecessary risk. I’ll watch from the sidelines for a year. My sites aren’t going anywhere.

Photo by Dennis Skley

1 Comment

Add yours

  1. MAS

    Congratulations on the new domain.

    As someone who works in the privacy space, I can confirm what a trouble GDPR has been and how much uncertainty remains even after May 25.

    “Anonymize over annoy” is a great principle when you can implement it.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.