Read the small print!

Small Print GDPR Compliance3.comAnybody with an interest in the internet or blogging will be aware  of WordPress; it’s now estimated that that over 26% of websites use the WordPress ‘engine’.

The underlying content management system (based on a MySQL database) is free and relatively simple to deploy, and some unexpectedly large corporate websites run on the WordPress platform.

Indeed this website runs on WordPress, albeit using a proprietary ‘theme’.

Another advantage of the WordPress platform is the number of plugins that have been and continue to be developed to enhance the publishing or reading experience. Best estimates suggest that there are over 30,000 plugins available, many of them free.

And sometimes, free can prove costly.

As Robert E Heinlein famously wrote (in ‘The Moon is a Harsh Mistress’ in 1966) “There ain’t no such thing as a free lunch.” – often acronymised as ‘TANSTAAFL’.

Which brings is to reading the small print.

Recently the WordPress security firm ‘Wordfence’ – who offer both free and premium WordPress security plugins – reported some dubious code in a popular plugin; they’d been called in to investigate a ‘hacked’ WordPress site that was displaying links to payday loan companies.

The plugin in question had been installed on over 70,000 WordPress sites.

In common with many similar plugins, the T&Cs used text from the standard GNU public licence, but had hidden at the bottom of the text “By clicking the button here below, you agree to the terms and conditions and give permission to place text links on your website when search engine crawlers access it.

Now while, as Wordfence suggest, ‘no sane webmaster would sign up to that‘, how often do we read the full terms and conditions presented to us?

In an article published in 2012 by ‘Which?’ they reported that Apple’s iTunes T&Cs ran to 19,972 words, longer than Macbeth, and Facebook’s some 11,195 words, longer than Einstein’s Theory of Relativity and probably read as frequently.

PayPal’s latest Terms and Conditions (here) – when you factor in its privacy policy, acceptable use policy, eBay shipping services policy and UK billing agreement terms – run to more that 75,000 words, which is slightly longer than ‘The Catcher in the Rye’.

Obviously this is an issue.

Here’s a short, but sobering video.

Few people have the time or inclination to slog through thousands of words of jargon and pseudo legal mumbo jumbo, but there’s light at the end of the tunnel. The new EU General Data Protection Regulation – which come into force on May 24th 2018 (regardless of Brexit) – will bring protection in the form of ‘unambiguous consent’.

Do you know how GDPR will impact your organisation?

Check out our Personal Data Fraud resources under the ‘Resources’ tab at the top right of this site, or get in touch, we can help you.