Digital Podcast

Why American Authors Don’t Need to Worry About GDPR


Join Now to Share


Novel Marketing show

Summary: Chances are, you have received dozens of emails about GDPR over the last couple of weeks. You may have heard some authors freaking out about it, afraid that if they don’t comply, they will be thrown into a European dungeon.<br> In this post, I am going to explain what GDPR is, why you don’t need to worry about it, and why you may want to follow it anyway.<br> Disclaimer: I am not an international law lawyer. I’m not even a regular lawyer. Reading this post is not a substitute for seeking specialized legal counsel.<br> What is GDPR?<br> <a href="https://en.wikipedia.org/wiki/General_Data_Protection_Regulation">GDPR</a> is the General Data Protection Regulation. It is an <a href="https://gdpr-info.eu/">88 page EU regulation</a> passed by the European Parliament in 2016. It takes effect on May 25 of 2018. According to the EU, the law applies to the whole world (more on that in a bit).<br> GDPR Requires European Authors to:<br> <br> * Collect explicit informed consent from email subscribers or any reader whose data is being captured. This means opt-in checkboxes cannot be pre-checked and readers need to know exactly the kind of emails they will be receiving ahead of time.<br> * Provide a privacy policy on their website.<br> * <a href="https://gdpr-info.eu/">88 other pages of requirements</a>.<br> <br>  <br> Why American Authors Don’t Need to Worry About GDPR<br> <br> TL;DR: The EU is not the United Nations. They are not the government of the world. They are the government of Europe. Their laws apply to European citizens and European companies. If you are not a European citizen or company, they can’t force you to follow EU regulations.<br> Reason #1: The United States Won World War II<br> Just because a foreign country passes a law, it doesn’t mean you have to follow it.<br> As an American, you are protected by the American government from foreign laws. Another country cannot do anything to an American citizen in America without the US government’s consent. Remember, <a href="https://en.wikipedia.org/wiki/United_States_military_deployments">American troops occupy Europe</a>. Not the other way around.<br> American companies with a nexus in the EU absolutely need to comply with the GDPR, because the EU can go after their EU office directly. But if you don’t have employees or an office in the EU, how can the EU force you to comply with their law?<br> The EU has to ask America nicely.<br> <a href="https://en.wikipedia.org/wiki/United_States_withdrawal_from_the_Paris_Agreement">If the US won’t work with the EU on an issue like climate change</a> when a specific agreement was already in place, why would it work with the EU on an issue like the GDPR, that has no specific treaty?<br> To my knowledge, There is no treaty between the EU and the US that specifically references the GDPR.<br> The hope of the EU is that one of the existing treaties might work. But these hopes are neither proven nor tested in court. The GDPR has not even been tested in an EU court yet, much less in American court.<br> Fortunately for the EU, most of the companies that matter (Apple, Google, Amazon, Facebook, etc.) have offices in the EU. So the EU doesn’t need a treaty to force them to abide by the GDPR. This is why you are getting so many emails about GDPR from big companies. These international companies are European as much as they are American.<br> Reason #2: American Authors Are Too Small to Target<br> There is a principle when it comes to regulation that “the tallest blade of grass gets cut first.”<br> The GDPR is a law designed to go after international companies like Facebook and MailChimp.  If you are violating GDPR with your Facebook account, the EU is much more likely to go after Facebook than it is to go after you. These big companies have a nexus in the EU and money to pay the fines.<br>