Again, lots of new additions to the GDPR portal with a focus on practical guidance and resources to help your organisation meet your compliance requirements.

We’ve added a link to Ireland’s Data Protection Commissioner’s site on the useful GDPR links page, along with links to some specific content – Guidance for Data Controllers and Guides for Direct Marketing.

We think it’s worth watching what advice and guidance Ireland’s DPC issues and ultimately how it interprets and administers GDPR and punishes breaches and non-compliance.

As Ireland is the EU home of several large tech firms, it will likely be the supervisory authority ultimately dealing with cross-border issues where several national regulators may be involved.

It is the EU’s intent that there should be co-operation amongst national regulatory bodies and some consistency in approach to penalties and fines associated with breaches of the GDPR, so we would expect Ireland’s Data Protection Commissioner to be a significant player in determining how GDPR is interpreted and administered. We’ll be keeping a watching brief on our neighbours across the Irish Sea.

Another recent addition is some guidance from the office of the European Data Protection Supervisor. This is the body that oversees data protection for the many European Union institutions and bodies – including the European Parliament, the European Commission, the European Central Bank and the Court of Justice of the European Union (CJEU) among others.

If you are looking for ‘best practice’ for GDPR compliance, the EDPS is a good place to start. It’s a pretty safe bet that whatever the EU’s independent supervisory authority comes out with should be fairly sound.

The bureaucrats in Europe have had a long time to think about GDPR, without the pressures of time and budget that exist in most commercial organisations

You don’t have to be a legal expert to surmise that incorporating EDPS guidance (and documenting it as such) in your data protection risk assessments and policies could be a good approach and might well weigh in your favour in the event of any investigation, compliance issues or potential penalties further down the line.

We’ve also updated our Cookie Policy page to include some additional links on controlling cookies for various browsers and we’ve added a couple of video explainers – one from Google on cookies and one from the Internet Advertising Bureau which gives a brief overview of how online behavioural advertising works.

For those of us who work in IT or data protection, it’s easy to forget that the vast majority of internet users have much more interesting things going on in their lives than GDPR compliance and may not be as au-fait as we are with session and persistent cookies, ad networks, behavioural advertising, segmentation, dynamic retargeting, pixel tags and web beacons.

While your cookies policy and privacy policy pages may not be the most visited pages on your site, they might be two of the most important.

If you have been keeping up to date with Google’s recent pronouncements on data privacy and GDPR compliance, you’ll know that there will be strict requirements for anyone running websites that use Google’s services.

Google and the other big tech companies know they will be on the front line when it comes to compliance with GDPR. A cynic might suggest that the EU could have drafted GDPR as an alternative to raising taxes from US ‘big tech’ as much as to protect the privacy of EU citizens.

Whatever the EU eventually does about GDPR compliance, smart webmasters know that compliance with what Google wants is your number one SEO priority.

So cookie compliance for EU users and sound, Google-compliant cookie and privacy policies will be pre-requisites for maintaining your rankings and quality score!

If you have any comments on the content so far or suggestions for content ideas for the site, just leave a comment below or email us and let us know your thoughts.