WPWeekly Episode 298 – GDPR, User Privacy, and More With Heather Burns

In this episode, John James Jacoby and I are joined by Heather Burns, Founder of WebDevLaw. We have a lengthy discussion about GDPR (General Data Protection Regulation), what it is, what’s at stake, and its potential impacts on the WordPress ecosystem. We also discuss the cultural differences between the North American and European views on user privacy.

When asked what she hopes to see as we approach May of 2018, Burns replied:

“I want to see all hands on deck making WordPress a force for good, that people can trust, and that people can be empowered to change for the better. Don’t let the fact that it involves law put you off. GDPR is a toolkit for empowerment, it’s a means for protecting and safeguarding your users in these quite scary times we’re living in. And it will make you a better developer and site administrator in the end.”

For questions related to GDPR or how to make your site or WordPress plugins compliant, please get in touch with Burns. You can also view her presentation on WordPress.TV from WordCamp Belfast, 2016.

Stories Discussed:

WP Site Care Acquires WP Radius

Picks of the Week:

Frontenberg by Tom J. Nowell is a new site that displays Gutenberg to the frontend of WordPress. It allows visitors to tinker with Gutenberg without having to login to a site or install a plugin.

John gave props to Renato Alves who has been working on adding WP-CLI support for bbPress and BuddyPress.

WPWeekly Meta:

Next Episode: Wednesday, December 27th 18th 3:00 P.M. Eastern

Subscribe to WordPress Weekly via Itunes

Subscribe to WordPress Weekly via RSS

Subscribe to WordPress Weekly via Stitcher Radio

Listen To Episode #298:


  1. There’s NOTHING at stake for companies outside of Europe that don’t do business with anyone in Europe.

    We’re in Canada (and have clients in Canada and the US) and have ZERO plans to implement any of this nonsense. We wouldn’t if we had clients in Europe either. They have ZERO jurisdiction here.


    1. But it sure would be nice if the U.S. and Canada would respect its’ people’s privacy. Either adopt the regulations (highly doubtful) or create our own.


      1. We don’t need more regulations thanks…

        This is absolute overkill by a desperate European Union trying to stay relevant. It’s all going away anyways when the rest of the EU splits.

        You might also want to check – Canada has the toughest (and most painfully expensive if you cross the line) SPAM laws on the planet.


    2. This is not nonsense Bob, it’s about protecting individuals. A quote from Heather Burns post on GDPR:

      Shifting political currents – some of which are openly racist, xenophobic, and authoritarian – have put everyday users of online services at real risk. Global geopolitics means that the borders we have always known are changing under our feet. Walls are being built. People are being threatened

      Capitalism doesn’t give a flying f*ck about real people as long as money is made. This is a step in the right direction to balance that out.


      1. Yeah….I actually don’t think much of anything Heather says. She clearly has an agenda (financial) and it aligns perfectly with the whole GDPR thing (since you brought up Capitalism).


  2. GDPR? The European Union is becoming notorious for this kind of poorly devised impotent bureaucratic BS and poorly thought out regulation which does nothing to solve a problem, and annoys the bejeebers out of everyone with half a brain, developers, businesses and users alike.


    1. I do feel that way about the cookie laws and some other initiatives but not with GDPR. What do you propose should be done to strengthen data protections and cut back on businesses storing endless personal data at the expense of users, security and democracy?

      GDPR does appear to increase the burden on storing data, I hope it’s immediate side-effect is that businesses will treat personal data for what it is, not frame it like it as an asset but to treat it like a liability. Every data breach erodes trust and undermines the web, the economy, security, citizens’ power and democracy. And organizations liberally sharing data for corporate and/or political goals are directly and indirectly chipping at society worth living in. So let’s store less personally identifiable data instead.


  3. If those the are critical of GDPR had actually understood what it was about perhaps they would be less critical, it’s all about protecting individuals rights, if you fill in an order form on a website with your personal details, name, address etc, you want to know that a. your details are not going to be easily hacked and b. the website owner is not going to sell your details to other people without your permission, this is the basis for GDPR, now if you are based outside the EU it may be harder to prosecute you for breaking the EU laws but its very easy for the EU to block websites that do not comply.


Comments are closed.