Announcements

DreamHost is GDPR Compliant

DreamHost is GDPR Compliant thumbnail

Did you happen to catch Mark Zuckerberg getting reamed this week by members of the European Parliament as he dodged one question after another in one of the most bizarre interview formats of all time? No?

It. Was. Awesome.

Privacy Matters in Europe

Belgium’s Guy Verhofstadt, my new favorite person in the world, asked honest and tough questions that ultimately never got answered. But you can clearly see the fire in his eyes and the passion in his voice for protecting internet users’ personal data.

How can you not love this man? Throughout the entire hearing, I wanted to high-five and hug him all at the same time! And then I’d treat him to a fine steak dinner and we’d be friends forever.

Unlike the countless (and clueless) softballs thrown by some members of our own Congress back in April, members of the European Parliament pulled no punches. They asked educated, pointed questions and made absolutely clear that the safety of user data was paramount among their concerns.

Kapow!

Facebook may have been the subject of this hearing, but Europe’s support of internet user privacy, and indeed the very right to be forgotten, has been a recurring theme in their quest to help EU members have a say in how their personal information is used.

Privacy issues often take center stage in Europe, and nowhere is that more evident than in the many, many pages of the General Data Protection Regulation, or GDPR, which takes effect today.

Related: The History of Internet Privacy

GDPR

Debated for four years and ultimately passed in 2016, the GDPR is groundbreaking regulation created to give EU citizens full control over their personal data on a modern internet that often seeks to monetize and exploit that very same data at every opportunity.

The GDPR gives legal rights to people whose personal data is collected and used by online businesses and other groups. It even imposes penalties against these service providers for misused or mishandled personal information.

You can read the full text of the order at gdpr-info.eu. It’s long and good and, much like this hot dog, should make you feel better about being alive.

Hot Dog!

New Privacy Policy

Over the last few weeks, you’ve no doubt been getting a crapload of spam from anyone who’s ever collected your personal information trumpeting their new privacy policies.

That’s a weird coincidence, right? What are the chances that all of these people got together and decided to make the internet better on their own, all at the same time!?

Never Stop Dreaming!

The obvious truth is that they’re not updating their policies because it’s in your best interest.

They’re doing it because the GDPR is forcing them to, AND it’s financially in their best interest to retain their European users. 🙂

OR, maybe they’re a little more like us! Maybe their Privacy Policy was already in pretty good shape and only needed to have more explicit detail added.

Yes, we’ve updated our own privacy policy to even more explicitly call out our data collection and usage policies. We did this happily, gleefully, and with the utmost respect for your personal data.

You may have noticed we made a conscious decision to not spam you about it, too. You’re welcome.

NEW: Privacy Center

Switches

All current DreamHost users now have access to a new section of their control panel that we’re calling the Privacy Center.

As of today, you’ll be able to use the Privacy Center to set your DreamHost email contact preferences. We’re working to add even more functionality to it in the future – not strictly required by the GDPR – allowing you to specify your preferences for even more control of your personal information.

The goal of our Privacy Center is for you to be able to control as much of your personal information as possible all in one place.

Related: How to Update Your Contact Information and Privacy Settings

Internal Process Changes

How we handle data behind the scenes has changed a bit as well. Without boring you too much, I can say that we’re GDPR compliant “back of house” as well.

For example, we now delete web server log files after 72 hours and will soon be encrypting them altogether.

Domain Registration

Nothing is changing about our free WHOIS Privacy Protection. If you’re currently masking your domain registration details using our privacy settings, those settings will remain in place.

Enom, our domain registration partner, has implemented their own implementation of GDPR’s rules: a gated WHOIS system.

Don't speak, see, hear

Until ICANN pulls its head out of its ass and enacts permanent rule changes rather than panicked last-minute stopgap measures, we believe that Enom’s approach is probably the best way to handle things for the time being.

Related: What Is Domain Privacy Protection?

Europe Only?

GDPR is a European regulation, so if you’re in the U.S., you shouldn’t have to care about any of this, right?

Wrong. Any online organization that provides service to EU members, regardless of where in the world it may be located, is required to treat those members in accordance with the GDPR regulations. That means that GDPR’s ultimate implementation is likely to have some impact on nearly every internet user.

We believe that GDPR represents an advance in the rights of all internet users, and we’ll be applying all of these changes to our entire user base — not just those users located in the European Union.

The Future

The GDPR represents a giant step forward in protecting the personal information of anyone who has ever typed their name or email address into an internet-connected computer.

DreamHost’s vision statement is, and has been, very simple: “People have the freedom to choose how their digital content is shared.”

Personally identifiable information falls under that umbrella, and we’re thankful to — and grateful for — a European Parliament that has seen fit to bring this same sentiment to the global stage.