GDPR, Google Chrome and https - what’s happening to your website

It would be difficult not to know about the EU’s General Data Protection Regulation implemented on 25th May, 2018. As a subscriber you will have received numerous requests to consent to receive future emails from various companies and organisations.

As a website owner you have had to ensure that your company or organisation will comply with all aspects of GDPR, especially in respect of privacy and data protection. You will have published  a website privacy notice in which you will have made a statement similar to:-

“We respect your privacy and are determined to protect your personal data. The purpose of this privacy notice is to inform you as to how we look after your personal data when you visit our website (regardless of where you visit it from). We’ll also tell you about your privacy rights and how the data protection law protects you.”

While all this has been happening Google continues its campaign to make the Internet more secure by persuading developers to switch their websites from the http protocol to the more secure https.

The reason for this campaign is that, under http, communication between your website and an individual’s browser is in plain text which can be read by any hacker with the ability to intercept that Internet traffic.

However if your site uses https, then that communication is encrypted and cannot be read in transit.

The sort of information that a hacker would want to intercept would include your name, email address, passwords and financial information such as credit card numbers.

As ever Google variously uses the stick and carrot approach to persuade developers to switch to https. Https now counts towards your Google ranking (carrot). After July 24th when the latest version of their Chrome browser started to be introduced, Google will warn your site’s visitors that it is “Not secure” if it uses http, while the https version shows a padlock and “Secure” (stick).

What is that “Not secure” warning going to do to your visitor numbers?

Whatever you have said about your intentions in your privacy statement, Google is warning people not to visit your site, not to give you any personal information and certainly not to give you access to their credit card.

So, if you have a website and have not updated your website to https, do it NOW!

Website visitors, simply heed Google’s warning about sites not being secure and stay safer.