The European Union’s General Data Protection Regulation recently went into effect. This regulation addresses the protection, consent and notification of visitors whose personal data are collected by websites. Because we receive traffic from the EU, this regulation applies to us. This post provides an overview of the changes we made in compliance with GDPR.

  • We published an updated privacy policy. Our privacy policy, available at this link, is readily available at the bottom of our webpage.
  • We added an element in the page footer for cookie consent. A cookie is data stored from a website on a user’s computer while the user is browsing. The Twitter sharing feature on our blog posts is one example of how our site uses cookies. We now explicitly alert readers to our use of cookies and ask for their consent, with the possibility of reading our privacy policy. Readers who do not consent can also turn off the use of cookies within their browser.
  • We anonymized IP addresses. An IP or Internet Protocol address is a numeric address given to a computer connected to the internet. We track IP addresses as part of gathering accurate Google Analytics data. We now record the last three digits of IP addresses as 000, so that they cannot be used to identify the specific location.
  • We accepted new data retention rules from Google. Technically, our data are stored in Google databases, not our own. Following Google’s general guidelines, these data will be deleted after 26 months.
  • We changed text to include our privacy policy when readers sign up for case alerts. One feature we offer readers is the possibility of receiving email updates about actions in merits cases, including new court filings and blog posts. We have only used these email addresses for the specific case updates to which readers have subscribed. This change is simply to provide access to our privacy policy for readers when they do subscribe.

Any questions or concerns can be sent to feedback [at] scotusblog [dot] com.

An earlier version of this post was overbroad in its description of the anonymization of our IP addresses. These addresses are anonymized such that they cannot be used to identify the specific location of a computer.

Posted in Featured, Corrections

Recommended Citation: Andrew Hamm, GDPR and SCOTUSblog (Corrected), SCOTUSblog (Jun. 4, 2018, 1:20 PM), http://www.scotusblog.com/2018/06/gdpr-and-scotusblog/