Photographers and GDPR accountability

[Robert Watcher]

We’ve all recognized that many websites that we visit for the first time, provide a notice asking for permission of the use of cookies for the user experience, as well as a link to the websites Privacy and Policy statement page, providing full transparency about the use of any data being stored. There are opt out options, personalized setting of permissions of what is agreed to and what isn’t.

Being that I am starting at a rebuild of my photography website, I wanted to know the implementation and implications related to the GDPR rulings that were enforced this year. This becomes more important to me once I begin selling prints of my Street and Travel photography, and those will be made available to anyone with access to my website. Plus I run a small web hosting company and design custom websites for some of my clients and so there is a responsibility for me to know and comply if needed (I don’t build with Wordpress which has GDPR built in).

I wanted to know if that affected me as a Canadian photographer? What was required of my website as far as Contact Forms, email, mailing lists? If there were any conflicts related to Personal privacy laws and my Street Photography, people photographed at events, guests at weddings? What about use of client images on my website for the purpose of generating more business? Would it be beneficial to implement it on my website regardless, and how do I go about doing that?

So many questions. Many photographers apparently have freaked out about it, and reacted without common sense by deleting everything - others don’t care and are just ignoring —- but I found from my research, that it is beneficial to consider these privacy concerns and full transparency and deletion of info if requested. Regardless of where we live. And it doesn’t have to be a huge thing. A Common Sense approach to the questions I asked above, makes it easy to comply, have respect and consideration for people’s personal information, and yet still have freedom to enjoy my photography and promote it.

For any interested, I thought I would pass on a couple of useful/balanced/common sense articles for consideration:

https://togsinbusiness.com/gdpr-photographers/

https://www.smashingmagazine.com/2017/07/privacy-by-design-framework/


This site contains a free standard website privacy policy template to use on websites (customize to needs):

https://seqlegal.com/free-legal-documents/privacy-policy



————

 

[Asher Kelman]

I know nothing about this regulation.

However in designing OPF we built in granting of limited rights to the site to use the images for the site but not beyond that.

So

1. You need a “hold harmless clause for anyone using your site.

2. Consent to promote your website

3. Have right to exclude images with cause or with no cause

4. No inherent promises, expectation, suggestion, hints or assurance that hosting or posting images will serve any useful purpose beyond providing that storage and visualizing capability, but excluding any promise of positive business reputation or benefits to poster that are not specified by site in writing.

5. Acceptance that hosting images is a service in which there is obvious risk of loss of data due to known and unknown risk factors including but not limited to disk failure, power interruption beyond safety margin of power supply backup, malicious code, flood, acts of God and other unspecified hazards.

6. Release from any charges of libel per quod where other pictures or content in proximity appear to be maliciously placed so as to somehow, by association or inference, insult, disparage or somehow cast aspersions on posted images, the photographer, others somehow referenced or objects, symbols trademarks or persons shown unless a request was made to move such content was ignored 10 days after repeat notice was given in writing and by email to the website manager and also to the regular physical Canadian postal address of the Website.

7. Jurisdiction for disputes shall be solely in the City of ..............., Canada by mediation by a State recognized mediation service. In a case where the website is found to be at fault, then damages shall be limited to 10 times the plaintiff’s payment for the service of the website, unless malicious premeditated criminal intent to harm the plaintiff is proven beyond any reasonable doubt.

8. Separability: in event any part of this agreement is judged illegal by a Canadian Jurisdiction, then only the minimum language to exclude that matter shall be deemed invalid and all other conditions will stand.

Just a few preliminary thoughts!

 

[Robert Watcher]

Asher. My post had nothing to do with your choices for the forum here and past discussions on that topic. Those were related to the Google directed use of https protocol for the security and privacy of ones logging into a website. It is related - but...

...This info I posted is supplied and hopefully useful for any photographer and especially for those who have websites - although probably a majority are using WordPress and so GDPR functionality is included whether they like it or not.

The first article also supplies some great (as far as I am concerned) common-sense answers to our (photographers) concerns about public use of our images of other people, or our ability to take pics in public based on current understandings of privacy laws. While the U.S.A. appear to be uninterested in implementing such privacy mandates - I’m sure many countries will follow suit with the EU. Canada has been working on rights to personal privacy for years and so I can see the possibility here. These rights to privacy are important to me and I want to respect them for others, just I want mine respected.

Sorry for any confusion Asher