Dan Raywood kindly invited me to participate in an Infosecurity Magazine webinar on the eve of GDPR Day. Like most of the data protection and privacy crew who were on the radio, telly, conference room stages, and internets, I was focused on the fact the 25th is the first day for enforcement and not (like Y2K) a day when organisations either expected to survive or die…
…though the immediate fallout has been far from, uhhh, trivial:
All (depending on your perspective) vindicating the human rights and harmonisation principles that this was built on, while flagging where lip service was paid to pre-existing rules. But also highlighting the shamefully poor quality of a lot of advice provided, both by consultants and by law firms. People who have, either through ignorance, or misplaced aversion to risk, suggested a scorched earth approach to dealing with people in Europe, or a Rambo-like charge towards reconsenting people they needn’t/shouldn’t contact, or should have forgotten a long time ago.
But I digress (keeping a mental note of things to discuss another time). This is what I said to Dan and his Infosecurity Magazine audience. Directed both at those who aren’t the ‘C’ word yet and those who don’t know know where they are or where to go next. All circling around effective risk based prioritisation, and false starts that have tripped many people up. Kicking off with Eduardo Ustaran’s expertly summarised GDPR origin story: The Eve of GDPR: The Ship is Sailing, Get On Board (requires website registration and my part starts at 22:11).
Fabulously, all the feedback on the day was great. Mainly five stars and saying it was timely and valuable, so hopefully, unless you’re happy to say you are 100% *cough*, it might ring some bells for you too.
And here, as promised on the day, are the GDPRDay – Take Stock and Carry On slides, including links to the source of some resources I shared.
(Apology in advance to listeners for my sound quality. Despite replacing landline kit with something state of the art, you can’t really mitigate for ropy copper, and web audio wasn’t an option).