The State of GDPR: Common Questions and Misperceptions
By Troy Hunt and John Elliott
Course info
Course info
Description
In this course, The State of GDPR: Common Questions and Misperceptions, John Elliott and Troy Hunt discuss the common misperceptions that surround the General Data Protection Regulation (GDPR) and address many of the questions the regulation has raised since it went into effect. Learn the objectives of GDPR, how organizations are accountable for data, the rights of the data subject, and the global impacts of the regulation. By the end of this course, you’ll have a better understanding of both the purpose and scope of GDPR.
About the author
Troy Hunt is a Microsoft Regional Director and MVP for Developer Security. He's a regular conference speaker, frequent blogger at troyhunt.com and is the creator of the data breach notification service known as “Have I Been Pwned”.
More from the author
About the author
John Elliott is a data protection specialist. He helps organizations comply with regulations in a sensible and pragmatic way, balancing business needs, risk and regulations.
More from the author
Section Introduction Transcripts
Course Overview
Hi this is Troy Hunt. I'm an internet security specialist, and I am especially interested in people's online privacy. I'm especially interested in that now that GDPR has hit. And my name is John Elliott. I'm a data protection specialist, and I help organizations, and especially IT teams, comply with regulations. I'm a qualified Data Protection Officer with a technology in information security background. I recently traveled to London and teamed up with Jon to record a course on the common questions and misconceptions about GDPR, now that we're seeing it in action; and it was only a couple of weeks after the regulation came into effect that we had this discussion. We talked about the false steps that organizations made in the run-up to GDPR becoming effective, and put right some of the popular misconceptions you can find all over the internet. In particular, we looked at how GDPR makes organizations be clearer about what they do with people's data, and how GDPR often just means doing the right thing, because of GDPR's core focus on the basic rights of individuals. I was really interested in things like just what sort of fines organizations will get for privacy violations, and to that effect, how will GDPR actually extend out to other countries beyond those EU member states? So for example, will a company in South Africa dealing with traffic infringements really be subject to GDPR just because someone from Europe travels down to South Africa and gets themselves a speeding ticket? So we took out our crystal ball to predict how GDPR will be enforced, and whether the internet is right to claim that an organization will really face a penalty of 20 million euros for using CC rather than BCC when they're sending out emails. More seriously, Troy and I talked about how to separate GDPR truth from GDPR fiction, and where you can find reliable information and advice online. Please join us in this Play by Play, where John and I unravel in a very practical sense, what GDPR means now that it's actually here.