The State of GDPR: Common Questions and Misperceptions

Course Overview
Hi this is Troy Hunt. I'm an internet security specialist, and I am especially interested in people's online privacy. I'm especially interested in that now that GDPR has hit. And my name is John Elliott. I'm a data protection specialist, and I help organizations, and especially IT teams, comply with regulations. I'm a qualified Data Protection Officer with a technology in information security background. I recently traveled to London and teamed up with Jon to record a course on the common questions and misconceptions about GDPR, now that we're seeing it in action; and it was only a couple of weeks after the regulation came into effect that we had this discussion. We talked about the false steps that organizations made in the run-up to GDPR becoming effective, and put right some of the popular misconceptions you can find all over the internet. In particular, we looked at how GDPR makes organizations be clearer about what they do with people's data, and how GDPR often just means doing the right thing, because of GDPR's core focus on the basic rights of individuals. I was really interested in things like just what sort of fines organizations will get for privacy violations, and to that effect, how will GDPR actually extend out to other countries beyond those EU member states? So for example, will a company in South Africa dealing with traffic infringements really be subject to GDPR just because someone from Europe travels down to South Africa and gets themselves a speeding ticket? So we took out our crystal ball to predict how GDPR will be enforced, and whether the internet is right to claim that an organization will really face a penalty of 20 million euros for using CC rather than BCC when they're sending out emails. More seriously, Troy and I talked about how to separate GDPR truth from GDPR fiction, and where you can find reliable information and advice online. Please join us in this Play by Play, where John and I unravel in a very practical sense, what GDPR means now that it's actually here.

Introduction to GDPR
Hi everyone, I'm Troy Hunt. I am here today with John Elliott, and John, we're going to be talking about GDPR and particularly things around common questions, misconceptions; and just for a sense of context, we're recording this 13 days after GDPR has actually hit, and also for context, yes I'm Australian, but I am in Europe at the moment. We're in London recording this, so GDPR is the hot topic here. Tell us about yourself and I know you've got to do the disclaimer as well. Yeah, so about myself. I've started off in information security, I've been an information security pro for a long time, and one day I had a row with a lawyer about Data Protection law, so I thought, you don't understand technology, I bet I could understand law. So I took myself off and I got a privacy degree, and so I combined information security and privacy at the same time. I'm currently the Data Protection Officer for a major brand in Europe. I have to have a disclaimer, which is this is a, Troy and I are going to have a general chat about GDPR, this is not legal advice. If you need legal advice about GDPR, then talk to a qualified lawyer in your own jurisdiction.