b'

\\u201cIt\\u2019s quite good to see GDPR as an evolution, not a revolution.\\u201d

The EU is rolling out a huge privacy data regulation policy this Spring, the General Data Protection Regulation, or GDPR. If you do anything with \\u201ccustomer data,\\u201d you should probably at least take a look at it. Companies like Facebook and others who use customer data to work with third parties are gonna have GDPR all up in their grills. In this interviews episode, we talk with Jon Collins who\\u2019s been writing about GDPR of late from his perch in the UK. Jon\\u2019s an excellent analyst and always has incisive takes on enterprise IT related matters, as well as music (sadly, not featured in this episode).

You can now buy Software Defined Talk t-shirts and fill out the contact form with your mailing address if you\\u2019d like some free stickers!

Brandon Whichard, Cot\\xe9, guest Jon Collins.

Show

\\n
• Putting people on the line for data handling problems.
\\n
• Defining legit use for data: like updating on products bought, recommending other things to buy based on past buying. But, when it comes to holding you\\u2019re kid\\u2019s interest and other creepy thing, stuff comes into effect. Can\\u2019t hoard data now, have to justify why you\\u2019re doing it at least.
\\n
• So, sort of: if a third party gets ahold of the data, you need to spell out to the end-user what the data is and how it\\u2019ll be used.
\\n
• They started thinking about GDRP in 2005; it\\u2019s taken then 12 years for them to come up with this.
\\n

Jon on GDPR, and more

\\n
• \\u201cGDPR, a topic about which I feel strangely sad [about]\\u201d
\\n
• Summarize it - ensure data can be encrypted, provide data on-demand, notify of data breaches (but just in unencrypted?), appoint CDO, somehow describe policy to end user (is this a set policy or can organizations differ it?), data must stay in EU (unless protection stuff is done off-shore)
\\n
• How\\u2019d this come about?
\\n
• \\u201cIT professionals expect that compliance with GDPR will require additional investment: over 80 percent of those surveyed expect GDPR-related spending to be at least $100,000.\\u201d (Book of all knowledge)
\\n
• In use: \\u201cFacebook needs to ask people if it can use status posts as input to its advertising engines, whereas Google does not need to know someone is \\u2014 its AdWords algorithms generate information based on search requests, location and so on, without being personally identifiable.\\u201d
\\n
• Meanwhile, \\u201cwe will consent to have our privacy even more eroded than it already is.\\u201d What exactly should we care about with data privacy: how does an individual think through what Facebook does, Axcion, Target, the government, foreign governments, etc. - aka, Jon vs. The McNealy Privacy Principal (it\\u2019s dead, get over it).
\\n
• Generalizing to Jon\\u2019s five rules of cyber security.
\\n

Background

\\n
• Covering tech: \\u201cIt\\u2019s a conundrum: when to say something out loud, even if it\\u2019s been said before?\\u201d
\\n
• @jonno
\\n
• Jon\\u2019s author page on Amazon
\\n
• Newsletter
\\n
• Podcast
\\n
• Gigaom Column
\\n

Credits: header image from warrenrandalcarr.

Special Guest: Jon Collins.