What parts of the GDPR are most relevant to you?

One way to become familiar with the legislation is to read it from beginning to end. Consisting of 88 pages of PDF and over 55,000 words, the GDPR is not a fast read. Nor, having read it, are you likely to hold it in your head. What if you could skip to the parts that are most interesting for you? This post suggests a simple approach to doing just that. Continue reading “What parts of the GDPR are most relevant to you?”

Who wants to be a DPO?

Although the trend is not apparent at the time of this writing, I expect to see a lot of listings for positions as DPOs (data protection officer) in the near future. If you’re being considered for such a position, I assume you are familiar with the GDPR. Suppose you have an interview and get an offer; what should you consider before accepting the job? Specifically, are you willing to risk financial liability for it?  Continue reading “Who wants to be a DPO?”

Considering the GDPR as a whole

Should versus shall

Sitting down to read through the GDPR is not a casual undertaking, but initial skim-throughs left me wondering about the word should, which one encounters often in the text of the legislation. It seemed odd to me that legislation should merely suggest behaviors and outcomes; I had assumed that legislation is a recital of what you must (or must not) do.

It might be useful to compare the frequency of words like ‘should’ and ‘shall’ (known to English grammar as modal or auxiliary verbs) in the GDPR in order to understand the intentions of its creators. What are they trying to convey with their use of these different modal verbs? Continue reading “Considering the GDPR as a whole”