I have made no secret of my distain for the ‘GDPR Practitioner Certification‘ badge, and I still have no time for it, or its recipients who pass it off as real-world experience. But what alternatives are there if you want to obtain some form of data protection certification / privacy education?
The de facto standard, and really the only player in town, is the International Association of Privacy Professionals (IAPP), and their flagship badge, the Certified Information Privacy Professional (CIPP), is the most widely recognised and respected acronym you can add to your CV/resume. It’s the equivalent of the CISSP for those of us in the cybersecurity industry.
I have made no secret of my distain (bordering on disgust) for anyone using the GDPR’s ‘administrative fines’ to further their own ends. Whether the ends are selling products, services, or column inches, trying to scare organisations into parting with their hard-earned cash is totally unacceptable and I only hope that most of them have failed.
That said, it is clear from Google (€50M), British Airways (€200+M), and Marriott (€110+M) that enormous fines are now a reality for organisations who egregiously break the law. And make no mistake, they ARE breaking the law. A law that enforces one of OUR fundamental human right.
Anyone who reads my blogs knows that I’m not highly technical. In fact, I have warned organisations against buying technology [for technology’s sake] more than I have ever recommended it. And I will continue to do so until everyone is following the pre-purchase golden rules:
This Saturday marks one year to
the day that GDPR was enforced. 3 things are clear:
- The self-serving scaremongers were, as I suspected, full of $*%&;
- Anyone wondering why there have not been more fines continues to be ignorant of the true intent of GDPR; and
- Interest in GDPR took a nosedive after May 25, 2018
This is a blatant self-promotion, so feel free to ignore it!
I presented today at the BrightTalk Summit ‘GDPR: One Year Later‘: