[GLLUG] Charity WiFi, a bit off topic

James Roberts j.roberts at stabilys.com
Wed Mar 28 09:38:14 UTC 2018

On 27/03/18 17:14, Marco van Beek via GLLUG wrote:
> Most of the technical requirements of the GDPR have been law since 2003. 

No that's not quite right.

It's been in force for just under two years, but there has been a 
moratorium on enforcement which expires on the 24th of May 2018.

The thing in force since 2003 is the Data Protection directive, which 
dies on the 25th. Much of it is similar, but there's the 'buts'

> It's just that the fines are going up by a lot so people are finally 
> paying attention.

Yes, but it's not just that. There's much more stringent requirements 
and there's no exclusions for small organisations (some still believe 
there are, due to a proposal in the drafts - the final issue now only 
excludes the requirement for some documentation for companies <250 

> Running an insecure network that holds personal sensitive data could be 
> considered negligent and the directors of the organisation could be 
> prosecuted.

Just so, and they will try to shift the blame to some scapegoat in IT. 
Or a contractor.

> It's a bit like Y2K all over again. There are consultants out there are 
> making a small fortune out of companies that should have known better.

Too true. There's loadsa bull, but a real issue or two, and most at the 
very SMB end don't even seem to know it.

I'm a consultant, though just IT general, not in GDPR, but have had to 
bone up on it to save my clients/myself. No one has paid me a 
€cent/dime/penny to do so, so far...



Stabilys Ltd		www.stabilys.com
244 Kilburn Lane
W10 4BA

0845 838 5370

More information about the GLLUG mailing list