In recent years we've seen a growing awareness of privacy and security issues, particularly in the wake of seemingly endless data breaches and Edward Snowden's revelations. After many years of inconsistent legislation, the EU's powerful General Data Protection Regulation (GDPR) came into force in May 2018, raising privacy & data protection standards dramatically, and increasing exposure for companies both inside and outside the EU.
GDPR's effects are being felt around the world, helping users to regain control of their own data both inside and outside Europe. As part of this, privacy by design provides a primary line of defence between companies and terrible headlines. All too often legal departments have no contact with developers, and the only time the right conversations happen is when something has gone horribly wrong and it's too late. We need to fix this - developers need to be aware of legal responsibilities because it's implementation details that matter.
This talk covers security vs privacy, what's in GDPR, controllers & processors, data protection rights and principles, privacy by design, and more, and it's rumoured there may be a guest appearance by Privacy Spiderman...
(This is a scheduling change from the original TLS configuration hands-on session)
When not working on smartmessages.net, supporting 1CRM, writing & pentesting for Radically Open Security, or acting as a data protection officer (DPO), I'm the maintainer of PHPMailer, a top-10 PHP project on GitHub, and probably the world's most popular email sending code. I'm a contributor to many other open-source projects, and I wrote the HTML5 email address spec. I'm an accomplished PHP coder, Linux sysadmin, technical writer, and MySQL DBA. I'm a strong advocate of digital rights and privacy - I love GDPR - and you can catch me campaigning on that front as my alter ego - Privacy Spiderman! I've been speaking at technical conferences around the world since 2006. I live in the French alps with my wife, kids, cat, guitars, bikes, and far too many skis.