In recent years we've seen a growing awareness of privacy issues, particularly in the wake of Edward Snowden's revelations. The 2015 collapse of the safe harbour agreement (making it illegal to store data on EU citizens in the US) was patched up with Privacy Shield in 2016, but that's on shaky ground too. The EU's tough new General Data Protection Regulations (GDPR) come into force in May 2018, raising privacy & data protection standards enormously, and massively increasing exposure for companies on both sides of the Atlantic.
All too often legal departments have no contact with developers, and the only time the right conversations happen is when something has gone horribly wrong and it's too late. We need to fix this - developers need to be aware of legal responsibilities because it's implementation details that matter, and that's what this talk is all about.
We will cover what makes the GDPR different, how it changes what happens at the developer and sysadmin level, and what steps you will need to take to conform to the standards.
This talk was given at the Dutch PHP conference 2017.