Oddbean new post about | logout
 One of my least favourite jobs is cleaning up after someone else has done a poor job.

Unsurprisingly, no-one wants to pay for something twice, even if they recognise that the first job wasn’t up to it.

Ah, one of the joys of being a data protection lawyer.

It would be so much easier if people were honest in terms of their capabilities. 
 The GDPR created an industry around data protection, and a lure to some of perceived easy money. Anyone can “do data protection”!

Anyone can say that they are a “data protection consultant” or a “privacy professional”, and even the expensive certs mean relatively little in terms of actual competence, IME.

There are loads of talented, amazing data protection people, and I love working with them.

The bandwagon is, however, rather long…

*grumbles* 
 I don't have any IAPP certs, fwiw.

I know people who do who I wouldn't trust to give data protection advice.

I know many people who don't who I would readily trust, and to whom I happily refer work.

It is a shame that, for some privacy roles, the gating criteria includes an IAPP cert, but I guess it is seen as an easy, if ineffective, filter. 
 certs mean nothing? Say it ain’t so! *eyes up all of ISO*