GDPR humor\nThe hashtag #GDPRjokes is currently trending on Twitter. Here is a flavor: \u201cKnock knock. Who's there? John. The following question is optional and is not a precondition to being let in. John who?\u201d; \u201cDoctor, Doctor!\u201d \u201cWhy have you captured my professional title when it isn\u2019t relevant to your stated use of my data?\u201d It seems there is no traditional joke template that cannot be re-written to take account of the imminent General Data Protection Regulations which come into force in the EU later this month: \u201cMy dog has no nose - How does he smell? - I don\u2019t know, he hasn\u2019t opted-in to me contacting him.\u201d\nThe jokes are mostly pretty terrible - but they do bring a little lightness to what can be a rather dull topic. Most GDPR seminars could use a little humor. But they are also illuminating - not just because they refer to some aspects of the rules - and some common misconceptions - but because they are there at all. Regulatory changes happen all the time - new standards in revenue recognition for example, or other accounting standards. But very few people ever hear of them. You are not likely to go to a party and be asked about the ramifications of SOC 1, for example, and there are no jokes that I know of about ASC 606. But GDPR has escaped from the world of regulatory compliance to become a subject of general interest - as well as the jokes, there are articles about it in mainstream newspapers and it is a subject for discussion on TV and radio.\nThe global impact\nGDPR is not just a matter for the lawyers and the IT experts - it will affect everyone, in their business and in their personal lives. Although it only has legislative force for EU citizens, GDPR appears likely to have a global impact. Businesses which access EU citizens\u2019 data from say North America, will also have to comply in the way that the data is stored and used. Other countries such as Brazil, Argentina and Canada are now contemplating introducing similar rules. Many international companies are planning to change the way they store personal data across their organizations, giving all of their customers and employees the same rights that Europeans will have. This makes sense - savvy consumers everywhere may prefer to work with social media and other companies which offer the highest standard of data protection rather than be treated as second-class citizens.\nThat is in part because of the growing awareness of the degree to which private information has been shared and applied without people\u2019s knowledge or agreement over recent years. I\u2019m going to illustrate this point with another amusing story which is doing the rounds - about a man who tries to order a pizza to find the pizzeria has been taken over by Google. He is told: \u201cFor you, we recommend the cheese-free pizza with extra spinach due to your high cholesterol.\u201d He responds: \u201cBut I take medication for that.\u201d - \u201cYou don\u2019t though, do you? You haven\u2019t bought any in six months.\u201d \u00a0When he says he is off to a desert island to get some privacy, the answer comes: \u201cWell, sir, you will need to renew your passport first - it expired five weeks ago!\u201d Recent revelations about the use of data scraped from social media sites to produce highly targeted political advertising have also increased awareness of this issue.\nMore control over personal data\nAgainst this backdrop, GDPR aims to increase individuals\u2019 control over their personal data and to ensure more transparency about what it is being used for. A social media user for example will be able to see which other companies are allowed access to their data. If they do not wish to receive targeted political adverts for example, they ought to be able to opt out. If someone wants to move their personal data from one social media site to another, they ought to be able to do this.\nIn my view, GDPR is a positive change. I would estimate that 80% of what is needed to comply with it is already best practice. There are some misconceptions about it - it doesn\u2019t bar all marketing communications for instance - you can still make contact with people if it is in the legitimate interests of your business. That should protect companies who want to reach out to people who they have a genuine reason to believe may be interested in their product.\nIf you are a customer-centered organization which values transparency, you will be doing a great deal of this anyway. But it is a good moment to overhaul data management processes. Making sure the information that is held on employees, customers and partners is appropriate and relevant is a basis for building better relationships with all of these key people. And of course, how did the pirate Blackbeard safely and securely enlist his crew? GDPArrrrr, of course!