The "GDPR is easy" brigade is very keen on telling people that it's easy to just read the actual text, so let's try that.
Just having read the GDPR doesn't count for "expert knowledge", it's just knowledge. "Expert" is something more. How much more? Funny you should ask, welcome to GDPR limbo.
Also, it doesn't say expert knowledge merely of GDPR, it says expert knowledge of "data protection law", vague and unbounded, certainly not limited to the GDPR. GDPR is probably the most restrictive you have to comply with, but the text literally requires you to have to have expert knowledge of the others, too. Finally, there's the little "and practices". It's not enough to read it, you have to be an expert in how data protection law is used in practice.
Before you have processed even a single byte of data, you're literally uncompliant simply by being blasé about how you name your DPO. It seems unlikely that anyone will get busted simply for this, but low likelihood of enforcement is not the same as compliance, and why would they include this paragraph if they didn't feel it was important? People who actually care about being compliant need to think about this.
Just having read the GDPR doesn't count for "expert knowledge", it's just knowledge. "Expert" is something more. How much more? Funny you should ask, welcome to GDPR limbo.
Also, it doesn't say expert knowledge merely of GDPR, it says expert knowledge of "data protection law", vague and unbounded, certainly not limited to the GDPR. GDPR is probably the most restrictive you have to comply with, but the text literally requires you to have to have expert knowledge of the others, too. Finally, there's the little "and practices". It's not enough to read it, you have to be an expert in how data protection law is used in practice.
Before you have processed even a single byte of data, you're literally uncompliant simply by being blasé about how you name your DPO. It seems unlikely that anyone will get busted simply for this, but low likelihood of enforcement is not the same as compliance, and why would they include this paragraph if they didn't feel it was important? People who actually care about being compliant need to think about this.