Monday, December 30, 2019

European Privacy: Complexity and High Stakes

European Union FlagEurope has the world's strongest data protection laws, and highest potential sanctions for non-compliance (€20MM or 4% of global revenue, not to mention criminal penalties!), so it makes sense for privacy professionals with global responsibility to become well-versed in European data protection law.  After working intensely in 2017 and 2018 to help my colleagues in Europe establish a GDPR program for one of the world's largest consumer-facing companies, and having remained actively involved in European data protection matters since, I finally felt I had the knowledge and experience to pursue certification in European data protection from the International Association of Privacy Professionals.  Today, I received that certification. 

According to the IAPP, which is the world's premier (and largest) data protection certification organization, a CIPP/E designation means one has "the comprehensive...knowledge, perspective and understanding to ensure compliance and data protection success in Europe." To demonstrate mastery of the field, all applicants must pass a rigorous exam which covers all of the topics listed here, including European legal frameworks, institutions, history, treaties, private sector laws, public sector laws, national laws, norms and standards, and best practices.

If you have an interest in obtaining the CIPP/E designation, I'd be happy to talk with you about it, and specifically how I studied for the examination.

Going forward, I might be posting more content to this blog relating to European data protection (I've been writing and speaking about it since 2015), if the posts receive enough traffic to indicate interest.

(P.S.- Special thanks to my friend and brilliant Italian lawyer Fabio Svizzero for the many hours spent explaining the nuances of EU data protection law and customs!)