How to Enter the Privacy Profession
Full Answer
Education Required to Become a Privacy and Data Security Attorney. Privacy and data security attorneys must first earn their undergraduate degree. This can be within any major. Having some information technology knowledge can be vital to the success of a privacy and data security attorney, so consider at least taking some IT courses, if not majoring within that area.
May 12, 2022 · When it comes to learning how to become a privacy lawyer, post-graduate studies are a great teacher. They train us to stay curious, question everything, write well and power read. A quick survey of the BLG team shows that many of us have an academic background. I have a master’s in IT law and a PhD in privacy.
The educational qualifications to become a privacy attorney are similar to those of any other type of lawyer. Specifically, you must earn a bachelor’s degree followed by a law degree. During law school, it’s recommended you take classes that focus on privacy law and then seek summer employment and internships to improve your skills in this area. After law school, you must pass …
Sep 06, 2021 · Many law schools now offer classes to give students a substantive background on these topics, most large law firms have established privacy and cybersecurity practice groups, and business is ...
Many employers want 2-5 years of experience in privacy law, but folks with such experience are very hard to come by and very in demand. That’s because privacy law is a great club to be in, but getting in the door and getting that initial few years of experience is challenging. The field desperately needs more entry points.
1. Take a course in information privacy law. [Warning: shameless plug because I teach such a course and have authored textbooks .] Learn about the field and the different laws and regulations. Find ways to demonstrate that you actually know something. 2.
The International Association of Privacy Professionals (IAPP) is growing at a breakneck pace. Privacy law practices are flourishing at law firms. Nearly every organization these days has personal data, and federal and state regulation is sprouting up rapidly and agencies are stepping up enforcement. Companies are realizing that privacy matters ...
Take IT training. You should gain hands-on IT experience through IT training. Though a cybersecurity lawyer will probably never configure a router, she should know how routers function. Most IT training tends to be expensive and require large amounts of time, so make sure you possess an unwavering commitment in honing your technical skills as a cybersecurity lawyer. For instance, SANS offers training that can cost over $4,000 for 40 hours’ worth of training! I highly recommend that you research affordable training opportunities in your area. If no IT training exists in your area, then look for virtual training.
I personally recommend gaining as much hands-on IT training as your time and budget allows. I am not suggesting you become an IT expert; most lawyers work alongside IT professionals to achieve the results their clients want.
As a cybersecurity lawyer, one can work either as a litigator or advisor. What’s the difference between the two you ask? The lawyer who litigates also advises; however, the lawyer who advises usually does not litigate. At a minimum the advisor may assist a company or law firm with pre-litigation matters.
Cybersecurity remains a growing field in the legal arena. This field, however, can be difficult for a law student to enter, and I hope my points prove helpful in advising students in their endeavors. Since this is a brief introduction, I cannot cover every topic or detail—though I will write more later. I recommend that you conduct extensive research about the field—numerous articles exist online about how to become a cybersecurity lawyer —and consult with cybersecurity lawyers and IT professionals.
To prepare for a career in data privacy, law students and lawyers in transition can focus not only on courses specifically in data privacy or cybersecurity but also on courses in such related areas as international law, intellectual property, constitutional law, e-discovery, or other related technology.
Lawyers in the data privacy space handle a variety of issues -- from regulatory compliance to privacy issues -- in business transactions and litigation of privacy breaches. JD Advantage roles focus mainly on the compliance aspect of data privacy. Privacy officers work with business heads or clients to craft internal and external privacy policies as well as those long, check-the-box consent forms that we all need to click through when using websites that collect individual information. Projects can also involve helping a client comply with applicable global, federal, and state privacy laws and conducting a compliance audit. On a broader scale, a data privacy professional might be called upon to develop and implement a global privacy compliance program that ensures compliance with a diverse set of rules and regulations crossing national borders.
One such regulation, the California Consumer Privacy Act of 2018 (CCPA), was enacted in June 2018 and goes into effect in 2020. The regulation is expected to impact over half a million business-es doing business in California that collect, sell, or disclose personal information for business purposes.
Georgetown Law identifies CA, MN, IL, NY, and MA as the most active U.S. states for commercial privacy laws.
While a technical background can be helpful, it is not required. Among the most sought-after credentials in data privacy are the Certified Information Privacy Professional (CIPP) certifications. For more information on CIPP certifications, see https://iapp.org/certify/cipp/ .