About the IAPP

Christopher Schmidt, FIP; CIPP/E; CIPM; CIPT, CDPO/BR; is a seasoned legal professional specializing in European Data Protection and IT Law, building on his profound IT and pentesting knowledge. With a Magister of Law degree from Germany, Christopher brings a wealth of experience as both a German Attorney-at-Law (Rechtsanwalt) and In-House Lawyer (Rechtsanwalt (Syndikusrechtsanwalt)).

His career highlights include significant contributions to the data protection community, serving as an Advisory Board Member and Chair for the IAPP's CIPP/E Exam Development Board, including on incorporating the manifold regulatory changes in the field of international data transfers into the IAPP's ANSI-certified examination. He has been selected as an expert on data protection matters by the Council of Europe.

Christopher's diverse experience spans advising on regulatory compliance for emerging technology products, including on AI and ML-related risks and opportunities, as well as web-based, mobile and decentralized applications. Among the clients he has advised are leading technology and software providers, financial institutions and blockchain businesses, global pharmaceutical and tourism companies.

Christopher has worked at the International and European Affairs Department of the Hessian Data Protection Commissioner which handles cooperation and consistency procedures in accordance with Chapter VII of the GDPR, acts as a contact point including for the European Data Protection Board and oversees international data transfers and related safeguards (i.e., Binding Corporate Rules, Standard Data Protection Clauses). He was also tasked with matters relating to employee data protection, automated HR data processing as well as advising and monitoring data protection officers from both the public and the private sectors.

In addition, Christopher has worked for renowned global law firms, focusing on cybersecurity and data protection matters across all sectors. Christopher particularly worked in privacy litigation and compliance with the General Data Protection Regulation (GDPR), European, and German data protection laws. His work also included drafting and negotiating policies and agreements (including mergers and acquisitions agreements), incident response, transfer safeguards and assessments, as well as all types of risk-based and technical documentation, auditing, and safeguarding of personal and non-personal data.

In addition to his professional work, Christopher is dedicated to education, conducting courses and workshops for law students, lawyers, and DPOs in German, English, French, and Italian.

Christopher also contributes his expertise to reviewing and enhancing the IAPP's German training material.