Privacy Law Specialist

The next submission period to become an ABA-accredited specialist begins July 1, 2018.

The IAPP is accredited by the American Bar Association to certify lawyers in the specialty area of Privacy Law. U.S. attorneys who meet the IAPP’s rigorous specialist designation requirements may be permitted under their state’s rules of professional responsibility to advertise their specialization in privacy law.

Privacy Law is the 15th specialty accredited by the ABA. The Privacy Law Specialist designation instantly places you among the elite in privacy law. It’s the first designation that verifies you’ve met stringent experience and knowledge requirements in this crucial and rapidly growing area of the law.

 

Meet the program requirements:

  • Be an attorney admitted in good standing in at least one U.S. state
  • Earn/Hold a CIPP/US designation from the IAPP, plus either a CIPM or CIPT designation
  • Pass the PLS Ethics Exam administered by the IAPP, or submit a recent MPRE score of 80+
  • Provide proof of “ongoing and substantial” involvement practicing privacy law (at least 25% of your full-time practice over the last three years)
  • Supply evidence of at least 36 hours of continuing education in privacy law for the 3-year period preceding your application
  • Provide at least 5 peer references from attorneys, clients or judges attesting to your privacy law qualifications

 

Earn the distinction. Stand out from your peers.

If you’re interested in becoming a candidate, email pls@iapp.org to get the process started. We will reply with the forms you’ll need to submit between July 1, 2018 and the end of the first submission period on September 30, 2018. All applications will be reviewed at that time.

If your application is approved, you will receive a digital designation badge from the IAPP to add to your credentials, and the opportunity to be included in a searchable directory of specialists on the IAPP website.

For details on applying to become a Privacy Law Specialist, including a complete review of all requirements and forms, email pls@iapp.org. For questions about how to earn the required IAPP certifications, you can email certification@iapp.org.

 

ATTORNEYS SEEKING TO APPLY PLEASE NOTE

Accreditation by the ABA indicates solely that the IAPP’s Privacy Law Specialist designation has met the ABA’s standards.

Not all states allow attorneys to claim specialization even if certified by an ABA accredited body like the IAPP. You should check the Rules of Professional Conduct of your state (typically covered in Rule 7) to see what your state’s requirements are regarding advertising specialization.

 

  • expand_more Requirements for outside counsel and in-house lawyers with transactional practice:

    Preparation and review of privacy notices, policies and programs:

    • Minimum 5% of full-time practice

    Contract negotiation and compliance:

    • Minimum 5% of full-time practice

    Privacy advice in compliance with state and federal laws:

    • Minimum 5% of full-time practice

    Elements of the 25% minimum may also include:

    • Conducting privacy impact assessments and advising about them
    • Risk assessment regarding use and potential misuse of personally identifiable information, and corresponding legal advice
    • Counseling on cross-border data transfers, and other compliance with international privacy laws pertaining to data transfer
    • Counseling on cybersecurity issues, breach preparedness and breach remediation
    • Legislative or regulatory public policy engagement
    • Advice about cyber insurance and negotiating cyber insurance policies
  • expand_more Requirements for attorneys engaged in data breach response, adversarial proceedings and/or litigation:

    Minimum of 20% of applicant’s full-time practice must include:

    Internal breach investigation and evaluation:

    • Minimum 10% of full time practice

    Litigation of data protection and data breach matters in state, federal, international and administrative tribunals:

    • Minimum 5% of full-time practice

    Regulatory investigations and defense:

    • Minimum 5% of full-time practice

    Elements of the 25% minimum time requirement in privacy law practice may also include:

    • Privacy tort litigation
    • Advice about cyber insurance and negotiating cyber insurance policies