PLS: Privacy Law Specialist
Looking to stand out in the competitive privacy law profession? Take a leap forward with the Privacy Law Specialist designation from the IAPP. The IAPP is accredited by the American Bar Association to certify lawyers in the specialty area of privacy law — the 15th specialty accredited by the ABA. U.S. attorneys who meet the certification requirements may be permitted to advertise this specialty in their state.
To earn a PLS designation, candidates must apply and meet the following requirements:
- Be an attorney admitted in good standing in at least one U.S. state.
- Earn or hold a CIPP/US designation from the IAPP, plus either a CIPM or CIPT designation.
- Pass the PLS Ethics exam administered by the IAPP or submit a recent MPRE score of at least 80.
- Provide proof of “ongoing and substantial” involvement practicing privacy law, which equates to 25% of your full-time practice over the last three years.
- Supply evidence of at least 36 hours of continuing education in privacy law for the three-year period preceding your application.
- Provide at least five peer references from attorneys, clients or judges attesting to your privacy law qualifications.
- Pay the $100 application fee upon submission.
Meet all the requirements? Start today.
If you meet the requirements for the PLS designation, contact our team to be guided through the application process.
Need the credentials to apply?
To apply for the PLS designation, you must earn or hold a CIPP/US designation, plus either a CIPM or CIPT designation.
CIPP/US designation
CIPM designation
CIPT designation
Additional requirements & information
Preparation and review of privacy notices, policies and programs:
- Minimum 5% of full-time practice.
Contract negotiation and compliance:
- Minimum 5% of full-time practice.
Privacy advice in compliance with state and federal laws:
- Minimum 5% of full-time practice.
Elements of the 25% minimum may also include:
- Conducting privacy impact assessments and advising about them.
- Risk assessment regarding use and potential misuse of personally identifiable information, and corresponding legal advice.
- Counseling on cross-border data transfers, and other compliance with international privacy laws pertaining to data transfer.
- Counseling on cybersecurity issues, breach preparedness and breach remediation.
- Legislative or regulatory public policy engagement.
- Advice about cyber insurance and negotiating cyber insurance policies.
Minimum of 20% of applicant’s full-time practice must include:
Internal breach investigation and evaluation:
- Minimum 10% of full-time practice.
Litigation of data protection and data breach matters in state, federal, international and administrative tribunals:
- Minimum 5% of full-time practice.
Regulatory investigations and defense:
- Minimum 5% of full-time practice.
Elements of the 25% minimum time requirement in privacy law practice may also include:
- Privacy tort litigation.
- Advice about cyber insurance and negotiating cyber insurance policies.
Privacy Law Specialists must apply for recertification at the end of their five-year term in order to maintain the certification.
Candidates for recertification must:
- Complete and submit the recertification application where they must:
- Demonstrate that they are still attorneys in good standing with their state bar.
- Provide proof, through a personal statement, of “ongoing and substantial” involvement practicing privacy law (at least 25% of their full-time practice over the last five years).
- Supply evidence of at least 60 hours of continuing education in privacy law for the 5-year period preceding their application for recertification.
Hold a CIPP/US designation, plus either a CIPM or CIPT designation in good standing.
No recertification fee will be required.
The PLS Review Board will review the candidate’s recertification application to determine whether the candidate merits recertification. Should you choose not to reapply to become a Privacy Law Specialist, the designation will be automatically removed from your IAPP account upon the five-year term expiration date.
Individuals who are certified in non-ABA states may have different recertification requirements. Please reach out to pls@iapp.org for additional information.
Have questions about PLS certification?
Learn the basics behind the Privacy Law Specialist designation. Start your certification journey here.