They may not have the cachet of entrepreneurs, or geek chic of developers, but data protection officers are suddenly the hottest properties in technology.
When Jen Brown got her first certification for information privacy in 2006, few companies were looking for people qualified to manage the legal and ethical issues related to handling customer data.
But now it's 2018, companies across the globe are scrambling to comply with a European law that represents the biggest shake-up of personal data privacy rules since the birth of the internet – and Brown's inbox is being besieged by recruiters.
"I got into security before anyone cared about it, and I had a hard time finding a job," said the 46-year-old, who is the data protection officer (DPO) of analytics at a start-up Sumo Logic near San Francisco. "Suddenly, people are sitting up and taking notice."
Brown is among a hitherto rare breed of workers who are becoming sought-after commodities in the global tech industry ahead of the European Union's General Data Protection Regulation (GDPR), which goes into effect in May.
The law is intended to give European citizens more control over their online information and applies to all firms that do business with Europeans. It requires that all companies whose core activities include substantial monitoring or processing of personal data hire a DPO.
And finding DPOs is not easy.
More than 28,000 will be needed in Europe and the United States. and as many as 75,000 around the globe as a result of GDPR, the International Association of Privacy Professionals (IAPP) estimates. The organisation said it did not previously track DPO figures because, prior to GDPR, Germany and the Philippines were the only countries it was aware of with mandatory DPO laws.
The need for DPOs is expected to be particularly high in any data-rich industries, such as tech, digital marketing, finance, healthcare and retail. Uber, Twitter and Airbnb are advertising for a DPO, online job advertisements show. Microsoft and Facebook are also currently working to fill the position.
Those companies who have DPOs, meanwhile, are braced for poaching.
Many of those firms reside in Germany, which has long required that most companies that process data designate DPOs. They include Simplaex, a Berlin ad-targeting startup. "Everyone is looking for a DPO," said Simplaex CEO Jeffry van Ede. "I need to have some cash ready for when someone tries to take mine so I can keep him." — Reuters
Did you find this article insightful?