International Association of Privacy Professionals


The International Association of Privacy Professionals is a nonprofit, non-advocacy membership association founded in 2000. It provides a forum for privacy professionals to share best practices, track trends, advance privacy management issues, standardize the designations for privacy professionals, provide education and guidance on career opportunities in the field of information privacy. The IAPP offers a full suite of educational and professional development services, including privacy training, certification programs, publications and annual conferences. It is headquartered in Portsmouth, New Hampshire.

History

Founded in 2000, IAPP was originally constituted as the Privacy Officers Association. In 2002, it became the International Association of Privacy Officers when the POA merged with a competing group, the Association of Corporate Privacy Officers. The group was renamed to the International Association of Privacy Professionals in 2003 to reflect a broadened mission that includes the ranks of corporate personnel, beyond the position of Chief Privacy Officer, engaged in privacy-related tasks.
Membership reached 10,000 in 2012 and in 2019, the organization reported it had surpassed the 50,000 member mark. The rapid growth was the result of increased demand for privacy expertise in the face of emerging laws such as the EU's General Data Protection Regulation.. Half of the association's members are women.

Professional certifications

The IAPP is responsible for developing and launching a global credentialing programs in information privacy. The CIPM, CIPP/E, CIPP/US and CIPT credentials are accredited by the American National Standards Institute under the International Organization for Standardization standard for Personnel Certification Bodies 17024:2012. These certifications have been described as "the gold standard" for validating privacy expertise.
;Certified Information Privacy Professional
The CIPP currently offers four areas of concentration, each focused on a specific region: United States, Canada, Europe, Asia. For several years, a specialization in US Government privacy matters was offered but the program was terminated on September 30, 2018 and is presently inactive.
;Certified Information Privacy Manager
The CIPM demonstrates understanding of the operational aspects of privacy program management.
;Certified Information Privacy Technologist
The CIPT demonstrates understanding of how to manage and build privacy requirements into technology.
;Privacy Law Specialist
In 2018, the IAPP initiated the PLS program, which is one of only 15 areas of legal specialization accredited by the American Bar Association. The PLS is intended only for lawyers practicing in the US. By 2019, approximately 75 attorneys had achieved the certification.
;Fellow of Information Privacy
The FIP designation is reserved for individuals who have attained the CIPP and either CIPM or CIPT designations, can demonstrate at least three years of work experience in which at least 50% of the job responsibilities are managing data privacy issues. The designation also requires three references who are industry peers and familiar with the applicant's work.

Research

The IAPP produces original research through the IAPP Westin Research Center. Two privacy scholars are selected each year for a fellowship to work on privacy research projects under the guidance of the IAPP’s vice president of research and education. Topics are selected with a view of supporting the growth and development of the privacy profession and furthering understanding of the major privacy issues.
Research projects include:
The IAPP holds seven annual conferences:
IAPP Global Privacy Summit, held in Washington, DC, is the world’s largest international privacy conference.
IAPP Privacy. Security. Risk. , is held in the Fall in a variety of locations and offers the best of privacy and security, with innovative cross-education and networking.
IAPP Canada Privacy Symposium is usually held in Toronto in May, gathering regulators and thought leaders for intensive learning and discussion of Canadian Privacy challenges.
IAPP Europe Data Protection Congress is usually held in Brussels in late Fall, covers topics related to policy and regulation in Europe.
IAPP Data Protection Intensives are held multiple times throughout the year in cities such as London, Paris, or Berlin. These events cover operational privacy issues of specific interest to European data protection professionals.
IAPP Asia Privacy Forum is held in Singapore each Spring, covering topics of specific interest to the Singaporean and greater Asia-Pacific privacy community.
IAPP ANZ Summit held in Sydney in October, covering topics particular to the Australia and New Zealand privacy community.

Publications

The Privacy Advisor, the IAPP’s publication, provides news, reporting on legal developments and analysis of rules and privacy practices.
The Privacy Perspectives blog includes opinion and insight from around the globe.
The Privacy Tracker blog follows legislative developments and provides guidance and analysis of how legislation impacts privacy practitioners.
The Privacy Tech blog covers privacy-enhancing technology and the technical implementation of privacy.
These publications are filtered through the Daily Dashboard, a daily clipping service, and regional digests covering Canada, Europe and the Asia-Pacific region.