The International Association of Privacy Professionals (IAPP) has only been around for 13 years. Compare that, for example, to the American Bar Association, which was founded in 1878, or the Institute for Electrical and Electronics Engineers (IEEE), which traces its roots back to 1884. But for a profession still in its infancy, there already seem to be some established “generations.”
I view the emerging generation as the fourth generation. The opportunities available for them as privacy professionals are unprecedented: undergraduate and graduate coursework, privacy-centric graduate degrees, fellowships, and internships with established privacy departments. But they face the same question that the generations before them faced: is privacy a viable career?
The first generation, the founders of privacy as a profession, are predominantly attorneys who pioneered a new field. They found creative ways to define privacy and established the position of Chief Privacy Officer, a high-level point person essential to preserve the integrity of data and prevent it from being inappropriately or inadvertently shared. The immense amount of respect for these luminaries is easily identifiable among their fellow privacy professionals, but their career paths are varied and unique. There is no discernible pattern that a student could emulate.
A second generation “came of age” as federal and state legislators established a new set of data protection laws. Privacy Officer positions increased throughout the public and private sectors and this second generation was ready, willing, and able to take on the challenges of privacy in the mobile and digital age. This generation drew the outline for a career path in privacy and is eager to mentor those in their wake, always generous with their time and advice.
The third generation of privacy professionals, of which I consider myself a member, were the first to seek out privacy as a career. Our options have flourished. In addition to privacy counsel and privacy officers, we now have privacy analysts and engineers, but the path is still not well-trodden. We struggle to craft our resumes wisely and map a long-term privacy career. When members of the fourth generation ask us for advice, we want desperately to help, but are often at a loss since we still rely so heavily on the second generation for advice and networking and obsess over making the right career move for ourselves.
So how do we help the fourth generation define themselves and, by extension, a traditional privacy career path? The IAPP can facilitate mentoring opportunities by bringing all the generations together as often as possible. As a community, we need to define what privacy professional career paths look like, from undergraduate through retirement. Most importantly, we need to ensure that no generation rests on their laurels. In building privacy as a viable career, we must invite the fourth, fifth, and sixth generations to stand on our shoulders and continue to build on our foundation.