Founded in 2000, the International Association of Privacy Professionals (IAPP) bills itself as “the largest and most comprehensive global information privacy community and resource.” It is more than just a certification body. It is a full-fledged not-for-profit membership association with a focus on information privacy concerns and topics. Its membership includes both individuals and organizations, in the tens of thousands for the former and the hundreds for the latter (including many Fortune 500 outfits).
Its mandate is to help privacy practitioners develop and advance in their careers, and help organizations manage and protect their data. To that end, the IAPP seeks to create a forum where privacy pros can track news and trends, share best practices and processes, and better articulate privacy management issues and concerns.
By 2012, the organization included 10,000 members. By the end of 2015, membership had more than doubled to 23,000 members. According to a Forbes story published that same year, approximately half of the IAPP’s membership is women (which makes it pretty special, based on our understanding of the gender composition for most IT associations and certification programs). Current membership must be between 30,000 and 40,000 as growth rates from 2012 to 2015 have continued, if not accelerated in the face of the EU’s General Data Protection Regulation (GDPR), which went into full effect on May 25, 2018. The IAPP also claims to have certified “thousands of professionals around the world.”
The IAPP has developed a globally recognized certification program around information privacy. Its current certification offerings include the following credentials:
All these certifications comply with the ANSI/ISO/IEC 17024 standard, which means they have been developed to meet stringent requirements for analyzing the subject matter and the fields of work to which they apply, along with formal psychometric analysis of test items to make sure that exams truly differentiate those who possess the required skills and knowledge to do the related jobs from those who do not.
All the IAPP exams follow the same cost structure, though charges vary by location. In the U.S., each first-time exam costs $550, with a $375 charge for any subsequent retake of the same exam. Those who already hold any IAPP certification pay just $375 for each additional certification exam they take. IAPP certification holders can either pay an annual maintenance fee of $125 to keep their certifications current (and meet continuing education requirements of 20 CPE credits every two years) or they must join the IAPP.
If a person joins, they’ll pay an annual membership fee. Currently, that’s $250 for professional members, $50 for student members, and $100 for all other membership categories (government, higher education, retired and not-for-profit). Those who elect to pay the certification maintenance fee need pay only once a year, no matter how many IAPP certifications they earn.
IAPP exams are available at Kryterion testing centers, which may be identified with its test center locator. Exams consist of 90 question items. Candidates may take up to 150 minutes (2.5 hours) to complete any IAPP exam. Payment is handled through the IAPP website, but Kryterion handles date and time windows for exams at its test centers.
This credential is the most likely place for a person working in IT to start their IAPP efforts. The CIPT validates skills and knowledge about the components and technical controls involved in establishing, ensuring and maintaining data privacy. To be more specific, the body of knowledge (BoK) for the CIPT stresses important privacy concepts and practices that impact IT, and makes sure that practitioners understand consumer privacy expectations and responsibilities.
It also addresses how to bake privacy into early stages of IT products or services to control costs and ensure data accuracy and integrity without impacting time to market. CIPTs understand how to establish privacy policies for data collection and transfer, and how to manage privacy on the internet of things. They also know how to factor privacy into data classification, and how it impacts emerging technologies such as biometrics, surveillance and cloud computing. Finally, CIPTs understand how to communicate on privacy issues with other parts of their organizations, including management, development staff, marketing and legal.
IAPP describes this certification as just right for “the go-to person for privacy laws, regulations and frameworks” in an organization. This audience may include more senior privacy or security professionals with IT backgrounds, but it may also involve people from management, legal or governance organizations whose responsibilities include data privacy and protection concerns. This goes double for those involved with legal and compliance requirements, information management, data governance, and even human resources (as privacy is a personal matter at its core, involving personal information).
Because managing privacy and protecting private information is often highly regulated and subject to legal systems and frameworks, the IAPP offers versions of the CIPP certification where such content and coverage has been “localized” for prevailing rules, regulations, laws and best practices.
There are five such versions available: Asia (CIPP/A), Canada (CIPP/C), Europe (CIPP/E), U.S. Government (CIPP/G) and U.S. Private Sector (CIPP/US). As of this writing, the CIPP/E perforce offers the most direct and focused coverage of GDPR topics. That said, given that GDPR applies to companies and online presences globally, such material will no doubt soon make its way into other CIPP versions in the next 6-12 months. The U.S.-focused exams are already scheduled for a refresh in August 2018, as per the IAPP website’s certification pages.
For example, the CIPP/US page includes the following materials:
Each of the other regional versions of the CIPP has a similarly large, detailed and helpful collection of resources available to interested readers and would-be certified professionals.
The CIPM is a more senior credential in the IAPP collection. It seeks to identify persons who can manage an information privacy program. Thus, the focus is on privacy law and regulations and how those things must guide the formulation of workable and defensible privacy policies, practices and procedures for organizational use. The CIPM BoK covers the following topics:
In general, CIPMs play a lead role in defining and maintaining data privacy policies for their organizations. They will usually be responsible for operating the privacy apparatus necessary to demonstrate compliance with all applicable privacy rules, regulations and laws for the organization as well.
The IAPP also offers two other elements in its certification programs. One is the Privacy Law Specialist, which aims at attorneys or other licensed legal professionals who wish to focus on privacy syllabus in a legal context. The other, called the Fellow of Information Privacy (FIP), aims at those at the top of the privacy profession and is available only to those who’ve completed two or more IAPP credentials, including either a CIPM or a CIPT, and one or more of the CIPP credentials. It requires three professional peer referrals and completion of a detailed application form. We won’t discuss these credentials much more in this article, except to note here that the Privacy Law Specialist garnered a surprising 200 hits in our job board search (see below for other details gleaned thereby).
Finally, the IAPP website recommends the combination of CIPP/E and CIPM as the possible credentialing for those wishing to focus on GDPR, shown in this screenshot from its Certify pop-up menu:
We visit four job posting sites to check on demand for specific credentials: Simply Hired, Indeed, LinkedIn and LinkUp. Here’s what we learned.
|Certification||Search string||Simply Hired||Indeed||LinkUp||Total|
The breakdown for CIPP fell out like this: CIPP/A 27, CIPP/C 287, CIPP/E 351, CIPP/G 154 and CIPP/US 401. As you’d expect, the U.S. categories combine for a majority, with Europe a surprising second ahead of third-place Canada.
Salary information appears in the next table. We collected low, median and high values for each credential, finding surprisingly little difference between the CIPM and the CIPP. Given that a CIPM is likely to hold a management position, this shows that the CIPP holds considerable value in employers’ estimations. It’s also interesting that the median values show the CIPT and the CIPP are close to one another too. This bodes well for IT professionals interested in pursuing the CIPT.
|Privacy Law Attorney||$46,146||$89,026||$171,752|
Typical positions for privacy professionals are very much one-offs. We found a risk management and compliance manager position at a South Carolina government agency charged with defining and implementing security and privacy policies for the department of corrections. That position paid $120,000 per year and involved security and audit compliance, business continuity and disaster recovery planning, and risk and incident management. By itself, the requested CIPM would not be enough to qualify for that job.
The next position was for a healthcare services director position in Albuquerque, New Mexico, which involved auditing, risk management, and contract and vendor negotiation. Its pay range was $140,000 to $190,000 per year, and it required serious management chops, along with IT governance and risk and compliance experience, with calls for knowledge of tools like Archer and Clearwell. The third position was for a senior data privacy associate at a Washington law firm, which sought a person with a CIPP/E, CIPP/US and CIPT, with pay in the $120K-$150K range.
Thus, it appears there are plenty of opportunities – some with high rates of pay – for those willing to climb the IAPP certification ladder. Both the job boards and the individual postings speak directly to strong and urgent need in the field for qualified privacy professionals at all levels.
IAPP courses are available through many channels, including classroom training through the IAPP and its partner network. Online training classes are also available, for lesser charges. The IAPP provides ample references and resources, with authoritative and supplemental texts, websites, legal references and statutes, and more for each of its credentials. There’s also plenty of self-study material for those who prefer that route.
The IAPP also offers practice exams (which it calls sample questions) to help candidates prepare for exams. Surprisingly, there is even something of an aftermarket for IAPP books and materials, as a quick trip to Amazon will attest.
Our annual list of 10 Breakthrough Technologies highlights the technological advances that we think will have the biggest impact on the world in the years to come.
The 35 Innovators Under 35 is our yearly opportunity to take a look at not just where technology is now, but where it’s going and who’s taking it there.
What is AI? It’s the quest to build machines that can reason, learn, and act intelligently, and it has barely begun. We cover the latest advances in machine learning, neural networks, and robots.
Face recognition | Machine learning | Robots | Voice assistants
The Big Story is a home for MIT Technology Review’s most important, ambitious reporting—stories that take a deep look at the technologies that are coming next and what they will mean for us and the world we live in.
Biotechnology is the industry that uses the molecules of life (DNA, RNA, and proteins mostly) to treat and diagnose disease. We report on the latest biomedical science and technological research.
CRISPR | DNA testing | Genetic engineering | Genomic medicine
What is a blockchain? Distributed ledger technology underlies cryptocurrencies like bitcoin and could be the future of money, security, and online privacy. But there’s also a ton of hype.
Bitcoin | Cryptocurrency | Ethereum | ICOs | Smart contracts
Climate change is making the Earth a warmer and weirder place, forcing researchers, companies and governments to understand, confront and adapt to rising dangers.
Battery technology | Carbon sequestration | Clean energy | Electric cars | Geoengineering
Computer technology news and in-depth analysis of computer tech, looking at the latest advances in computing being driven by innovations in everything from microchips to quantum computing.Cloud computing
Cybersecurity | Edge computing | Microchips | Quantum computing | Supercomputing
You can read our most essential coverage of the coronavirus/COVID-19 outbreak for free, and also sign up for our coronavirus newsletter. But please consider subscribing to support our nonprofit journalism.
A look at how technologies from AR/VR, brain-computer interfaces, and chip implants to health trackers, biometrics and social media are changing the most basic aspects of human life—work, friendship, love, aging, sickness, parenting, learning, and building community.
AR | Biohacking | Brain-computer interface | VR
Covid-19 has altered our lives in countless ways. We’re tracking technology that’s responding to the pandemic, with support from The Rockefeller Foundation.
Google, Facebook, Apple, Amazon, and other Silicon Valley Big Tech companies are built on innovation. But how are these corporate behemoths dealing with the ramifications of their power?
Amazon | Apple | Facebook | Google |
Governments around the world are trying to Strengthen urban life by adopting digital technologies and creating Smart Cities filled with sensors. Who are these projects benefiting and how smart are they?
5G | IoT | Self-driving cars
Humanity is pushing further outside of our atmosphere. We take a look at the space tech coming out of places like NASA, SpaceX, and Blue Origin that is powering the space exploration of tomorrow.
Astronomy | NASA news | Space exploration | SpaceX news | The Moon
Who’s responsible when technology causes harm? We look at how the world is dealing with problems like fake news and misinformation, AI bias, Big Tech’s power, genetic discrimination, privacy intrusions, mass surveillance, and more.
AI Ethics | Kids and tech | Privacy | Tech and health
report | Dec 6, 2022
Most think social media has made it easier to manipulate and divide people, but they also say it informs and raises awareness.
short read | Dec 6, 2022
People in advanced and emerging economies have mixed feelings about social media’s impact on political life.
short read | Nov 21, 2022
Social media is an important tool for consumers, with some Americans – particularly younger adults – turning to influencer recommendations.
short read | Nov 18, 2022
With Donald Trump’s 2024 presidential bid now officially underway, here are key facts about Truth Social and its users.
short read | Nov 17, 2022
The U.S. public’s views of banks and other financial institutions, as well as large corporations, have become much more negative recently.
report | Nov 16, 2022
Majorities of teens credit social media with strengthening their friendships and providing support while also noting the emotionally charged side of these platforms.
short read | Nov 2, 2022
One-in-five federal, state and local candidate tweets in 2022 have mentioned race, abortion, education or the economy.
short read | Oct 26, 2022
About six-in-ten parents of K-12 children (61%) say the first year of the pandemic had a negative effect on their children’s education.
short read | Oct 24, 2022
53% of those 50 and older say the widespread use of driverless vehicles would be a bad idea for society, as do 37% of adults ages 18 to 49.
Topic selection is the process for deciding which syllabus NICE will produce technology appraisal guidance on. NICE aims to consider all new significant drugs and indications. Health technologies referred to the NICE technology appraisals programme include:
The Topic selection process has been designed to support the technology appraisal process so that syllabus chosen will add value and support healthcare professionals and others to provide care of the best possible quality, which offers the best value for money.
NICE manages this process on behalf of the Department of Health and Social Care. NICE can only begin to appraise a technology when it has been formally referred by the Secretary of State for Health and Social Care.
The aims of the Topic selection process are to:
Most syllabus are identified by the National Institute for Health Research Innovation Observatory at the University of Newcastle. This centre notifies NICE about key, new and emerging healthcare technologies that might be suitable for NICE technology appraisal. It aims to notify NICE of new drugs in development 20 months before marketing authorisation and new indications 15 months before marketing authorisation. These time frames are required by NICE to enable guidance to be published as close as possible to product launch.
Suggestions for technology appraisal guidance on a new medicinal product (that has not yet received a marketing authorisation) should be made by the relevant company through UKPharmaScan. Healthcare professionals, researchers and patients can also suggest potential technologies for NICE to appraise by contacting the National Institute for Health Research Innovation Observatory.
Topic selection decisions are based on the consideration of each potential Topic against elimination and prioritisation criteria. The elimination criteria filter out syllabus unsuitable for guidance development through the technology appraisal programme. A Topic will not be considered if the technology has not been granted a marketing authorisation (or equivalent) or if there are no plans for it to receive a marketing authorisation (or equivalent) or if it is identical to:
The following Topic areas are also outside the remit of technology appraisal guidance development at NICE:
Topics are not considered unless:
Elimination and filtering is done by the Consultant Clinical Adviser in the Topic selection team and includes seeking expert opinion and engaging with the relevant National Clinical Directors. The filtering recommendations are considered by an internal group at NICE, and shared with the Department of Health and Social Care and NHS England.
The importance of each Topic is considered against prioritisation criteria prioritisation criteria (PDF) that help the Secretary of State for Health and Social Care decide which syllabus should be referred to NICE for guidance development through the technology appraisal programme. This includes consideration of the population size, disease severity, resource impact and the value that NICE could add in carrying out a technology appraisal. The prioritisation criteria are:
Prioritisation is also done by the Consultant Clinical Adviser in the Topic selection team and is informed by the external expert opinion already sought during filtering. The National Institute for Health Research Innovation Observatory at the University of Newcastle develops technology briefings for potential appraisal topics.
Relevant companies have the opportunity to comment on these technology briefings before the prioritisation recommendations are considered by an internal group at NICE, and shared with the Department of Health and NHS England. The group at NICE meets to decide the next steps for each Topic being considered, to ensure the timely production of guidance. The group considers each Topic and decides whether it is potentially suitable for NICE appraisal and as a result, whether the scope should be sent out for consultation.
Summary information on Topic progress is published on the NICE website. The list of potential syllabus is handed over to the technology appraisal scoping team to develop the draft scopes for consultation.
Medicinal products marketed in England that do not meet the criteria for referral into the technology appraisal programme can be considered for the highly specialised technologies programme or for a new medicines evidence summary to help inform local decision-making.
NICE’s approach on biosimilars is:
a. NICE will consider similar biological medicinal products notified to it by the National Institute for Health Research Innovation Observatory for referral to the Technology Appraisal Topic selection process.
b. These products will usually be considered in the context of a Multiple Technology Appraisal in parallel with their reference products in the indication under consideration.
c. In other circumstances, where it is considered a review of the evidence for similar biological medicinal product is necessary, NICE will consider producing an ‘Evidence summary new medicine’.
d. NICE technology appraisals will use the name of the active drug substance, including reference products and brand named similar biological medicinal products in its documentation where appropriate to inform clinical decision making and to reflect the remit received from Ministers.
e. The Department of Health in England has confirmed that a technology appraisal remit referred to NICE enables NICE to decide to apply the same remit, and the resulting guidance, to relevant licensed biosimilar products which subsequently appear on the market.
f. Evidence summaries will use the brand names of the medicines because substitutability and interchangeability cannot be assumed. Evidence summaries do not make recommendations hence the decision regarding the choice of biosimilar or originator biologic for an individual patient rests with the responsible clinician in consultation with the patient.
Companies that want to suggest that NICE develops guidance on a new pharmaceutical product (one that is not yet licensed or used within the NHS) should notify UK PharmaScan. More information is on the Pharmascan website. Alternatively, please contact the National Institute for Health Research Innovation Observatory.
The emergence of artificial intelligence chatbots that can complete students’ assignments will lead to a crisis in learning, forcing educators to rethink schooling entirely, a former teacher said.
"The introduction of new artificial intelligence technologies into schools that enables students to auto-generate essays has the capacity to blow up our entire writing education curriculum," Peter Laffin, founder of Crush the College Essay and writing coach, told Fox News. "It may make us have to rethink it from the ground up, and that might ultimately be a good thing."
Last week, tech company OpenAI unveiled an AI chatbot, ChatGPT, which has stunned users with its advanced functions. The language model can automatically generate school essays for any grade level, answer open-ended analytical questions, draft marketing pitches, write jokes, poems and even computer code.
WATCH MORE FOX NEWS DIGITAL ORIGINALS HERE
The internet is swirling with predictions about how this sophisticated technology could impact several industries and render countless jobs obsolete. But at the forefront of Laffin's concern is the impact it will have on education.
"I do believe that students will be able to use this technology undetected to complete assignments," he told Fox News. "It's going to be increasingly difficult for teachers to be able to tell the difference."
Laffin said younger students in particular are at risk of losing the most to chatbots. So, too, will inner-city schools with lower teacher-to-student ratios, where instructors are less familiar with their students' work, making it harder to detect the use of AI.
"The more easily available this is for younger students, the more problems this will create," Laffin told Fox News.
MIT RESEARCHERS CREATING SELF-REPLICATING ROBOTS WITH BUILT-IN INTELLIGENCE
College students using ChatGPT to complete busywork assignments will be disrupted less because "you are already at a level of sophistication where you understand the content," Laffin explained. But if younger students use AI for an assignment like writing a history paper, "you've not only cheated on a writing exercise, you’ve also cheated yourself out of learning the history."
SELF-DRIVING TRUCK COMPANY LOOKS TO FIX SUPPLY CHAIN ISSUES FOR THE LONG HAUL
The artificial intelligence-powered ChatGPT garnered global interest and exceeded 1 million users in less than a week. It's also the first time a high-level AI text generator with a user-friendly interface has been made available to the public for free.
"The fact that this might cause a crisis in education might ultimately be to our benefit," Laffin said. "Because writing is something that we just don't teach very well."
CLICK HERE TO GET THE FOX NEWS APP
The writing coach recommended teachers evolve their assignments and move away from traditional five-paragraph essays. They should instead create more innovative models of teaching, he said.
"The practices in schools always seem to lag behind a little bit what the latest technology is," Laffin told Fox News. "You can always be sure that kids are going to be one step ahead of the teachers, so there needs to be a lot of vigilance on this."
To watch Laffin's full interview, click here.
Why do talented technologists and successful technology entrepreneurs become political activists?
Elon Musk’s acquisition of Twitter is a case in point. Is Musk looking to “fix” Twitter’s technology? Or is he looking for a platform to influence public policy? The first motive is consistent with a technologist’s calling, but the second is something else altogether.
Obviously anyone can buy anything. Even really expensive things if he or she has the money. That said, tens of billions of dollars were lost the moment the deal closed. Was Musk “forced” to do the deal or – in spite of the ridiculous price – was there another motive?
There’s precedent for such acquisitions: Jeff Bezos acquired the Washington Post and Marc Benioff acquired Time. But this one is different. Bezos and Benioff don't send provocative tweets every day about what they’re doing on Tuesday, but not on Wednesday. They don't troll for a living.
Zachary Karabell describes it well:
“The fear that Musk will somehow turn Twitter into his personal megaphone belies that fact that it already is — and that’s true for many others, too. And the fear that he will turn Twitter into an ungovernable sphere of false information belies the fact that in many ways it currently is just that, along with a magnificent sphere for finding information and like-minded people and groups.”
So why do so many see Musk’s acquisition of Twitter as “different”? Karabell again:
“Why then is Musk buying Twitter seen as such as dangerous anomaly? In part, it’s because Twitter isn’t a publication distributed in the public square (digitally or physically), it is one of the squares. In that way it’s more like a very big network than a single media property.”
You bet it’s different. Not just because “it’s more like a very big network than a single media property,” but because it’s now owned by a social celebrity. For this reason alone it will influence public policy. Not sure? Anything Musk says – now in his own public square – about free speech will be covered over and over again, coverage that will itself influence the context, definition and policy around free speech the same way TV stars, medical hucksters and retired football players influence policy.
The free speech discussion has been going on for decades – centuries, in fact. Has Musk published a definitive essay on free speech? (Tweets don’t count.) Is he a credentialed expert on free speech? Then why is he part of the free speech debate? Much more importantly, why does he want to be part of the free speech debate? Obviously, anyone can opine about free speech – which is the essence of free speech! But credentials are important when tackling existential policy. Would you listen to your young grandkids about how to stop global warming?
Or is credibility for sale?
The Platform Needs Technology Help
There’s lots to do on the platform – lots to keep Elon busy for a long time. The interface needs work. Scalability, accessibility, integration and security – among other “fixes” – are on the list. Real-time should mean “real-time.” Bot-control is essential. Pay-for-tweets is another innovation (for Twitter) that should be explored. The elephant in the room is the technological control of hate speech and the spreading of misinformation. Musk appears to want to “regulate” certain speech through a content moderation council, or some such entity, while servicing his definition of free speech. The clues he provides are, as usual, opaque, but this is all technologically possible. It’s also relatively easy to deliver Twitter users the ability to fine-filter the content they see well beyond the current tools. Machine learning can help here. These are just a few of the technological challenges – in the technologist’s swim lane – facing Twitter.
Grandiose or Naïve?
“The reason why I acquired Twitter is because it is important to the future of civilization to have a common digital square, where a wide variety of beliefs can be debated in a healthy manner, without resorting to violence. There is currently a great danger that social media will splinter into far right wing and far left wing echo chambers that generate more hate and divide our society.”
The future of civilization somehow depends on Twitter? This is news.
But since Musk closed the deal, the amount of racist “free speech” has exploded:
“An emboldened cast of anonymous trolls spewed racist slurs and Nazi memes onto Twitter in the hours after billionaire industrialist Elon Musk took over the social network, raising fears that his pledge of unrestricted free speech could fuel a new wave of online hate.”
In smug language: “how’s that working out for you?”
Problems of Your Own Acquisition
Some problems are unsolvable – especially when you think they’re not. Scott Galloway said it best: “he’s essentially dug a pit for himself filled it with cobras and grenades and jumped in.”
When you’re a world-class swimmer, swim lanes are your friends. But when you leave the pool, you can drown.
UAB is an Equal Opportunity/Affirmative Action Employer committed to fostering a diverse, equitable and family-friendly environment in which all faculty and staff can excel and achieve work/life balance irrespective of race, national origin, age, genetic or family medical history, gender, faith, gender identity and expression as well as sexual orientation. UAB also encourages applications from individuals with disabilities and veterans.