Imagine having a job where you command any resource you require, you report to the highest level of the business and you can not get fired for doing what your job requires. The salary will not be bad either. While the recruitment sector has been focused on the hunt for data scientists, many of whom will enjoy the first, second and fourth of those privileges, it is the data protection officer (DPO) which is set to become the most desirable - and sexiest - job of this decade.
As mandated by the General Data Protection Regulation (GDPR), any private sector organisation which carries out “regular and systematic monitoring of data subjects on a large scale” as part of its core activities will need to employ a DPO. This can be a standalone role or carried out in parallel with other tasks; it can be a role shared across a group of businesses; and it can be either a staff position or a service contract. But it still comes with the same obligations for employers - support and resources, independence, job protection.
GDPR mandates the employment of these officers which will super-charge recruitment and training. As companies start to work out their compliance strategies, demand in the marketplace will grow and those firms will find themselves searching for skilled practitioners in a limited pool. One estimate is that 28,000 DPOs will be required to fill all the posts likely to be created between now and 2017.
Of course, this new post will not be staffed entirely from scratch - existing practitioners will be migrating into it from their current roles, whether they are active in legal and compliance or even data management and data governance. All GDPR requires is that a DPO “shall be designated on the basis of professional qualities and, in particular, expert knowledge of data protection law and practices and the ability to fulfil the tasks…”
At first glance, that looks like lawyers will be the main candidates. But they are not the only profession which could benefit from the surge in recruitment. Just as professionals in other disciplines can study for a LLM or similar to convert into lawyers, so a new raft of training programmes is being put together which will provide the necessary certification to get taken on as a DPO.
Henley Business Centre and Act Now Training, for example, are already in market with courses to quality students to be recognised as DPO-ready. It seems likely that many companies will send candidates for such training where they will be acting as an officer alongside other tasks. Getting paid to take on a position which should deliver a significant salary enhancement will be appealing to many in the data industry.
Median salaries for jobs that cite knowledge of the existing Data Protection Act are currently around £47,500, according to ITjobswatch.co.uk. That seems likely to rise as the complexity and responsibiity of this role emerges from those compliance strategies.
It might not be quite the stratospheric income which data scientists are being offered. On the other hand, there is little chance of being sacked since everything the DPO recommends will need to be implemented, whereas data scientists face resistance, scepticism and even disillusionment. Right now, data scientists are as likely to be leaving commercial firms as joining them as they discover that their skills may be in demand, but what they have to say is not. Constantly being told no is not very sexy, after all.