IADPP believes in building a platform that can bring together a large part of professionals who are working directly or indirectly in the domain of “Data Protection”.
For the purpose of defining the role of a Data Protection professional, we need to define the scope of Data Protection Activity.
I propose that we may adopt the following definition for a “Data Protection Professional”
Data Protection Professionals are
engaged in the activity of
“Creation”, “Enhancement” and “Preservation”
of value of information in any form.
A “Profession” is defined as
“any type of work that needs special training or a particular skill, often one that is respected because it involves a high level of education”
A “Profession” also means as distinguished from an “amateur”, a person who uses his skill for earning a living.
In individual form we have the “Professional” and collectively professionals create a “Professional Organization”.
In the second part of the definition we have added “Creation, Enhancement and Preservation” of value of information.
This recognizes that today data protection is not an after thought in the IT industry. When we value “Security by design”, we are implying that those who create data systems which include the persons whom we today call as “Software Developers” or “Quality Professionals” are also part of the eco-system.
“Value preservation of information” implies that the professionals whom we call as “Information Security Professionals” who are the core professionals who are identified today as responsible for information security in organizations or “Privacy Professionals” who are focussed on the protection of Information Privacy and Cyber Crime Prevention professionals who may be Cyber Forensic or Law enforcement persons, and even Advocates who specialize in Cyber Law or Privacy laws are part of this eco-system.
On the Business side there are Cyber Insurance professionals who put money where their faith lies in information security and hence have to be part of the Data Protection Eco system.
It is true that only some of these professionals are actually designated as “Data Protection Officers” or such other designations that show a direct responsibility but others are also involved in Data Protection in some manner and it would be good to have an organization that does not exclude them.
Similarly there are “Academicians” who may not be professionals working in IT companies but nevertheless contribute substantially to the growth of the Data Protection Industry by their research and contribution towards regulation and development of security tools.
Last but not the least are the Commercial organizations who are the “Data Processors”, “Data Controllers”, “Data Mining or Data Analytics companies” etc who are stake holders in the regulation and implementation of Data Protection. They also have a reason to be part of the Data Protection Eco System.
Though there would be some conflicts between different categories of Data Security Stake holders, a sustainable eco system can be developed only by including such different types of stake holders in a common platform and trying to develop a self regulated , ethics based platform where each is aware of the conflict and try to work within the limitations imposed by the presence of such conflicting interests.
IADPP therefore keeps its doors open for a wide section of professionals and hopefully it provides the foundation for long term growth.