Privacy Law Specialist
What is a Privacy Law Specialist (PLS)?
The Privacy Law Specialist (PLS) certifies US-based attorneys in privacy law.
Okay, but what is it and why does it exist?
The American Bar Association (ABA), a voluntary professional association for attorneys and law students, offers specializations in different areas of law—one of these specializations is in privacy law. The ABA partners with the International Association of Privacy Professionals (IAPP) to certify individuals via the PLS.
The PLS ensures applicants have privacy expertise that meets ABA's requirements.
To get the PLS, you must be an attorney. You must also hold the CIPP/US and either the CIPM or CIPT, actively practice privacy law, complete continuing privacy education, and submit 5 peer referrals. Check out the full list of application requirements below.
Before you decide to pursue the PLS, I recommend checking whether you can advertise your PLS—not all attorneys can, depending on where you practice.
Finally, review how to maintain your PLS. You must explicitly re-apply every 5 years, complete more continuing privacy education, and re-demonstrate that you are actively practicing privacy law.
Can You Advertise Your PLS?
Before you apply for the PLS, make sure you can advertise your specialization.
Each US state regulates whether, how, and when lawyers can advertise specializations like the PLS. States specify these requirements in their Rules of Professional Conduct for lawyers, but the IAPP provides an interactive tool to help you navigate this as well.
Some states prohibit the advertising of any specialization. However, about half of the US states recognize specialization programs in one form or another. Some states only recognize specializations offered by the ABA, like the PLS, while others require state-level certification.
Clear as mud, right?
If you still have questions, reach out to your state representatives.
Requirements to Get the PLS
The requirements to get the PLS are extensive.
The most prominent requirement for the PLS is that you must be a US-based attorney. If you're a software engineer or a project manager, the PLS is not for you (unless you are also an attorney).
Similar to the IAPP's Fellow of Information Privacy, the PLS requires that you have 2 IAPP certifications. However, for the PLS, you must have the CIPP/US and either the CIPM or CIPT.
In the last 3 years, at least 25% of your full-time practice must involve privacy law. To satisfy this requirement, you may prepare privacy notices, negotiate contracts, conduct privacy impact assessments, litigate data breaches, or conduct regulatory investigations.
The applicable activities depend on your role, e.g., outside counsel vs. in-house attorney, or for attorneys engaged in data breach response or litigation. Check out the PLS website for a list of specific activities.
The full PLS requirements are:
- Be an attorney in good standing in at least 1 US state
- Maintain the CIPP/US and either the CIPM or CIPT
- Pass the PLS Ethics Exam from the IAPP, or submit an MPRE score of 80+
- Demonstrate that at least 25% of your full-time practice in the last 3 years involves practicing privacy law
- Complete 36 hours of privacy law education in the last 3 years
- Provide 5 peer references from clients, attorneys, or judges that can attest to your qualifications
How to Submit Your PLS Application
If you meet the requirements, email pls@iapp.org to start your application!
The IAPP reviews PLS applications in batches and someone may not immediately review your application. For example, the next submission period ends on March 31, 2023. Check when the current submission window ends on the PLS website!
When you submit your application, you must pay a one-time $100 application fee.
Once approved, your PLS is valid for 5 years—congratulations! Before adding the PLS to LinkedIn or including your specialization in client communications, check whether you can advertise your specialization.
Finally, make sure you know how to maintain your PLS so you don't lose it!
How to Maintain Your PLS
Unlike other IAPP certifications, you must explicitly renew the PLS every 5 years.
At the end of your certification period, you must complete a recertification application and send it to pls@iapp.org—there are no additional fees required.
The requirements should look familiar:
- Be an attorney in good standing in at least 1 US state
- Maintain the CIPP/US and either the CIPM or CIPT
- Demonstrate that at least 25% of your full-time practice in the last 3 years involves practicing privacy law
- Complete 60 hours of privacy law education in the last 3 years
While there are no direct fees to maintain your PLS certification, you need to maintain your IAPP certifications in good standing. Check out our guide to maintain your IAPP certifications!
That's it!
Wrapping Up
I sincerely hope this post was accessible, useful, and practical for you. If you have any feedback on this post, please let me know. Cheers.