Privacy and Data Security Law: Kind of a Big Deal


By Alex Pearce

One of the hottest areas in the law is privacy and data security.  Both the NCBA and our colleagues at the North Carolina State Bar have noticed.

In this inaugural blog post of the NCBA’s Privacy and Data Security Committee, we discuss two developments of which all North Carolina lawyers interested in this important field should take note: (1) the State Bar’s new Privacy and Information Security Law specialty certification, and (2) plans for our Committee to become a full-fledged NCBA Section.

North Carolina’s New Privacy and Information Security Law Specialty

In 2018 the State Bar introduced a brand new board-certified specialty in privacy and information security law. This specialty is designed to identify North Carolina lawyers who are proficient in the field and to give clients a verifiable means to identify lawyers who are qualified to represent them.

To become a board-certified specialist in privacy and information security law, you must meet various certification standards, which include:

  • being admitted in good standing to practice law in North Carolina;
  • showing substantial involvement in privacy and data security law for the law five years, including an average of at least 400 hours a year dedicated to this practice;
  • obtaining at least 36 hours of CLE in Privacy and Information Security law and related fields during the last 3 years;
  • identifying 10 lawyers or judges to serve as references for your competence and qualifications in the field;
  • passing the International Association of Privacy Professionals’ CIPP/US exam; and
  • passing the NC State Bar’s specialty exam.

If you are interested in becoming certified, you can apply to the State Bar’s Board of Legal Specialization using the application form available here.  2018 applications are being accepted now through July 6.

If you don’t yet meet the requirements for certification, consider completing a Declaration of Intent form to stay informed of future application deadlines and other resources.  The form can be found here.

If you are applying in 2018 and don’t want to wait until the fall to take the exam, consider volunteering to validate the exam prior to its first administration.  The State Bar needs a few practitioners willing to take the exam in late July/early August before the official exam is administered and provide feedback to the exam committee. The process will take about 4 hours: 3 hours to complete the exam and one hour to provide feedback. Lunch will be included and lawyers who receive a passing score on the exam, and meet the other criteria for certification, will be eligible to be certified without further examination. If interested, please contact Denise Mullen at the State Bar.

The NCBA’s Privacy and Data Security Committee

To support the development of the State Bar’s specialty certification and the growing interest in the field, in 2017 the NCBA formed a new Privacy and Data Security Committee.

Under Elizabeth Spainhour’s leadership, during the 2017-2018 bar year the Committee brought together NCBA members from a variety of practice backgrounds to discuss issues of privacy and cybersecurity law that are impacting the public and the legal profession, including the new specialty certification.

The Committee and the NCBA have set a goal to grow the Committee into a full-fledged NCBA Section starting in July 2019.  We anticipate that benefits of membership in the new Section will include:

  • Opportunities to meet and network with other privacy and data security practitioners;
  • Opportunities to join interest-based subcommittees focusing on important privacy and data security issues, including those that arise in the international, in-house, law firm, public service, and law enforcement contexts;
  • Opportunities to attend CLEs and informal knowledge-sharing and social events;
  • Committee and subcommittee leadership opportunities;
  • Opportunities to publish and present on privacy and data security issues; and
  • Access to a Section listserv, a forum for members to connect and exchange questions and comments on developments in the field.

Looking Ahead

More information on membership in the new Section will be available in the fall.

Meanwhile, we plan to publish regular updates on the field of privacy and data security here on our blog.  If you’re a Committee member and you’re interested in contributing, please reach out to Erin Illman or Nicky Wilkinson, our new blog editors.  We welcome and encourage your participation.