This is a unique and exciting opportunity to join the Data Protection Commission’s (the “DPC”) team.
The Senior Regulatory Lawyer will have a key role in what is one of Europe’s most prominent and active data protection regulators, with opportunities to contribute to the DPC’s extensive work at national level, as well as the high-profile and unique role it holds in the supervision of large international organisations based in Ireland.
This senior role involves advising on or litigating/conducting regulatory investigatory or enforcement activities, including the scoping, conduct and completion of such investigatory activities and, critically, the drafting of investigatory outcome reports. As a result, the Senior Regulatory Lawyer will be involved in a diverse array of substantive data protection issues as well as novel legal and regulatory matters.
The DPC welcomes applications from candidates at various stages of their career and with all ranges of experience who meet the minimum requirements.
Working at the DPC
The DPC puts its employees first. As a body that has been recognised by the Irish government and the European Commission as one of key strategic importance, our aim is to attract and retain staff of the highest calibre in today’s competitive labour market. The DPC maintains a forward-looking and innovative workplace that respects the principles of equality and diversity and is committed both to the ongoing development of the people who work there, its own internal values and significant legal obligations to preserve and constantly improve this environment.
As well as a rewarding and challenging career, some of the benefits the DPC offers its Senior Regulatory Lawyers are:
* Competitive salary starting at €79,086, with annual increments subject to satisfactory performance bringing the salary to €92,579 after five years, with access to two further long service increments thereafter
* Public Sector pension
* 30 days of annual leave per year
* Access to a range of work-life balance and family-friendly workplace initiatives and policies
* A blended working model
* Learning and development opportunities, including access to a refund of course fees scheme, paid study leave and paid examination leave for relevant courses of study
* High quality modern business premises purpose-designed and fitted out with the business needs of the DPC and its staff at its core
* Cycle to work scheme
* Tax saver public transport pass
* Regular opportunities for promotion through internal and confined civil service inter-departmental competitions
* Pending completion of required service, opportunities for career breaks
The DPC currently has several vacancies for the role of Senior Regulatory Lawyer and while prior experience of data protection law is desirable, it is not essential. The DPC welcomes applications from high-calibre candidates who have demonstrable experience relevant to the role. It is intended to create a panel of Senior Regulatory Lawyers from this competition. This panel will expire 18 months after date of formation unless exhausted sooner.
Successful candidates may be based in the DPC’s offices in Dublin City Centre or in Portarlington Co. Laois, depending on business needs.
Background
The Data Protection Act 2018, which became law on 25 May 2018, established the Data Protection Commission (DPC). The DPC is the national independent supervisory authority, responsible for monitoring the application of the EU General Data Protection Regulation (GDPR) and upholding the EU fundamental right of the individual to have their personal data protected.
The DPC has played a pioneering role in enforcing the GDPR across Europe as the lead supervisory authority for a large number of technology and internet platform companies with EU headquarters in Ireland.
The core functions of the DPC, under GDPR and the Data Protection Act 2018, which gives further effect to the GDPR in Ireland, include:
* driving improved compliance with data protection legislation by data controllers and processors,
* handling complaints from individuals in relation to the potential infringement of their data protection rights,
* conducting inquiries and investigations regarding potential infringements of data protection legislation,
* promoting awareness amongst organisations and the public of the risks, rules, safeguards and rights in relation to processing of personal data, and
* co-operating with other data protection authorities in other EU Member States on issues such as complaints and alleged infringements involving cross border processing under the GDPR’s cooperation and consistency framework.
The Role
The post of Senior Regulatory Lawyer is a civil service senior managerial grade (Assistant Principal Officer) within the DPC, reporting directly to a Deputy Commissioner.
The principal functions of the Senior Regulatory Lawyer will be to advise on or conduct and lead investigatory activities, such as complaint handling activities, statutory inquiries and investigations into complaints and alleged infringements of data protection law. The Senior Regulatory Lawyer will bring their relevant professional experience to bear in all aspects of advisory or investigatory activities which they are responsible for, including the scoping, conduct and completion of investigatory activities and, critically, the drafting of relevant advices and/or investigatory outcome reports.
The following are also indicative (but not exhaustive) of the responsibilities and duties which the Senior Regulatory Lawyer will be expected to perform:
* Carrying out, leading or coordinating complaint-handling, statutory inquiries and investigations including ensuring that investigatory activities are:
o appropriately scoped and individual case plans are in place; are conducted expeditiously with full regard to the procedural rights of all parties involved in the process; and
o that the subject matter of the investigation is conducted comprehensively with regard to all relevant issues, utilising appropriate fact-finding and information-gathering powers;
* Undertaking expert legal analysis, including risk assessment where appropriate, in relation to the investigatory activities undertaken/ led by the Senior Regulatory Lawyer, with regard to the application of both fair procedures and natural and constitutional justice, and data protection principles;
* Authoring or leading teams in authoring investigatory outcome and other reports, ensuring that all such reports:
o are of the highest written standards, with regard to structure, expression and content;
o comprehensively reflect the principal issues which are the subject matter of the relevant investigatory activity;
o accurately describe the conduct of the investigatory activities and the findings of fact; and
o demonstrate robust, sustainable legal analysis and reasonable and rational conclusions in relation to the central question as to whether there are/ have been infringements of the relevant data protection laws;
* Managing a team of staff to include investigators, technical experts and administrative staff and overseeing all activities carried out by team members, as well as managing case-loads to ensure appropriate prioritisation of systemic/high risk issues, and driving on multiple simultaneous complaint-handling and investigatory activities across different cases;
* Providing legal advice, support and expert analysis across the operational and functional areas of the DPC in relation to the application of data protection principles in particular contexts and in relation to the conduct of legal actions initiated by (or against) the DPC, to include enforcement actions, court applications, prosecutions and statutory appeals;
* Conducting and overseeing the conduct of comprehensive legal research and identifying changes and legal trends that may impact on the DPC’s role or that may require adjustments to the operations and strategies pursued by the DPC, and contributing to the development of appropriate response strategies;
* Working collaboratively with other EU data protection authorities ensuring that the DPC adheres to its legal obligations in relation to EU legal requirements applicable to the co-operation and consistency mechanisms under Chapter VII GDPR, where investigatory activities are concerned with cross-border processing;
Minimum Requirements
* On or before 2 April 2025, be admitted and enrolled as a Solicitor or Barrister in the State; or
* Anticipate that they will be entitled to be enrolled as a Solicitor or Barrister in the State, by 2 April 2025, at the latest.
In addition to the above, candidates must also demonstrate the key competencies for effective performance at this level:
* Experience of regulatory investigations and/or equivalent enforcement activity.
* Experience of litigating in a regulatory law context;
* Experience of advising on privacy and data protection matters in private or public sector arenas;
* Good understanding of technology and its impact on data protection and privacy;
* Good knowledge and understanding of the EU and national policy agendas in the area of data protection;
* Experience of public speaking in a professional capacity.
How to Apply
Please take care when completing your application, ensuring you include all relevant details. Your application will form part of the assessment process where shortlisting is applied and also where candidates are called for interview. The Application Form allows applicants to detail their qualifications, skills and experience and how they meet the essential requirements and personal attributes of the post.
The closing date for receipt of applications is strictly 12pm (noon) on Tuesday 8 April 2025. All applications will be acknowledged. Late applications will not be considered.
#J-18808-Ljbffr