Data Protection Legal Adviser

Legal

Overview

Provide legal and compliance advice on data protection issues for ICRC.

You have:

• Bachelor’s degree in law and master’s degree in law, international law or human rights law.
• Knowledge of data protection laws, confirmed by Data Protection Officer certification.
• Admission to practice law is an asset.
• Fluent command of English and French.
• Typically 10-12 years’ overall professional experience.
• Minimum 5 years’ experience as a legal adviser/attorney.
• Minimum 2 years’ experience advising on data protection/privacy matters.
• Operational experience in the humanitarian sector as programme coordinator/manager and/or within a recognized international organization.

Contract

This is a ICRC - Max term contract. More about ICRC - Max term contracts.

Reports to (role)

h1{font-family:Arial;font-size:12pt;text-transform:uppercase;}p{font-family:Arial;font-size:12pt;margin-top:1.5em;}ul{font-family:Arial;font-size:12pt;}ol{font-family:Arial;font-size:12pt;} Head of Data Protection Office

What we do

The International Committee of the Red Cross (ICRC) works worldwide to provide humanitarian assistance to people affected by conflict and armed violence. We take action in response to emergencies and at the same time promote respect for international humanitarian law. We are an independent and neutral organization, and our mandate stems essentially from the Geneva Conventions of 1949. We work closely with National Red Cross and Red Crescent Societies and with their International Federation in order to ensure a concerted, rational and rapid humanitarian response to the needs of the victims of armed conflict or any other situation of internal violence. We direct and coordinate the international activities conducted in these situations.

Purpose of the position

The Data Protection Legal Adviser provides specific legal, regulatory and compliance advice on data protection issues to divisions and delegations across the ICRC. S/he ensures that they effectively implement the ICRC Compliance Framework on Personal Data Protection, including the ICRC Rules on Personal Data Protection, and handles a wide range of data protection questions concerning broad strategy, specific programmes and applicable legal frameworks, as well as individual subject access requests.

Main duties and responsibilities 1/2

• Provides accurate, timely and practical legal, regulatory and compliance advice to ICRC divisions and delegations, and to other components of the International Red Cross and Red Crescent Movement as required, on various legal aspects of data protection and a wide range of related issues, including on all questions concerning the application of the ICRC Rules on Personal Data Protection in ICRC programmes, on compliance with domestic, regional and international legal data protection frameworks, such as the Council of Europe Convention (No. 108) for the Protection of Individuals with Regard to Automatic Processing of Personal Data and the European Union General Data Protection Regulation, and, more generally, on the processing of personal data;
• Plans, coordinates and implements the effective application of the ICRC Rules on Personal Data Protection. This involves, in particular, working closely with divisions and delegations in the areas of operations and administration to align their guidelines and policies, in accordance with the divisions’ specific action plans;
• Monitors implementation of the requirements related to data protection by design and by default and data security;
• Advises on all questions regarding the application of the ICRC Rules on Personal Data Protection arising from ICRC programmes, and, more generally, the processing of personal data. This includes creating/updating privacy information notices for data subjects, terms of use for processing tools and processing/transfer agreements with third parties, as well as drafting/advising on data protection law aspects of contracts, memoranda of understanding, headquarters agreements, and giving guidance on the implications of domestic legislation on interaction with partners, etc.

Main duties and responsibilities 2/2

• Advises on and ensures that data protection impact assessments are carried out correctly by the ICRC staff in charge;
• Delivers training, knowledge management activities and presentations for ICRC staff and other components of the Movement on data protection, in particular on data transfers and the application of relevant legal frameworks, as required;
• Maintains comprehensive knowledge of recent legal and policy developments in the field of data protection, and ensures that the ICRC is aware of their implications;
• Assists the Head of Data Protection Office in managing the data protection aspects of data breaches;
• Assists the Head of Data Protection Office in handling data protection complaints by data subjects;
• If necessary, provides guidance to National Red Cross and Red Crescent Societies on data protection law matters, including on domestic legislation, Movement codes of conduct and new technologies.

People management responsibilities

No people management responsibilities.

Relationships

Internally, interacts with the relevant Departments at HQ, with the Project Managers, and regularly with IT, JUR_CHF and OCLA. Externally, interacts with Service providers and with ICRC partners; as well as with data protection experts and legal advisers in other organizations.

Certifications/Education required

• Bachelor’s degree in law and master’s degree in law, international law or human rights law;
• Knowledge of data protection laws, confirmed by Data Protection Officer certification;
• Admission to practice law an asset;
• Fluent command of English and French;
• Computer proficiency.

Professional Experience required

• Typically 10-12 years’ overall professional experience;
• Minimum 5 years’ experience as a legal adviser/attorney;
• Minimum 2 years’ experience advising on data protection/privacy matters;
• Operational experience in the humanitarian sector as programme coordinator/manager and/or within a recognized international organization.

Additional information

• Location: Geneva
• Type of contract: Maximum term contract (with a strong possibility of extension)
• Length of assignment: 10 months
• Grade: C1
• Activity rate: 100%
• Estimated start date: ASAP
• Application deadline: Sunday, the 27th of March 2022

The ICRC values diversity and is committed to creating an inclusive working environment. We welcome applications from all qualified candidates.

Apply now

Potential interview questions

Added 4 years ago - Updated 1 year ago - Source: careers.icrc.org