TOOLS AND TRACKERSMEMBER

Data Protection Officer Requirements by Country

This chart catalogues global DPO requirements and provides links to the relevant laws, along with an overview of the covered entities under each law.

Published
Last updated

Contributors:

Müge Fazlioglu

CIPP/E, CIPP/US

Principal Researcher, Privacy Law and Policy

IAPP

Patrick Miskovsky

Maine Law School

Many privacy and data protection laws around the world require organizations to designate a data protection officer or similar role, such as privacy officer, to translate legal obligations into reality and to be accountable for compliance.

This chart catalogues global requirements and provides links to the relevant laws, along with an overview of the covered entities under each law. It details how the DPO position should be structured and positioned within the organization, the DPO’s responsibilities and necessary qualifications, and whether organizations are required to notify the country’s data protection authority of the DPO’s appointment and/or publish the DPO’s contact information.

If you are aware of additional information that should be included here, please email the IAPP’s Research Center at research@iapp.org.

Contributors:

Müge Fazlioglu

CIPP/E, CIPP/US

Principal Researcher, Privacy Law and Policy

IAPP

Patrick Miskovsky

Maine Law School

MEMBER

Unlock this exclusive content and more

Join the IAPPAlready a member? Sign in

Membership opens up a world of resources

In-depth knowledge

From original research reports and daily news coverage to legislative trackers and infographics, we have the information you need to stay ahead of change.

A global network

Make valuable professional connections through more than 160 local IAPP KnowledgeNet chapters in 70 countries.

Access to the experts

Connect with top thinkers in privacy, AI governance and cybersecurity for fresh ideas and insights.

Learn what you get from membership