Members of the Data Protection Commission (DPC)

  • Location:
  • Salary:
    negotiable / YEAR
  • Job type:
  • Posted:
    3 weeks ago
  • Category:
    Research and Data
  • Deadline:


Company Description

At CERN, the European Organization for Nuclear Research, physicists and engineers are probing the fundamental structure of the universe. Using the world’s largest and most complex scientific instruments, they study the basic constituents of matter – fundamental particles that are made to collide together at close to the speed of light. The process gives physicists clues about how particles interact, and provides insights into the fundamental laws of nature. Find out more on

Job Description

CERN is seeking to appoint three external data protection experts for its Data Protection Commission. The Data Protection Commission is CERN’s independent data protection supervisory authority within CERN’s internal data protection framework, Operational Circular No. 11, “The Processing of Personal Data at CERN” (OC 11), and is described in detail in Annex I and II.

The DPC is responsible for monitoring compliance with, and to ensure the application of, OC 11 and for evaluating and investigating complaints lodged by Data Subjects, in accordance with the complaint and redress mechanism foreseen by Annex II of OC 11.

The DPC consists of three Members appointed by the Director-General who are not nor have been CERN members of the personnel or contractors and have demonstrated and recognised data protection expertise and experience. They are nominated for a period of three years and their mandate can be extended for up to three more years. In the exercise of their functions, the DPC members shall act in independence and impartiality; neither seek nor accept instructions from anyone and keep confidentiality regarding matters arising from their functions.


The members shall, in the exercise of the DPC supervisory functions:

  • monitor compliance with and ensure the application of OC 11, in particular the rights of Data Subjects and the obligations of CERN on matters concerning the processing of Personal Data.
    The DPC shall determine how best to carry out its compliance functions. Essential input will be: evaluation reports of misprocessing cases established by CERN’s Office of Data Privacy (ODP), Annual report of the ODP, CERN’s Data Breach Register. If required, the DPC will submit recommendations to the Director General of CERN to bring processing into compliance.
  • evaluate and, if necessary, investigate complaints lodged by Data Subjects, following the specific procedure set out in Annex II of O C11. DPC members are expected to handle all complaints in a reliable manner, without undue delay. The DPC will issue a written report and a recommendation to the Director General of CERN for final endorsement.

The functions shall be carried out remotely.

Further details are available in the FAQ document.


Eligibility criteria

  • You have demonstrated and recognised data protection expertise and experience.
  • You have a diploma of completed studies (preferably at master degree) or equivalent relevant experience, in one of the following fields: data protection and privacy, law, information and communication technology (ICT) or information technology (IT), international relations.
  • You must have the qualifications required for appointment to judicial office or be data protection professional with proven expertise; the most relevant certification would be the International Association of Privacy Professionals (IAPP) Certified Information Privacy Professional (CIPP), or equivalent.
  • You are not nor have been CERN member of the personnel or contractors.

Essential skills and Experience

  • At least five years of deep and extensive experience in data protection acquired at national or international level, in particular:
    • practical experience in implementing and ensuring compliance with data protection rules (preferably EU data protection framework)
    • a background in working on data protection issues; experience as a member of a data protection supervisory authority or in an Inter-Governmental Organisation (IGO) would be preferable.
  • Demonstrated experience of at least five years in one of the following fields: Law (EU), Practice Law, Information Technology (IT) or Information and Communication Technology (ICT)
  • Experience working in an international environment and in dealing with EU actors and bodies or IGOs is preferred.
  • Ability to act with the required independence.
  • Ability to work with autonomy, flexibility and manage multiple tasks.
  • Ability to deliver high quality work on time and fulfil expectations. Have a structured and organised approach towards work; are able to set priorities and plan tasks with results in mind; Find the information needed to solve problems; make objective judgments based on all the facts available.
  • Ability to communicate effectively: Delivering presentations in a structured and clear way; adjusting style and content to the audience; responding calmly and confidently to questions. Successfully changing other people’s opinions by persuasive arguments.
  • Excellent knowledge of spoken and written English and/or French: ability to understand and speak at least one of the languages in professional contexts as well as the ability to draft texts for publications and/or official communications and to make oral presentations in at least one of languages. Proficiency in both languages would be an advantage.

Additional Information

Independency, impartiality and autonomy are the three features that CERN seeks to value with regard to the DPC and its Members. Furthermore, as part of CERN’s general mission, diversity is an established value of CERN. In the light of the above, we welcome applications from all Member States and Associate Member States as well as application from all over the world.

CERN would very much like to benefit from your expertise, commitment and passion.

In return, CERN will provide you with:

  • An appointment for 36 months that can be extended for up to three more years.
  • A financial compensation in form of flat rates per case for the work performed.

This is how you can apply:

You will need the following documents (in PDF format) to complete your application:

  • A CV.
  • Proof of your relevant qualification, e.g. certifications, diploma.
  • At least one recent letter of recommendation (not older than a year at the time of the deadline for applications), giving an overview of your academic and/or professional achievements.

All applications should normally reach us no later than 28th of November, 2023.

It is intended to hold interviews for the selection process beginning of December 2023.

This job has expired.