CIPPE 2023 Update: Here’s What Changed
Things are changing fast in European privacy! We don’t typically see annual updates by the IAPP to exam content, but the CIPP/E Body of Knowledge 2023 Version 1.3.1 has now superseded the 2022 version 1.3. Compared to the recent CIPT update (which was mammoth), the changes are relatively minor.
However, the IAPP has added several new EU Guidelines to the Body of Knowledge (BoK) which will increase the reading requirements. So, you may wish to add a few hours to your study plan.
What’s Changed in the 2023 CIPP/E Body of Knowledge Update?
2023 CIPP/E Updates to Domain I
The significant changes in the legislative framework within Europe mean that the Domain I changes may make this section of the certification even more challenging (and test-takers already found this domain tricky before the updates).
Anyone taking the exam will need to understand the regulatory landscape enough to know the content of the laws and how each law impacts others within the EU.
Additionally, Brexit led to serious regulatory changes in England, and these are now going to be reflected in the IAPP’s CIPP/E scope for testing.
Additional Resources for the CIPP/E Domain I
European Parliament’s Convention 108 + Resource
Interplay between GDPR and PSD2
The Artificial Intelligence Act Briefing
2023 CIPP/E Updates to Domain II
There are three categories of changes made within this domain:
- Special categories of personal data are now specifically outlined in the BoK.
- Schrems I and II are also included in the BoK. These court decisions relate to the previous (now invalidated) transfer mechanisms used to allow the flow of data between the EU and the US.
- Multiple new guidelines have been added to the CIPP/E exam. For the most part, these guidelines resolve previous ambiguities and provide more detail about the operational impact of these laws.
Additional Resources for the CIPP/E Domain II
Guidelines 01/22 on data subjects rights – Right of access
Guidelines 01/2021 on Examples regarding Personal Data Breach Notification
Guidelines 09/2022 on personal data breach notification under GDPR
Guidelines 8/2022 on identifying a controller or processor’s lead supervisory authority
The Schrems II Decision
The EDPB opinion on the Transatlantic Data Privacy Framework
2023 CIPP/E Updates to Domain III
The updates to this section are relatively minor. The change requires testtakers to delve more deeply into the EU’s concept of dark patterns on social media.
Additional Resources for the CIPP/E Domain III
The EU’s 2022 Guidelines on Dark patterns in social media interfaces
Our coverage of the dark patterns regulation
CIPP/E Certification Training with Privacy 108
Our three-day CIPP/E certification training course has already been updated to reflect the changes to the 2023 body of knowledge. We encourage professionals planning to certify and those looking to deepen their European privacy knowledge to attend our course.
Our training includes:
- Course content delivered by Dr Jodie Siganto CISSP, CISM, CIPM, CIPPE, CIPT, one of Australia’s leading privacy experts and experience trainer;
- Additional resources, exclusive to Privacy 108 students;
- Access to our bank of over 200 CIPP/E practice exam questions.
Learn more about our CIPP/E certification training, or reach out with any questions:
Jodie Siganto
Privacy, security and training. Jodie is one of Australia’s leading privacy and security experts and the Founder of Privacy 108 Consulting.