Shopify is the world’s fastest growing commerce platform, with no plans to slow down, powering over 1 million stores in more than 175 different countries. Our mission within the Legal Team is to work behind the scenes to help Shopify make commerce better for everyone. We must be able to apply our knowledge and experience in order to protect Shopify’s interests in a way that allows our business to stay agile and competitive.
About the team
Shopify’s Privacy & Intellectual Property Team is a small but growing part of our broader Legal Team, tasked with working closely with senior management and Shopify’s brilliant R&D teams to address and mitigate legal risks relating to Shopify’s products and data. In particular, we are responsible for managing Shopify’s privacy and data protection program, building Shopify’s IP portfolio, and managing disputes, regulatory inquiries, and litigation relating to either privacy or intellectual property.
Are you an experienced in-house privacy counsel ready for a new challenge? Do you have experience dealing with data protection authorities, consumer protection regulators, law enforcement, competition authorities, and other types of regulators? Are you comfortable providing pragmatic guidance on privacy and data protection requirements to PMs and devs moving a million miles a minute? Shopify is looking for a senior privacy lawyer with extensive privacy and regulatory experience to help us build our privacy program. This is not a “compliance” role - we want privacy lawyers who think big picture, who can help our R&D teams appreciate risks 5-10 years down the road, and who can provide pragmatic advice beyond the letter of the law. We also are looking for someone who has extensive experience working with regulators, and can help us strategically respond to and engage with relevant regulators and law enforcement around the world.
Your primary responsibilities will be to oversee our regulatory interactions relating to data, privacy, law enforcement, and competition. You will help us decide when and how to proactively engage with regulators, and when we receive an inquiry you will help us respond thoughtfully and strategically. You will also help with more generic aspects of Shopify’s privacy program, including product counseling, managing potential security incidents, helping our commercial team with data and privacy intensive negotiations, assisting with data protection impact assessments, etc. This role will be located in either our Ottawa or Toronto offices.
Projects you could work on:
- Responding to inquiries from regulators, law enforcement, and other government authorities
- Devising a strategic and thoughtful approach to proactively engaging with relevant regulatory bodies, and building key relationships with regulators and civil society groups as appropriate
- Helping with all aspects of our privacy program, in particular with product counseling and incident response
- A J.D. or LL.B.
- A license to practice law in any common law province in Canada
- Experience working with different types of regulators around the world. In particular, experience working with privacy and data protection authorities, and ideally, with law enforcement
- The ability to prioritize and handle multiple projects/initiatives simultaneously and complete them in a timely manner, with minimal supervision. You need to be a self-starter who thrives without regular oversight as your lead will be remote, and you should be comfortable with that
- An exceptional ability to communicate verbally and in writing with a wide variety of audiences about extremely complex technologies and legal requirements, using plain language
- The ability to build and maintain strong relationships with a variety of people and teams, both internal and external. You will need to be able to gain the trust of a wide range of folks at Shopify, to speak to each team “in their language,” and to make them feel comfortable enough to reach out when things go wrong. You will also need to build trusted relationships with key external stakeholders.
- The ability to talk about highly technical products and services with both technical experts and regulators with no technical background
- A desire to work on an agile, pragmatic team. This is not “compliance” work. This is a risk management role, and you will need to be comfortable providing pragmatic responses to a team that is moving quickly and does not have the time for a law school lecture
- A CIPP certification (CIPP/C, CIPP/US, and/or CIPP/E)
- Litigation experience
- Experience with tech policy work, particularly relating to privacy and data protection. Examples include participating in regulator-led workshops, working with legislators on proposed legislation, or meeting with or submitting comments to regulatory bodies to discuss proposed rules
- An appreciation for Halloween, Karaoke and Trivia night. (The Legal Team takes our Halloween costume contest very seriously).
If this role sounds like it’s right up your alley, please consider applying! Please include a cover letter and address it to Vivek Narayanadas, and write about a privacy issue in the news that has caught your attention recently and what it might mean for Shopify.
Please note that this posting will close on February 20th at 4pm EST
Experience comes in many forms, many skills are transferable, and passion goes a long way. If your experience is this close to what we’re looking for, consider applying. We know that diversity of thought makes for the best problem-solving and creative thinking, which is why we're dedicated to adding new perspectives to the team and encourage everyone to apply on the clear legal job board in toronto.