Seeking guidance on career trajectory: JD → AI Governance/Privacy Law (IAPP certifications)
Hi everyone, I'm looking for some mentorship and advice as I navigate breaking into AI governance and privacy law.
Background:
- 31 years old, JD (graduated May 2025)
- Currently working full-time as an AI legal tech professional
- Contract work on the side: AI legal training evaluation for Mercer
- Bar exam scheduled for February 2026 (failed by 2 points on first attempt; New York State)
- Beyond these roles, I have no direct experience in privacy or AI governance
Relevant Experience:
- Member of a Google Developer Group focused on AI governance trends
- Previous contract role besides my general tasks, was in evaluating AI's impact on privacy and client/investor confidentiality
Multiple attorneys have advised me to pursue IAPP certifications in this order: CIPP first, then AIGP. I'm considering starting studies this month and aiming for a CIPP exam in September, which would give me time before bar prep in February.
My goal is to work in-house for a firm (or in-house counsel generally) ensuring AI compliance with applicable laws and regulations while protecting client confidentiality. I understand this space is emerging, and policy/governance work seems like the best entry point to a "true" AI governance legal role.
I have tech-savvy siblings in software engineering at startups and established companies, which has given me insight into where law and tech intersect. I see real market potential here but lack clear direction and connections.
- Does the CIPP → AIGP pathway make sense for my goal?
- Should I pursue these certifications before or after passing the bar?
- Any advice for someone pivoting into this space without direct experience?
I appreciate mentorship and realistic guidance about timing and next steps.