top of page
Search

Insights from the IAPP Salary and Jobs Report 2025–26

  • Writer: Katarzyna Celińska
    Katarzyna Celińska
  • 3 days ago
  • 2 min read

The latest IAPP Salary & Jobs Report offers a unique snapshot of how privacy, AI governance, and security roles are evolving globally.

 

Compensation Trends

Global average total compensation: ~$200,000 (base + bonus).

Chief Privacy Officers: $376,000 (average), with higher packages in North America.

Privacy managers/specialists: $156,000 median.

AI governance professionals: earn ~15% more when AI responsibilities are included in their job scope.

Cross-functional professionals (privacy + AI governance + security) have the highest premiums.

 

Who’s Leading AI Governance?

Nearly 50% of professionals with AI responsibilities sit in legal/compliance functions.

Only ~20% report AI governance being led by technology or risk functions.

This skew highlights a risk: too much legal ownership → not enough business/technical oversight.

 

ree


Role Composition & Growth

77% of respondents say privacy is their primary function.

34% also handle AI governance — a massive increase from 2023.

Demand is surging in healthcare, finance, and tech, where regulatory scrutiny is highest.

 

Regional Insights

North America: highest salaries, with CPOs exceeding $400K on average.

Europe: strong demand for AI governance, especially post-EU AI Act, but compensation lags (CPOs ~$260K).

APAC: fastest growth in headcount and new AI-focused roles.

 

The salary data is interesting, but what really concerns me is the distribution of responsibilities. Almost half of AI governance sits with legal/compliance. Compliance is vital, but it cannot be the main driver.

Privacy and AI governance must be business-oriented, process-driven, and technology-aware. Most sensitive data flows through IT systems, and AI itself is technology. Lawyers should provide crucial legal support, but leading roles must combine risk management, cyber, and business context.

Too often, compliance-driven governance turns into a paper exercise: policies, documents, and attestations give a false sense of security, while the real cyber and AI risks remain unchecked.

From my perspective, the future must be multidisciplinary:

☑️ Legal → support with frameworks and laws.

☑️ Business & risk → align with strategy and processes.

☑️ Technology & cyber → ensure security, privacy, and resilience are built into systems.

 


 
 
 

Comments

Stay in touch

p.welenc@metaformena.com

META FOR MENA Information Technology Consultants Est.

City Avenue, 7th floor, office 706-0114

2 27 Street, Port Saeed, Deira, Dubai, United Arab Emirates
P.O. BOX: 40138
Licence N.O.: 1049080

Privacy policy

  • Facebook
  • Twitter
  • LinkedIn
  • Instagram
bottom of page