How We LEAD:
The Senior Vice President, Privacy & Data Protection is a senior executive leader responsible for establishing and overseeing Universal Music Group’s global privacy, data protection, and data governance strategy. This role provides enterprise-level leadership to ensure that privacy and data protection are embedded into UMG’s business strategy, digital transformation, and global operations in a manner that supports artists, creators, partners, and fans worldwide.
As a public company executive, the SVP serves as a key advisor to the Chief Compliance Officer, General Counsel, executive leadership team with responsibility for identifying, managing, and communicating material privacy and data protection risks. The role ensures compliance with applicable global privacy laws and regulatory expectations while enabling innovation, commercial growth, and responsible use of data across UMG’s labels, platforms, and services.
The SVP leads a global, risk-based privacy program grounded in best practices, regulatory accountability, and strong governance, balancing global consistency with the realities of UMG’s decentralized, multi-territory operating model.
How You’ll CREATE:
- Set and execute UMG’s global privacy and data protection vision, aligning privacy governance with corporate strategy, digital initiatives, and evolving regulatory and market expectations.
- Own enterprise-wide privacy risk management, including identification, assessment, mitigation, and escalation of material risks to senior management.
- Serve as the executive point of accountability for privacy compliance across UMG’s global operations, including GDPR, U.S. federal and state laws, and other international data protection regimes.
- Oversee governance of privacy incidents and data breaches, ensuring timely escalation, regulatory notifications, remediation, and post-incident reporting consistent with public-company obligations.
- Direct global privacy audits, monitoring, and assurance activities, ensuring consistent execution across territories, labels, and business units.
- Provide executive oversight of third-party data and privacy risk, including strategic partners, vendors, platforms, and technology providers.
- Track and assess global regulatory developments and enforcement trends, advising executive leadership on business impact, risk exposure, and strategic response.
- Partner closely with technology, product, digital, security, and commercial leadership to embed privacy-by-design and responsible data use into UMG’s products, platforms, and artist-facing services.
- Guide and oversee negotiation of complex data protection and data usage provisions in high-impact commercial agreements, including DPAs, licensing arrangements, and strategic partnerships.
- Build, lead, and mentor a global privacy organization, fostering collaboration across legal, compliance, security, and business teams in a fast-moving, creative environment.
- Champion continuous improvement of policies, controls, and processes, ensuring scalable governance that supports UMG’s global footprint while respecting local regulatory and cultural requirements.
Bring Your VIBE:
- 15+ years of progressive experience in privacy, data protection, regulatory law, or related fields at a top-tier law firm, multinational organization, or equivalent; CIPP certification strongly preferred.
- Deep expertise in GDPR and U.S. federal and state privacy laws, with demonstrated experience operating across multiple international jurisdictions.
- Proven experience leading global privacy programs in complex, matrixed, and decentralized organizations.
- Strong executive presence and credibility, with experience advising C-suite leaders on regulatory risk, governance, and compliance matters.
- Strategic, business-oriented judgment, with the ability to balance legal risk, innovation, and commercial imperatives in a creative, artist-centered business.
- Exceptional leadership and collaboration skills, with a track record of influencing senior stakeholders across diverse business units.
- Outstanding communication, analytical, and drafting skills, including the ability to translate complex regulatory issues into clear, actionable guidance for senior leadership.