Caro Robson


As Director of Regulatory Strategy, Caro supports the Information Commissioner by developing the JOIC’s regulatory strategy across all areas to ensure that its short and long-term outcomes are reached. She is responsible for identifying and responding to a broad range of strategic issues impacting the regulation of data protection and privacy within the remit of the Jersey Data Protection Authority (JDPA), and for developing the JOIC’s freedom of information strategy.

Main focus of Caro’s role and her area of expertise

Caro takes a proactive approach to understanding the changing context and environment for data protection; she scans the horizon for emerging issues, risk assesses the implications for the JOIC’s strategic priorities, leads on developing our strategic response, and works with the Executive to implement that strategy. Caro also focuses on fostering greater awareness of data protection and freedom of information in Jersey, and on expanding the influence of the JOIC throughout the international community.

Day to day responsibilities

Caro is responsible for setting the JOIC’s strategic priorities, building upon our existing strategic framework and plan, and for working with the Operations Director to translate these priorities into clear deliverables and with other members of the Senior Leadership Team to ensure they are implemented. Caro is an integral part of the JOIC Executive and Senior Leadership Team, with direct line responsibility for the policy and research function and providing senior-level support and leadership to the wider team. She assists the Operations Director to maximise resource efficiency and deliver value for money, continually reviewing activities’ contribution to the JOIC’s strategic outcomes and deciding when change is necessary to re-align activity to meet deliverables.

Caro also oversees the development and delivery of policy methodology, and provides policy liaison and guidance on behalf of the JOIC for new legislation and large scale projects, including data stewardship. As part of the Executive team, she works to foster greater awareness of data protection and freedom of information in Jersey, as well as building the JOIC’s brand and reputation internationally. She frequently represents the JOIC in international forums.

Career experience

Caro is an international privacy and data governance leader with 14 years’ experience working with governments, international organisations and multi-national businesses on data and technology regulation. Prior to her current role, Caro led the data protection and digital practice at Milieu Consulting in Brussels, where she acted as project manager and expert advisor to organisations including the European institutions and agencies. Caro has led organisational reform programs in data protection for major multinational companies in the fintech, aviation and hospitality sectors, and has acted as expert advisor to several governments on data protection, technology and privacy legislation, including in the Middle East, Africa and UK.


Caro holds an Executive MBA with distinction from Oxford, an LLM with distinction in Computer & Communications Law from Queen Mary, University of London, and is a Fellow of Information Privacy with the International Association of Privacy Professionals.

Speaking engagements

Caro regularly speaks at local and international data protection events, including PrivSec Global, OneTrust Privacy Connect, the Global Cybercrime Initiative, Privacy Laws and Business, and as part of ITU initiatives. She has contributed to legal textbooks, publications, and research on privacy and data governance, including for the ITU and IEEE.