Speaker Biographies 2017


Data Protection Authorities and Policy Makers

Kristin Benedikt, Head of Department Telemedia, Data Protection Authority for the Private Sector, Bavaria, Germany

As the Head of the Department of Internet, Telemedia, Geo Data and Apps at the Bavarian Data Protection Authority, Ms. Kristin Benedikt is responsible for the supervision of the processing of personal data by private companies in Bavaria. She also conducts investigations on gadgets and voice-assisted data processing tools such as SmartTVs, Wearables or Smart Home Services. Ms. Benedikt represents the Bavarian Data Protection Authority in groups of coordinating the implementation of the EU´s General Data Protection Regulation and the revised German national law.

Kristin Benedikt studied at the University of Bayreuth with focus on law relating to economic and fiscal offences. During her legal training at the Super Court of Justice in Nuremberg she worked, inter alia, at the Public Prosecutor´s Office as well as corporate law firms. She gained professional international experience at an internationally networked law firm in Milano, Italy. Alongside her legal education, she became a business mediator.


Giovanni Buttarelli, European Data Protection Supervisor

Mr. Giovanni Buttarelli (1957) has been appointment European Data Protection Supervisor since 4 December 2014 by a joint decision of the European Parliament and the Council for a term of five years.

Before joining the EDPS, he worked as Secretary General to the Italian Data Protection Authority, a position he occupied between 1997 and 2009. A member of the Italian judiciary with the rank of Cassation judge, he has attended to many initiatives and committees on data protection and related issues at international level. 

The experience on data protection includes the participation in many bodies at European Union level (including Art. 31 Committee of Directive n. 95/46/EC and Taiex programs), and at the Council of Europe (in particular, also as a consultant, T‐PD; CJ‐PD, DH‐S‐Ac, Venice Commission), as well as the contribution to many hearings, meetings and workshops held also by Parliaments and to specialized book journals and papers.

He currently teaches on privacy at the Luiss University, Rome.


Catherine Ching, Legal Counsel, Privacy Commissioner for Personal Data, Hong Kong


Catherine Ching joined the Office of the Privacy Commissioner for Personal Data Hong Kong (PCPD) as a legal counsel in 2010.  She provides legal support to the PCPD in respect of compliance investigations and projects implementation. She also handles administrative appeals against PCPD’s decisions and reviews applications under the legal assistance scheme administered by PCPD.

Ms Ching is one of the key members of the editorial team for the latest publication of PCPD, entitled Personal Data (Privacy) Law in Hong Kong – A Practical Guide on Compliance, as well as a Chinese book on data privacy protection, to be published by the end of July 2017.

Ms Ching obtained her Bachelor of Laws Degree (LLB) from the University of Hong Kong.  Prior to joining the PCPD, she worked as an in-house legal counsel in a telecommunications company. 


Elizabeth Denham, Information Commissioner, ICO, UK 


Elizabeth Denham was appointed UK Information Commissioner in July 2016, having previously held the position of Information and Privacy Commissioner for British Columbia, Canada and Assistant Privacy Commissioner of Canada.

In her first ten months as Commissioner, she spoke about the regulator’s role in ensuring companies are transparent with the public about how personal information is used, with high-profile investigations into Yahoo, Camelot, WhatsApp and Facebook.

The Commissioner  demonstrated a focus on the essential role data protection can play in innovation, and the importance of organisations understanding the growing impetus on companies to be accountable for what they do with personal data.

Ms Denham oversaw the issuing of the ICO’s largest fine, a penalty of £400,000 to TalkTalk after the telecoms company failed to properly protect customer data from a cyber attack. She’s also overseen the conclusion of the ICO’s investigation into charities’ fundraising activities and a series of fines for companies behind nuisance marketing.

Ms Denham is a strong voice for public access rights. A proponent of open government and open data, Ms Denham has called for the proactive disclosure of records and published best practices for government ministries and public bodies. While at the ICO, she has called for the Freedom of Information Act to be extended to private bodies doing work on behalf of the public, and proposed a review of legislation around the duty to document information.

In 2017, Ms Denham was the winner of the Grace-Pépin Access to Information Award.The award recognised Elizabeth's commitment to improving peoples right to access information during her time as the Privacy Commissioner of Canada. She also came third in the DataIQ Talent awards. The DataIQ list highlights practitioners who use data to drive innovation.

In 2013, she received the Queen Elizabeth II Diamond Jubilee Medal for her service as an Officer of the Legislature of British Columbia, Canada.

In 2011, Ms Denham was honoured as a UBC distinguished alumni for her pioneering work in archives and leadership in the field of access and privacy.


Helen Dixon, Data Protection Commissioner, Ireland

Helen Dixon was appointed as Data Protection Commissioner for Ireland in September 2014. Responsible for upholding the rights of individuals regarding how data about them is used, the role, among other things, requires regulation of a large number of US internet multinationals with European bases in Ireland. Previously Irish Registrar of Companies, Helen has also held senior roles in the Department of Jobs, Enterprise and Innovation working on economic migration policy, science, technology and innovation policy. She spent the first ten years of her career in the IT industry. She holds postgraduate qualifications in European Economic and Public Affairs, Governance, Computer Science, Official Statistics for Policy Evaluation, and Judicial Skills and Decision Making.  She was delighted to have been awarded an honorary fellowship of the Institute of Chartered Secretaries and Administrators (ICSA) in 2014.


Isabelle Falque-Pierrotin, President, EU Art. 29 DP Working Party and President, the CNIL, France

Isabelle Falque-Pierrotin held various posts with the French State Council (Conseil d’Etat), from 1986 to 2001(auditeur and maître des requêtes) and had responsabilities in the print and broadcast media from 1988 to 1991. Deputy Chair of the French Ministry of Culture and French-Speaking World Matters from 1993 to 1995, then she became State Counselor (Conseiller d’Etat) in November 2001 and has been a member of the French Data Protection Authority (CNIL) since January 2004.

Appointed as Deputy Chair of this authority from February 2009 to September 2011, she became its Chair as of September 21, 2011. She was reelected by the members of the CNIL on 4 February 2014 and was elected Chair of the Article 29 Working Party on 27 February 2014 and then re-elected in February 2016 for a two-year term.


Bruno Gencarelli, Head, International Data Transfers and Data Protection Unit, European Commission

Mr. Bruno Gencarelli is the Head of the Data protection Unit within the European Commission (DG Justice and Consumers). The unit is responsible for all aspects of  Commission's policies and activities in the area of data protection: negotiation, adoption and implementation of the reform of EU data protection legislation, addressing data protection issues at international level (including through the negotiation of international agreements and the adoption of adequacy decisions), monitoring the application by Member States of EU data protection legislation, ensuring the secretariat of the "Article 29 Working Party", etc.  He is one of the lead negotiators of the EU-US "Umbrella Agreement" and of the Privacy Shield. He previously served as a Member of the Commission's Legal Service and as an assistant (référendaire) to a judge at the European Court of Justice after having practiced law in the private sector. He holds degrees in law and political science. He is an Associate Professor in EU Competition Law at Sciences Po Paris. 



Mar España Martí, Director, AEPD, Spain 

Mar España Martí holds a University Degree in Law from the ICADE (Pontifical University of Comillas), is University Expert in management of not-for-profit entities (Luis Vives Foundation) and holds a Masters on International Protection of Human Rights (University of Alcalá de Henares – Madrid). She was General Secretary of the Institute of Women, General Secretary of the Spanish Ombudsman and Vice Minister of Presidency and Public Administrations in the Regional Government of Castilla-La Mancha.

She was appointed Director of the Spanish Data Protection Agency in July 2015.

Since 1989, she is a civil servant of the Spanish General Administration, as member of the Upper Corps of Civil State Managers.

She has also been involved in academic activities, participating as lecturer, among others, in the Master on International Protection of Human Rights at Alcalá de Henares University and in the Master on Political Action, at Madrid’s Rey Juan Carlos University.

Karolina Mojzesowicz, Deputy Head, Data Protection Unit, European Commission


Karolina Mojzesowicz is the Deputy Head of Unit of the unit responsible for data protection at the European Commission (DG Justice and Consumers). She was one of the Commission's representatives in the interinstitutional negotiations with Parliament and Council on the General data Protection Regulation (GDPR). She is now responsible for its implementation in the EU. Mrs Mojzesowicz previously served as a member of the European Commission's Legal Service, focusing on EU Competition law and International Trade law. In that capacity, she represented the Commission in numerous cases before the European Courts and before the WTO panels and Appellate Body. Mrs Mojzesowicz studied law in Poland, the Netherlands and Germany where she obtained her PhD in 2001.




Wojciech Wiewiórowski, Assistant European Data Protection Supervisor, European Commission

Wojciech Wiewiórowski was born on June 13th 1971. In 1995 he graduated from the Faculty of Law and Administration of the University of Gdańsk, and in 2000 he was awarded the academic degree of Doctor in constitutional law.

After graduation he was editor and then publisher in legal publishing houses. In 2002 he began to work as lecturer at Gdańsk College of Administration, and since 2003 he was assistant professor and head of Legal IT Department at the Faculty of Law and Administration of the University of Gdańsk, with which he has been associated since 1995.

Since 2006 he has been working for public administration. He was among others adviser in the field of e-government and information society for the Minister of Interior and Administration, as well as Vice-president of the Regulatory Commission of the Polish Autocephalous Orthodox Church. In 2008 he took over the post of the Director of the Informatisation Department at the Ministry of Interior and Administration. He also represented Poland in committee on Interoperability Solutions for European Public Administrations (the ISA Committee) assisting the European Commission. He was also the member of the Archives Council to the Ministry of Culture and National Heritage. He is a member of the Polish Association for European Law.

In 2010 he was elected by Polish Parliament for the post of the Inspector General for the Protection of Personal Data (Polish Data Protection Commissioner) which he served by November 2014 being reelected for the second term in 2014.

Vice Chairman of the Working Party Art. 29 since February till November 2014.

The author of numerous studies, publications and lectures in the field of personal data protection, IT law, e-government and legal informatics. His areas of scientific activity include first of all Polish and European IT law, processing and security of information, legal information retrieval systems, informatisation of public administration, electronic signature and application of semantic web and legal ontologies in legal information processing.


Data Controllers and Data Processors

Kabir Barday, OneTrust, US

Kabir is CEO of OneTrust, the leading technology company helping organizations globally operationalize data privacy compliance and Privacy by Design. Prior to OneTrust, Kabir was director of product management at AirWatch, where his work was awarded IAPP's most innovative privacy technology.






Belinda Doshi, DPR Programme Lead Counsel and former Global Chief Privacy Officer, Pearson, UK

Belinda is a senior lawyer with almost 20 years experience in data privacy and technology law. Until earlier this year, she was global Chief Privacy Officer and Associate General Counsel for Pearson where she built their first global data privacy programme including the GDPR compliance programme. Prior to moving in-house, she was a partner at leading law firms, Fieldfisher and Nabarro (now CMS). Belinda holds an LLM from Queen Mary, University of London and the CIPP/E, CIPP/US and CIPM certifications.  Most recently, she has been consulting as the lead privacy counsel for the GDPR Programme of a large international bank.

Peter Fleischer, Global Privacy Counsel, Google, France

Peter has worked as Google’s Global Privacy Counsel since 2006. Based in Europe, Peter is Google’s longest-serving privacy leader. He counsels Google teams on how to design privacy-sensitive and legally-compliant products. Peter has designed many of Google’s privacy compliance programs. He has met with thousands of privacy officials and leaders worldwide. Peter has managed scores of regulatory actions around the world, and appeared before some of the world’s highest courts.

Prior to joining Google, Peter worked for 10 years at Microsoft, as EMEA privacy leader and Director of Regulatory Compliance.

Peter is a graduate of Harvard College and Harvard Law School. He is an elite swimmer.


Olga Ganopolsky, General Counsel, Privacy and Data, Macquarie Group, Australia

Olga Ganopolsky is the General Counsel – Privacy and Data at Macquarie Group Limited. Olga is responsible for all things privacy and data protection in the Group.     

Until June 2014 Olga was the General Counsel and Company Secretary of the Veda Group (as it was then).  Olga was actively involved the privacy law reform process, culminating in the far reaching changes to the Privacy Act 1988 that took effect in March 2014 and the implementation of those reforms in a commercial setting. More recently, Olga has been involved in the law reform process leading to the introduction of the Privacy Amendment (Notifiable Data Breaches) Act 2017 in Australia and is leading the Group's activities  in preparation for the General Data Protection Regulation taking effect in May 2018.    

Prior to joining the Veda Group in 2006, Olga was in private practice, specialising in employment law, litigation and privacy and data related issues.   

Olga is the Chair of the Privacy Committee of the Law Council of Australia and a member of the Privacy and Communication Committee of the Law Society of New South Wales. She is also Australia’s representative on the SWIFT data protection working party and a director of the International Association of Privacy Professionals (ANZ).

Neil Harrison, General Counsel, Group and Asia, Aviva, UK


Neil began his career at Slaughter and May before moving in house to Aviva in 2010.  Since joining Aviva, Neil has led on the Group's significant M&A and financing transactions as well as strategic projects including digital initiatives in the UK and Asia.


Mark Keddie, Global Data Protection Officer, Dentsu Aegis Network, UK

Mark Keddie is the Global Data Protection Officer for Dentsu Aegis Network. With operations in over 145 countries Mark has overall responsibility for Dentsu Aegis Network’s global data privacy strategy and compliance programme.

Mark has been active in privacy since developing a professional interest as a Chartered Marketer working in the global energy sector. In his capacity for managing relationships with regulatory authorities and professional bodies, he has held Chair positions in industry privacy groups including the American Petroleum Institute, the European Privacy Officers’ Network and was a founding member of the European Privacy Officers’ Forum. He is currently a member of the IAPP European Advisory Board.

Mark has spoken at a wide variety of external events in Europe and America and has also contributed to in-house and external publications. His interest in privacy has allowed Mark to develop wider professional experience in ethics and compliance governance including fraud and anti-bribery & corruption.

In addition to an MSc, Mark holds various academic and professional qualifications including privacy, IT and fraud investigation. His outside interests include ultra-running.

Andreas Klug, Global Head of Privacy and Group Privacy Officer, Worldpay, UK

Andreas Klug is Global Head of Privacy and Group Privacy Officer at Worldpay.  Prior to this he held positions as Lead Privacy Counsel and business partner for MasterCard's Global Processing business and Head of Privacy and Corporate Counsel at Colt Technology Services. Andreas also spent more than 12 years as a lawyer with several international law firms including Steptoe & Johnson and Eversheds  and counselled multinational technology and communications companies on cross-border transactions and global data privacy compliance programmes.




Georg Krog, Co-founder and Chief Data Protection and Privacy Officer, Signatu, Norway


Georg Philip Krog is Co-Founder, Chief Privacy Officer & General Counsel of signatu. signatu is a self-service cloud service that offers GDPR software tools (for automatic detection of 3rd parties that run on websites, for consent records, for generating consent requests and privacy polices etc).

Georg's interests are how law and technology influence the data economy. When translating law into software for solution in the data economy, Georg combines knowledge from data engineering, information design, linguistics, law and legal concepts.

Prior to founding signatu, Georg advised companies within his area of law specializations on data protection, copyright and private international law.

Georg has also been a researcher at the faculty of law in Oslo, Max Planck Insitute in Hamburg, Stanford Law School (Fulbright Scholar) and Harvard Law School (Fulbright Scholar).

 Leena Kuusniemi, Senior Legal Counsel, Rovio, Finland



Leena Kuusniemi provides legal support for Rovio’s cloud-related infrastructure and services development, technology sourcing, mobile advertising, privacy and related regulatory issues. Before joining Rovio Legal in 2012, she worked 10 years with Nokia Corporation (in Espoo HQ, Vancouver, Copenhagen) supporting Nokia’s device R&D, sales and marketing in France and Italy, location based services (Maps) and privacy issues. Before joining Nokia she was the sole legal counsel for Finnish game and software company and started her career as attorney at Juridia Law Office in Helsinki.  Leena has participated into various legal working groups and chaired the ”Law and Technology” group within Trust in Digital Life (www.trustindigitallife.eu) initiative. In addition she has lectured widely for both professionals and non-lawyers, and in universities for post-graduate studies. Leena has a qualification degree from University of Helsinki, and LL.M. in Law and Information Technology from University of Stockholm.

Tina Maisonneuve, Global Privacy Counsel, Glaxo Smith Kline, UK


Tina is GSK’s Global Privacy Counsel, based at GSK’s global headquarters in London, where she is responsible for guiding GSK’s legal strategy for managing data privacy compliance across the GSK Group.

Tina joined GSK in 2008 where she has held operational legal positions supporting GSK’s pharmaceutical businesses, and she has also advised on a wide range of information technology and data privacy issues for GSK’s corporate legal operations team.

Prior to working at GSK, Tina worked at prominent law firms in London and in Canada. Tina is a member of the Law Society of England and Wales and has been admitted to the bars of New York and the Law Society of Upper Canada.

Originally from Montréal, Tina has both a common and civil law degree from the University of Ottawa (combined National Program, LL.L and LL.B) and speaks English, French and Hindi.

Jason McFall, Chief Technology Officer, Privitar, UK

Jason is Chief Technology Officer at Privitar, an enterprise software company based in London. Privitar works with leading organisations across all industry sectors to drive the adoption of privacy engineering techniques in order to build customer trust, and compliance with regulation, in today’s data-driven world.
Jason is responsible for Privitar’s research agenda, technology strategy and product development. He has spent over a decade leading teams building enterprise software to record, analyze and act in real-time upon large and complex sets of customer data. Before Privitar, Jason led the machine learning team at Touch Clarity, an online behavioural targeting company acquired by Omniture, and then was CTO of Causata, a real-time customer analytics and marketing technology company subsequently acquired by NICE systems.

Annelies Moens – Deputy Managing Director, Information Integrity Solutions, Australia

Annelies provides strategic privacy advice and engages with clients to deliver a suite of privacy services. She is a widely recognised global privacy expert and thought leader, trusted by business executives, government and privacy professionals. Annelies presents at major local and international forums and writes on global privacy challenges.
Annelies co-founded the International Association of Privacy Professionals in Australia and New Zealand in 2008, a membership organisation for privacy professionals in the region. She held elected roles during her Board term, including as President between 2011 and 2012.

Over the last 15 years she has held senior leadership roles, including as a Chief Privacy Officer, Deputy Director at the Australian privacy regulator and External Relations Manager including NSW Fundraiser of the Year.
She has an MBA in general international management (distinction) from the Vlerick Business School in Belgium, is a qualified lawyer and has undergraduate degrees in computer science and law (first class honours) from the University of Queensland. She is a Fellow of the Australian Institute of Company Directors and is a Certified Information Privacy Professional (Information Technology) through the International Association of Privacy Professionals.


Iván Nabalón, CEO, Electronic IDentification, Spain

Iván is and entrepreneur with a long track record as executive in first level multinationals and consultancy firms.[linkedin profile]

Iván is founder of Civitana.org, the first and biggest social network in the world for Citizenship Participation legally supported though and easy to use, remote digital identification, electronic signature and electronic voting.

Iván is also founder & CEO of Electronic Identification (eID) www.electronicid.eu eID is an API disrupts the digital identification and eTrust Services industry supporting new eIDAS and AML European regulations. Most of the banks in Europe use this technology to get an end-to-end online customer onboarding are done by eID.

Ivan is a speaker in some world class conferences and congresses, a lecturer in several Universities in Spain. Ivan is a though leader in eID and eTrust Services working in different whitepapers, technical reviews. An up to dated blog at www.nabalon.com

Ivan is also a writer. Wrote in 2012 A future vision of public management and its relationship with citizenship and currently is writing What´s next on democracy.

Latest thoughts:


Carolyn Robson, Etihad Aviation Group, United Arab Emirates

Carolyn Robson is an English and Welsh barrister of 11 years’ call. Carolyn currently works for the Etihad Aviation Group in Abu Dhabi, where she heads the Group Data Privacy Compliance Team. Carolyn is responsible for data privacy compliance across the group of 17 companies in each of the jurisdictions in which they operate, with responsibility for the data of all Group passengers, guests, partners, colleagues and crew. Carolyn joined Etihad from the UK Foreign Office, where she had served as Senior Legal Advisor in Counter Terrorism in Afghanistan, and was prior to that, Legal Advisor to the Serious Organised Crime Agency in technical and communications intelligence. Her early career was spent as a criminal barrister in the UK courts. Carolyn is an alumnus of Trinity College, Cambridge, has a Masters of Laws Degree in Computer & Communications Law from the University of London and is currently studying for an Executive Master of Business Administration Degree from IE Business School and Brown University.

 Kevin Shepherdson, CEO, Straits Interactive, Singapore

Kevin is the CEO and Founder of Straits Interactive Pte Ltd, a specialist in data privacy platform solutions and professional services in the ASEAN region.

Kevin is also the international author of “88 Privacy Breaches to Beware of” and a Fellow in Information Privacy (FIP), the highest certification awarded by the International Association of Privacy Professionals (IAPP). Besides having consulted for more than 50 listed and multi-national companies in data privacy, he is also the authorised regional trainer of privacy certification and corporate governance related courses for IAPP, Singapore Management University (SMU) and Open Compliance Ethics Group (OCEG).

Having held Asia Pacific leadership and management positions in his 20+ years in the IT industry with Creative Technology, Sun Microsystems and Oracle Corporation, Kevin brings his experience in business development, consulting, innovation, marketing, operations and strategy to his current role.

Throughout his corporate career, Kevin was a multiple award winner of both worldwide and Asia Pacific employee excellence awards, which includes marketing excellence, market intelligence and technology innovation. Kevin holds a MSc degree (Internet & Media) from Nanyang Technology University and Bachelor of Arts & Social Sciences from National University of Singapore.

He is actively involved in professional networks in the privacy field and takes an interest in public policy in healthcare data protection.

Pal Vaczi, Senior Privacy Lawyer, BT, UK

Pal is a senior privacy lawyer at BT, based in London. He advises on all aspects of privacy and data protection, including drafting and negotiating data processing and sharing agreements, international data transfers, privacy notices, privacy impact assessments, marketing projects, product developments, Big Data, cloud computing, web blocking, employee privacy, security and breach notification.  

He follows the developments of relevant legislation, case law and guidance in the UK, EU and other jurisdictions and contributes to the work of industry associations. He advises on BT’s GDPR-compliance program and the implications of Brexit on data protection.

Pal is a registered European lawyer in England and Wales, qualified and admitted to the Bar in Budapest, Hungary. He obtained a Master of Laws (LL.M.) degree in German Law from the Ludwig-Maximilians University (Munich, Germany).

 Pal joined BT in 2005 and had other legal roles (commercial, corporate) at BT’s Global Services operations. Prior to joining BT, he worked more than 5 years in private practice in Hungary (at local TMT/IP boutique firms and at CHSH, an Austrian law firm), in Germany (at PwC Veltins) and advised clients on corporate/M&A, IP/IT and data protection.

He graduated from the joint executive MBA program of Kellogg School of Management (USA) and WHU - Otto Beisheim School of Management (Germany) in 2014. 

Henry Velásquez Yanez, EU-International Privacy Officer and Compliance Manager, CIGNA, Spain

Henry Velasquez is the European Privacy Officer and Compliance Manager of Cigna. He is part of the Global Privacy Office of Cigna, responsible for data protection-related matters across the European region.

With over a decade of experience in the areas of Privacy, Data Protection, Governance, Risks & Compliance and has earned several master's and postgraduate degrees for his studies on Intellectual Property, New Technologies and Privacy Law in Carlos III University of Madrid and Universidad Complutense de Madrid. In addition, He has co-authored several books and publications on Compliance Privacy and Data Protection.



Tom Widgery, Head of Privacy, SVB Financial Group, Santa Clara, US

Tom has been in the privacy industry for over 15 years, currently leading the Privacy and Information Governance program at Silicon Valley Bank Financial Group (SVB) head quartered in Santa Clara, CA. SVB is a global financial services company with locations in US, Europe, Middle East, China & Hong Kong specializing in banking the innovation economy. In that role Tom is responsible for strategy and execution of privacy and information governance across the organization. Tom specializes in scalable, operational privacy programs utilizing governance frameworks and is busy adapting this to GDPR for SVB. Prior to joining SVB Tom worked at Western Union in the privacy organization as the director of privacy for the Americas, EU, Middle East and Africa regions and was exposed to privacy regulations for almost every country in the world! In the distant past Tom actually wrote code for both mainframe and online applications and has real world experience of engineering privacy on the development side, before it was fashionable. Tom is a Certified Information Privacy Professional (CIPP/US & EU) and Certified Information Privacy Manager (CIPM).

Kevin Willis, Group Data Privacy Director and UK Digital General Counsel, Aviva, UK

After studying Philosophy at Durham University, Kevin became a financial advisor with Abbey National before subsequently qualifying as a solicitor. His legal career has taken him through various roles including General Counsel at Aviva UK Life and Risk Compliance and Legal Director at Aviva UK Digital. 

Kevin has been with Aviva for 19 years, and is currently the Group Data Privacy Director & UK Digital General Counsel. 





Law Firms

Robert Belair, Partner, Arnall Golden Gregory, Washington DC, US

Robert R. Belair is a partner and practice leader of the Privacy Practice and co-chair of the Government Relations Practice. Mr. Belair is the Managing Partner of AGG’s D.C. office. He is an internationally recognized privacy lawyer with more than three decades of experience and is a frequent writer and speaker on privacy topics.  He has received the prestigious national Chambers Rating for his privacy work.

Mr. Belair focuses his practice on advising clients with all aspects of the privacy policy and compliance cycle. This has included drafting legislative language, submitting public comments, and engaging Hill and agency staff on the development of privacy policy. With regard to existing privacy requirements, Mr. Belair has assisted clients to develop comprehensive privacy compliance programs, responded to data breaches, and defended against administrative actions and litigation. 

Mr. Belair served as Deputy Counsel to the White House Privacy Committee in the Ford Administration and as a lawyer in the Federal Trade Commission's Bureau of Consumer Protection doing Fair Credit Reporting Act and other privacy-related work. Later, Mr. Belair served as General Counsel of the National Commission on the Confidentiality of Health Records. In private practice, he was a founding partner of Oldaker, Biden & Belair. He has done work for numerous government entities on privacy matters including the National Science Foundation, the National Academy of Sciences, the Department of Transportation and the Social Security Administration. On the Hill, Mr. Belair has served on the Judiciary Committee Advisory Committee for Chairman Joe Biden (D-DE) and as an advisor to Senator Bob Bennett's (R-UT) Health Privacy Task Force. Together with Alan Westin, he was the editor of a preeminent privacy periodical for the business community, Privacy & American Business.

John Benjamin, Partner, DWF, UK

I am a Partner in the London office specialising in intellectual property, technology and privacy law. I have a broad ranging practice covering both the transactional and litigation fields. I am also highly experienced in negotiating complex commercial agreements.

I have played a key role in some of the technology industry’s largest and most complex transactions and advised a client base of leading global financial institutions, pharmaceutical companies, as well as social media, consumer electronics and FTSE 100 and Fortune 500 organisations.

My focus is on intellectual property, information technology, data protection and freedom of information matters. In additional to my transactional experience I have led on a wide range of contentious matters within these fields.

I have represented clients in various specialist courts and tribunals including the Copyright Tribunal, Chancery Division of the High Court, Intellectual Property Enterprise Court (previously Patents County Court) and the trade mark registries. I have also managed cross border litigation for clients in a number of jurisdictions around the world.

I am noted for my expertise in privacy related litigation and advising on the transfer of data in the context of cross border litigation.

JP Buckley, Partner, Shoosmiths, UK


JP is a Partner in Shoosmiths’ Technology, Media and Commercial team, specialising in privacy, data protection and procurement. JP undertakes a wide range of information law work including data protection, cybersecurity, e-commerce, direct marketing and freedom of information - and has a range of clients in the aviation, retail, finance and technology sectors, as well as charities and the public sector.

He also has extensive experience in IT and BPO outsourcing and educational ICT, overlapping with his data privacy practice. JP’s practice includes: advising on and reviewing data protection compliance strategies, including for the forthcoming General Data Protection Regulation (GDPR) with global retailers, a leading regulated London financial services institution, major global and regional airlines and airports, website and technology operators and public sector bodies and charities; providing training at all levels of client organisations - including on the new EU General Data Protection Regulation and compliance strategies - ensuring that they take a global compliance approach and ensure that teams working in even countries with little or no regulation are aware of the rules which apply elsewhere and are likely to impact their operations; advising EU-based companies on their expansion plans into other territories, and equally advising non-EU based companies and groups on their data privacy and procurement compliance regimes when entering into the EU market; advising on e-commerce terms, direct marketing approaches and website compliance, co-ordinating all this to produce single form universally acceptable privacy policies and procedures; and procuring, negotiating and managing outsourced contracts, including for major public sector bodies and charities, the highlight being a successful renegotiation of a contentious £3bn health data services contract.

JP joined Shoosmiths as a Partner in May 2017 having spent over 14 years at DLA Piper, where he trained and qualified.

Bryan Chan, Senior Counsel, Linklaters, China

Bryan is a senior counsel of Linklaters’ Shanghai office, who has also practised in Linklaters’ London and Hong Kong offices. His practice covers a broad range of corporate and commercial transactions in the tech, finance and other sectors and includes strategic investments, private equity investments, disposals, buy-outs and special situations.
He has assisted several international banks with their investments in fintech platforms and regularly counsels clients on IT regulatory issues in China.
Bryan holds a first class honours degree in Law from Oxford University and is fluent in English, Mandarin and Cantonese.

Gail Crawford, Partner, Latham & Watkins, UK

Gail Crawford is a partner in the London office and Chair of the Data Privacy Committee and Co-chair of the Technology Transactions Group and the Internet and Digital Media Industry Group. Her practice focuses primarily on technology, intellectual property and commercial law and includes technology and Intellectual Property licensing agreements, joint ventures, technology procurement, outsourcing and advising on data protection, e-commerce and consumer protection legislation.

Ms. Crawford is an editor of the Latham & Watkins Global Privacy & Security Compliance Law Blog (www.globalprivacyblog.com) and has contributed to a number of publications and conferences in the area of data privacy and security.

Ms. Crawford has previously spent time working in-house on secondment to Diageo where she created the information technology and outsourcing legal function and was the legal lead on the project to transform and outsource Diageo’s finance and accounting processes on the back of the company’s SAP roll-out in more than 45 countries. She has also worked on secondment with the information technology and operations function of the Lloyds Banking Group.

Ms. Crawford is ranked as a notable practitioner for Information Technology and Data Protection by Chambers UK 2015. She is also recommended for Data Protection by The Legal 500 UK 2014 and is listed in the "Up and Coming" category for Intellectual Property by Chambers UK 2012.

Richard Cumbley, Partner, Linklaters, UK


Richard is Global Head of Linklaters’ TMT practice and has advised clients on privacy related issues for more than 20 years.  He has worked on privacy projects across the globe including major data security incidents, large scale privacy litigation, appearances before regulators, contentious and large scale subject access issues, the privacy implications of new technology, online monitoring techniques (including by governments), cloud computing and “big data”.
He has recently led teams advising Thomson Reuters, BlackRock, RBS, Hewlett Packard, News International, Disney, Live Nation, UBS, KPMG, Hyatt Hotels, AstraZeneca, Sainsburys, Deloitte and the administrators of Lehmans on domestic and international data protection and information governance projects.
He is a past member of the IAPP editorial board, currently sits on Tech UK’s data advisory group and is a member of the ICC’s digital economy committee.
He is listed by Chambers and Partners and Legal 500 as in the first rank of privacy and cybersecurity advisors in the UK.

Javier Fernández-Samaniego, Managing Director, Samaniego Law, Spain

Javier is Managing Director of Samaniego Law, an alternative law firm specializing in technology law and dispute resolution.

Javier's international practice focuses mainly in Commercial/IT disputes (international litigation, arbitration, and ADR) and negotiations and major Tech & Privacy projects (new cloud and big data business models, outsourcing transaction, data protection review programs, etc.). Besides Javier has vast experience assisting European clients in their expansion in Latin America and US clients in their European expansion.

Javier is an arbitrator at the information and communication technologies department of the Chamber of Commerce of Madrid. He is also a CEDR accredited mediator and has advised on a number of alternative dispute resolution cases for clients.  He is member of CPR Panel of Distinguished Neutrals and its European Advisory Board.

Before founding Samaniego Law in 2017, for over a decade Javier was managing partner of the Spanish office of Bird &Bird and headed its Commercial, Dispute Resolution and Information Technology teams. Before that he was head of the IT and Communications at Linklaters, and he had previously been the head of Technology and Data Protection team at Spanish firm Cuatrecasas, and a lawyer at the CDTI (Centre for the Development of Industrial Technology).

Javier lectures extensively on technology law and ADR in European and US forums and at Spanish universities. His publications include numerous articles and reports relating to IT Law and data protection issues. Javier is Senior Fellow at FIU developing its Latin Atlantic Tech law Collaborative. Javier keeps a blog about the legal issues related to innovation and disruptive technology at http://www.fidefundacion.es/mjuridico/ He is fluent in Spanish, English, French and Italian.

Nick Graham, Partner, Dentons, UK

Nick Graham is the Global Co-Chair of Dentons' Privacy and Cyber Security Group. He specialises in data privacy, cyber security, data protection  governance, as well as freedom of information. Nick advises across all sectors including banking, retail, energy, manufacturing, banking, insurance, transport, technology and digital media.

Nick has over 20 years’ experience and has been advising on data privacy since the days of the Data Protection Act 1984 and the early enforcement activities of the FTC.  He has advised on all aspects of data privacy including global compliance strategy, privacy impact assessments, data breach and incident response, international data transfers, customer data strategy, data retention and data exploitation.

Nick is a regular speaker and commentator in the field. He is co-chair of IAPP London KnowledgeNet Chapter.  He sits on the Panel of Experts for “Data Guidance" and on the Editorial Board of "Privacy and Data Protection”. Nick was formerly in-house at Royal & Sun Alliance Insurance. 

Dr. Jürgen Hartung, Partner, Oppenhoff & Partner, Germany

Dr. Jürgen Hartung is specialised in advising enterprises on data protection and IT law issues with a focus on outsourcing, IT projects and e-commerce. His data protection experience covers a wide range of matters, e.g. Internet of Things, mobile services, internal investigations, international transfers of personal data, social media, data breaches, data protection organisations, data-protection audits, etc. Furthermore, Jürgen Hartung advises on compliance issues, including risk analyses and the struc-turing of internal compliance organisations. He is also the firm’s contact person for the area South-East Asia region. Jürgen Hartung is cited as the most recommended lawyer for data protection in Germany by kanzleimontor.de, is recommended as a leading lawyer for IT law in Who’s Who Legal (2016), Expert Guide to the World’s Leading TMT Lawyers (6th edition), Juve Germany (since 2004), and for his international experience in Legal 500 and Chambers Global (2016). Wirtschaftswoche lists him amongst the top lawyers for compliance in Germany. Best Lawyers list him as one of the best lawyers for corporate governance, compliance and IT law in Germany.

Jürgen Hartung is a partner of Oppenhoff & Partner. From 2000 to 2007 he was an Associate and Managing Associate at Oppenhoff & Rädler/Linklaters LLP. He studied law and international poli-tics at the Universities of Tübingen (Dr. iur.) and Wales, Aberystwyth, and as part of his legal training worked from 1999-2000 for the American law firm of Baker & McKenzie in New York. Jürgen Hartung is the author of numerous articles on data protection and IT law and a sought-after speaker at national and international conferences and seminars.

Paul Lavery, Partner, McCann FitzGerald, Dublin, Ireland

Paul is a partner and the head of the Technology & Innovation Group in McCann FitzGerald and advises on a wide range of data protection, data security,  information technology, outsourcing, intellectual property and confidentiality issues.  He writes and lectures widely on these and other topics.

Paul is the author of Commercial Secrets: The Action for Breach of Confidence in Ireland.  The book has been quoted with approval in judgments of the Irish High Court and Supreme Court. 

Paul has provided specialist advice in the complex and evolving area of privacy and data protection law for over 21 years and is considered an expert in the field in Ireland.  He advises clients on all aspects of data privacy compliance, including appropriate notices and policies, access requests, marketing obligations, international data transfers and appropriate processing exemptions. He has also been involved in a number of “market firsts” in Ireland including the first case in Ireland on the meaning of personal data, the first case in Ireland on processing causing distress and the first set of Binding Corporate Rules to be approved with the Irish Data Protection Commissioner as lead regulator.

Paul is also advising a number of clients on their prospective obligations under the General Data Protection Regulation.

Paul’s clients in the area of privacy and data protection include public and private sector bodies including government departments, state agencies, semi-state companies, leading IT companies, telecommunication service providers, financial institutions, professional bodies, pharmaceutical and insurance companies.

Nigel Parker, Partner, Allen & Overy, UK

Nigel specialises in data protection, commercial contracts and intellectual property law. He works across a wide variety of business sectors, with a focus on financial services, technology, media and life-sciences.

Nigel regularly advises on multi-jurisdictional data protection matters. He advises companies across various sectors on strategic issues relating to personal data management and new technologies such as the EU General Data Protection Regulation, privacy impact assessment,  privacy by design, and crisis management (eg data breaches).

Nigel is described in Chambers 2015 as "technically faultless" as well as "very practical and very good at finding solutions".

Giles Pratt, Partner, Freshfields, UK

Giles is a partner in Freshfields’ IP/IT group. He specialises in IP and data privacy laws and leads Freshfields’ London data practice, advising on the full range of legal issues relating to data, including IP protection, data privacy and cybersecurity matters, particularly in the context of deals, crises, investigations and new data uses and analytics.

Giles co-heads, and is a regular contributor to, the Freshfields Digital initiative (see www.freshfields.com/en-gb/our-thinking/campaigns/digital/), and regularly advises on data issues in the context of new technologies, such as connected cars, IIoT and new data analytics tools.

Giles is ranked in Chambers ("He is commercially astute, has an excellent knowledge of the law and very good judgement", "Clients appreciate the clarity, intellectual rigour and enthusiastic work ethic he brings to his instructions"), Legal 500 ("responsive and commercially astute"), in the Managing IP Handbook (“In terms of leading individuals…[one client] described...Giles Pratt as ‘very responsive’, adding: ‘He’s always thinking of all the angles rather than just the black letter of the law’”).

Andrew Sheridan, Senior Associate, Freshfields, UK

Andrew is a Senior Associate in Freshfields’ IP/IT group. Andrew advises on a broad range of IP, data privacy, cybersecurity and technology issues, particularly in the consumer and technology sectors. Andrew’s experience includes advising on IP-heavy international deals, global data privacy compliance programmes, data crises, data protection in global investigations and helping clients to navigate privacy issues relating to new technologies. Andrew is based in Freshfields’ London office and has previously worked in the Brussels and Hong Kong offices.



Rob Sumroy, Partner, Slaughter and May, UK

Rob is a partner in the IP/Technology group and co-heads the firm’s Data Protection and Privacy hub.  He advises clients on all things ‘data’, including Big Data, digital initiatives, cyber security, data breaches, direct marketing, the Internet of Things, m-commerce and e-commerce, emerging technologies (such as Artificial Intelligence) and the cloud.  He regularly assists clients with the technology, data and IP input to their emerging digital strategies.  Rob is currently advising clients on their preparation for the General Data Protection Regulation.  He is a Co-Contributing Editor of The International Comparative Legal Guide to: Fintech 2017, a practical cross-border insight into Fintech law across 34 jurisdictions.  He is ranked Band 1 by Chamber UK 2017 for both Information Technology and Outsourcing.


Philip Woolfson, Partner, Steptoe, Belgium

Philip Woolfson concentrates on EU re/insurance law and regulation.  He has extensive experience of the legal issues facing the sector, in particular in a cross-border context within the EU.  He advises EU and foreign re/insurance undertakings, intermediaries, and associations on prudential supervision, regulatory, and corporate-commercial questions arising out of their operations.  He also advises on compliance issues, such as protection of personal data/privacy, confidentiality, data security and anti-money laundering, and on EU tax law and policy affecting the sector.

He is the managing partner of Steptoe's Brussels office. http://www.steptoe.com/




Academics and Foundations

Professor Joseph Cannataci, Chair in European Information Policy & Technology Law, United Nations, Malta/Netherlands

Head of the Department of Information Policy & Governance  http://www.um.edu.mt/maks/ipg at the Faculty of Media & Knowledge Sciences of the University of Malta. Also Full Professor, holding the Chair of European Information Policy & Technology Law http://www.rug.nl/staff/j.a.cannataci/  within the Faculty of Law, University of Groningen, The Netherlands and additionally an Adjunct Professor at the Security Research Institute & School of Computer and Security Science, Edith Cowan University Australia www.secau.org. Vice-Chairman/Chairman of Council of Europe’s (CoE) Commmittee of Experts on Data Protection 1992-1998, Working Parties on: Data Protection and New technologies (1995-2000);  Data Protection & Insurance (1994-1998); CoE Rapporteur on Data Protection and Police (1993; 2010; 2012); CoE Expert Consultant on Data Protection and Cybercrime (2012-2014); UNESCO Expert Consultant on Privacy & Transparency on the Internet (2015);  Scientific Co-ordinator of multiple EU FP7 & H2020 research projects focussing on privacy. Decorated by the Republic of France as Officier de l'Ordre de Palmes Academiques (2002). Appointed UN Special Rapporteur on Privacy in 2015. His latest book The Individual and Privacy was published by Ashgate in March 2015. Since 2015 he is appointed as United Nations Special Rapporteur on the right to Privacy.

Dr. David Erdos, University Lecturer in Law and the Open Society, WYNG Fellow in Law, Trinity Hall, University of Cambridge, UK 

Dr. David Erdos is University Lecturer in Law and the Open Society, Faculty of Law and WYNG Fellow in Law at Trinity Hall, University of Cambridge.  Before joining Cambridge in October 2013, David spent six years as a research fellow at the Centre for Socio-Legal Studies, Faculty of Law and Balliol College, University of Oxford.  David’s current research explores the nature of Data Protection especially as it intersects with the right to privacy, freedom of expression, freedom of information and freedom of research. David’s Data Protection and the Open Society project has developed arguments about the nature, substance and operation of the law by drawing on rigorous comparative empirical analysis using both quantitative and qualitative methods. This analysis, which draws on his background in both law and political science, has demonstrated that in terms of the application of data protection law to journalism, literature and the arts, large differences continue to be apparent between European Union countries. Moreover, such differences appear to reflect broader fissures in legal culture. Anglo and Germanic jurisdictions have tended to insulate journalism from Data Protection, whilst the law of Latin and East European jurisdictions stipulate onerous data protection standards even in this sensitive field. A strict approach here also seems correlated both with tight restrictions in the cognate fields of social science and biomedical research and with stringent formal Data Protection standards generally. At the doctrinal level, the project has explored, firstly, the difficulties of determining what sort of activities fall within the data protection derogation for journalism, art and literature and, more specifically, how data protection has affected the flow of information within research – an area where its stipulations are taken relatively seriously. 

Christopher Millard, Professor of Privacy and Information Law, Queen Mary University of London, UK

Christopher Millard is Professor of Privacy and Information Law and head of the Cloud Legal Project in the Centre for Commercial Law Studies, Queen Mary University of London. He is also a Research Associate at the Oxford Internet Institute and is Of Counsel to the law firm Bristows. He has over 30 years experience in technology law, both in academia and legal practice.

His first book, Legal Protection of Computer Programs and Data (Sweet & Maxwell, 1985), was one of the earliest international comparative law works in the field and he has since published widely on legal and regulatory issues relating to information technology, communications, privacy, e-commerce, and Internet law. Since 2008 his main research focus has been cloud computing. He is co-author of Cloud Computing Law (Oxford University Press, 2013) and is a founding editor of the International Journal of Law and IT and of International Data Privacy Law.

Christopher is a Fellow and former Chairman of the Society for Computers & Law, a Fellow of the Royal Society of Arts, a past-President of the International Federation of Computer Law Associations, and a past-Chair of the Technology Law Committee of the International Bar Association. He was a member of the OECD’s Steering Group on Contractual Solutions for Transborder Data Flows (2000-01) and since 2002 he has been a member of the International Chamber of Commerce’s Task Force on Privacy and Personal Data Protection.

Before he joined Bristows in 2008, Christopher was head of the global privacy practice at Linklaters and prior to that he was a partner at Clifford Chance. He has twice been designated Internet and eCommerce Lawyer of the Year by the International Who's Who of Business Lawyers.

Dr John Selby, Lecturer, Department of Accounting and Corporate Governance, Macquarie University, Sydney, Australia

Dr John Selby researches the spillover effects of the Internet on business. An interdisciplinary academic at Macquarie University in Sydney, Australia, he is a member of the Optus-Macquarie Cybersecurity Hub, and has been a visiting Professor at the Universities of Zurich and Oslo, and a Postel Research Fellow at the University of Southern California. In 2006, the Lowy Institute recognised Dr Selby as one of Australia's "New Voices in Technology and International Relations". In 2013, he was appointed as Australia’s Ambassador to the United Nations Internet Governance Forum. In 2015, he was appointed by the Australian and Indian Prime Ministers as one of 15 Australian delegates to the Australia-India Youth Dialogue. He is a member of the Asia Privacy Scholars Network and has been influential in public policy debates about metadata retention and online privacy. In 2013, he led the debate in Australia about whether to introduce a "Right to be Forgotten". Prior to becoming an academic, he practised as a commercial Internet lawyer at (what is now) King & Wood Mallesons in Sydney, in-house at Telstra, and at TMI Associates in Tokyo, Japan. His most recent research project examining Data Localisation laws in the BRICS has just been accepted in the International Journal of Law & Information Technology.

Paul Simmonds, CEO, The Global Identity Foundation, UK

Paul is the CEO of the Global Identity Foundation, as well as a consulting CISO. He was formerly the global CISO of AstraZeneca, and prior to that held posts as; the global CISO of ICI, Head of Information Security with a high security European web hosting company and as Global Information Security Manager with Motorola.

He was awarded the first “Chief Security Officer of the Year” as well as "Best Security Implementation" at the SC Magazine Awards and is twice listed as one of (the US publication) Network World’s “most powerful people in networking”.

Paul sits on the advisory board of a number of global companies, as well as the Executive Advisory Board of ISSA UK.
Paul co-founded the Jericho Forum in 2003 and is also one of the three editors of the Cloud Security Alliance’s “Security Guidance for Critical Areas of Focus in Cloud Computing v3.0”.

Paul’s linked-in profile is: http://uk.linkedin.com/in/psimmonds

He also is a British Canoeing Level 3 Kayak Coach and occasionally tweets as @simmonds_paul


Privacy Laws & Business

Tom Cooper, Deputy Editor, PL&B Reports

Tom Cooper began working for PL&B in 2010 as a sub editor. He produces the print and online versions of our PL&B UK and PL&B International reports using desk top publishing software. His role also involves close checking of stories and ensuring a consistent style across publications. He writes for PL&B Reports and undertakes administrative tasks as needed.

Tom trained as a journalist in Australia. He has worked for a number of local newspapers, and was editor of UK hockey magazine Push from 2008 to 2014.  He has had spells as an editor at the Commonwealth Parliamentary Association and for an online wire service covering European Union business news.


Stewart Dresner, Chief Executive, Privacy Laws & Business

Stewart Dresner graduated from the University of Lancaster in politics and marketing in 1973. He has written and researched extensively on data protection/privacy and freedom of information since 1975, when he initiated a research project on this subject at the UK Consumers Association. His research in the USA and Canada in 1976 enabled him to prepare a submission to the UK government-sponsored Lindop Committee, and write Open Government: Lessons from America, published in 1980.

He then joined Business International as a business journalist where he wrote on privacy laws for its publications and organised conferences in Austria, Belgium, Portugal, Spain, Sweden, and the UK. The company became a subsidiary of The Economist and he wrote its report on the first prosecution under the UK’s Data Protection Act 1984.

When The Economist rejected Stewart’s proposal for an international data protection law newsletter, he established Privacy Laws & Business in 1987. Its first service was the Privacy Laws & Business International Newsletter which has now developed to become the hub of a comprehensive global information service reporting on over 100 countries with data protection legislation and proposed legislation. Privacy Laws & Business services include consulting, conferences, training, recruitment, the Privacy Laws & Business UK Report (which also covers the Freedom of Information Act), advice to companies and policy makers, and the Privacy Officers Network.

Privacy Laws & Business has clients in over 2000 clients in 53 countries including:

Clients include 70% of the Global and UK top ten in the Financial Times lists.

Law firm clients include 100% of the top ten global firms (source: Law360), 75% of the top twenty UK firms (source: Wikipedia), and 70% of the top ten US firms (source: Internet Legal Research Group).

Stewart was a founder and first Chairman of the UK's Data Protection Forum. He has spoken on data protection/privacy law at conferences in Australia, Belgium, Canada, Finland, Germany, France, Hungary, Ireland, Israel, the Netherlands, Portugal, Poland, Spain, Switzerland, the UK and the USA and to groups, such as the International Association of Privacy Professionals, the Institute of Chartered Accountants, The Records Management Society, the Information Systems Audit and Control Association, and the International Pension and Employee Benefits Lawyers Association.

The Privacy Laws & Business website, www.privacylaws.com provides details of the firm’s services and links to privacy information worldwide.


Laura Linkomies, Editor, Privacy Laws & Business Reports

Laura Linkomies is Editor of Privacy Laws & Business International and UK Reports, and PL&B enews service. Laura oversees the whole editorial process from researching, commissioning and managing freelancers to writing about a wide range of legislative and management issues within privacy, data protection and freedom of information. She also assists in conference planning and public relations, and provides secretariat services for the PL&B European Privacy Officers’ Network.

Laura first joined Privacy Laws & Business as Associate Editor for the International Report in 1997 and launched the UK Report in 2000. Before joining Privacy Laws & Business, she worked at the UK Information Commissioner's Office as a European Secretariat Officer facilitating co-operation with European Union national Data Protection Commissioners. Laura has also worked as freelance business content writer for Sweet & Maxwell, and written for several publications in Finland.

Laura holds a Masters degree in Political Science and Journalism from University of Tampere, Finland, and Advanced Certificate in Marketing from the Chartered Institute of Marketing. She is fluent in English and Finnish, and has a working knowledge of Swedish, Italian and German.

Valerie Taylor, Consultant, Privacy Laws & Business, UK

Valerie qualified as a solicitor in 1994 with Clifford Chance, the London based international law firm, and throughout her legal career has specialised in data protection as well as IT and intellectual property law.

After leaving Clifford Chance, Valerie worked for several years in the in-house legal team at Royal Mail Group plc where she was the principal data protection adviser.
Valerie has been working with Privacy Laws & Business since 2002. She gives advice to large and small businesses in the public and private sector on all aspects of data protection and related legislation, including DP strategy, project management, policies and procedures, training and awareness and compliance monitoring.

She regularly carries out data protection health checks for organisations and advises them on a risk-based approach to compliance. She runs Data Protection training workshops for Privacy Laws & Business, as well as in-house training sessions for clients, and is a Legal Correspondent for the Privacy Laws & Business Reports.