2019 Speakers & Chairs


32nd Annual International Conference  

GDPR's Influence Ripples Around The World

1 - 3 July 2019
St. John's College Cambridge, UK







Data Protection Authorities and Policy Makers



Eduardo Bertoni
Director Nacional
Access to Public Information Agency





Director of the National Access to Public Information Agency and former Director of the National Data Protection Authority in Argentina. He was the founder and the first director of the Center for Studies on Freedom of Expression and Access to Information (CELE) at Palermo University School of Law, Argentina. He was the Executive Director of the Due Process of Law Foundation (DPLF) until May, 2006. Previously, he was the Special Rapporteur for Freedom of Expression of the Inter-American Commission of Human Rights at the Organization of American States (2002-2005).


Elizabeth Denham
Information Commissioner




Elizabeth Denham was appointed UK Information Commissioner in July 2016, having previously held the position of Information and Privacy Commissioner for British Columbia, Canada and Assistant Privacy Commissioner of Canada.

In her first ten months as Commissioner, she spoke about the regulator’s role in ensuring companies are transparent with the public about how personal information is used, with high-profile investigations into Yahoo, Camelot, WhatsApp and Facebook.

The Commissioner  demonstrated a focus on the essential role data protection can play in innovation, and the importance of organisations understanding the growing impetus on companies to be accountable for what they do with personal data.

Ms Denham oversaw the issuing of the ICO’s largest fine, a penalty of £400,000 to TalkTalk after the telecoms company failed to properly protect customer data from a cyber attack. She’s also overseen the conclusion of the ICO’s investigation into charities’ fundraising activities and a series of fines for companies behind nuisance marketing.

Ms Denham is a strong voice for public access rights. A proponent of open government and open data, Ms Denham has called for the proactive disclosure of records and published best practices for government ministries and public bodies. While at the ICO, she has called for the Freedom of Information Act to be extended to private bodies doing work on behalf of the public, and proposed a review of legislation around the duty to document information.

In 2017, Ms Denham was the winner of the Grace-Pépin Access to Information Award.The award recognised Elizabeth's commitment to improving peoples right to access information during her time as the Privacy Commissioner of Canada. She also came third in the DataIQ Talent awards. The DataIQ list highlights practitioners who use data to drive innovation.

In 2013, she received the Queen Elizabeth II Diamond Jubilee Medal for her service as an Officer of the Legislature of British Columbia, Canada.

In 2011, Ms Denham was honoured as a UBC distinguished alumni for her pioneering work in archives and leadership in the field of access and privacy.



James Dipple-Johnstone
Deputy Commissioner






Jay Fedorak
Information Commissioner 
Office of the Information Commissioner





Dr Jay Fedorak was appointed Information Commissioner for the Jersey (Channel Islands) Data Protection Authority in July 2018. He previously served for six years as Deputy Commissioner to the Information and Privacy Commissioner for British Columbia, five years of which he was also the Deputy Registrar of Lobbyists. He has 25 years of experience in the field of privacy and Freedom of Information, as a regulator and in the public service of the Province of British Columbia as a practitioner. Jay holds an MA and PhD in International History from the London School of Economics. He is an expert in the field of Great Britain and Europe during the 18th and 19th centuries and the author of ‘Henry Addington, Prime Minister, 1801-1804: Peace, War, and Parliamentary Politics’. Jay has taught history at the London School of Economics, Royal Roads Military College, the University of Victoria, and Simon Fraser University. 



Bruno Gencarelli
Head of the International Data Transfers and Protection Unit
European Commission





Bruno Gencarelli is the Head of the Data protection Unit within the European Commission (DG Justice and Consumers). The unit is responsible for all aspects of  Commission's policies and activities in the area of data protection: negotiation, adoption and implementation of the reform of EU data protection legislation, addressing data protection issues at international level (including through the negotiation of international agreements and the adoption of adequacy decisions), monitoring the application by Member States of EU data protection legislation, ensuring the secretariat of the "Article 29 Working Party", etc.  He is one of the lead negotiators of the EU-US "Umbrella Agreement" and of the Privacy Shield. He previously served as a Member of the Commission's Legal Service and as an assistant (référendaire) to a judge at the European Court of Justice after having practiced law in the private sector. He holds degrees in law and political science. He is an Associate Professor in EU Competition Law at Sciences Po Paris.



Andrea Jelinek
Chair, European Data Protection Board
Director, Data Protection Authority







Karolina Mojzesowicz
Deputy Head, Data Protection Unit
European Commission





Karolina Mojzesowicz is the Deputy Head of Unit of the unit responsible for data protection at the European Commission (DG Justice and Consumers). She was one of the Commission's representatives in the interinstitutional negotiations with Parliament and Council on the General data Protection Regulation (GDPR). She is now responsible for its implementation in the EU. Mrs Mojzesowicz previously served as a member of the European Commission's Legal Service, focusing on EU Competition law and International Trade law. In that capacity, she represented the Commission in numerous cases before the European Courts and before the WTO panels and Appellate Body. Mrs Mojzesowicz studied law in Poland, the Netherlands and Germany where she obtained her PhD in 2001. 



Elisabeth Stafford
Senior Policy Advisor - EU Data Protection
Department for Digital, Culture, Media and Sport 





Elisabeth Stafford is Head of EU Data Flows at the Department for Digital, Culture, Media, and Sport (DCMS).  She has led the negotiating team for the UK in the reform of the ePrivacy Directive and the recast of Regulation 45/2001, setting data protection rules for the EU institutions.  Previously, she was one of the negotiators on the GDPR and the Law Enforcement Directive for both the UK, and for the European Commission.  She has also worked in private office in the Ministry of Justice, leading on human rights and EU dossiers for the Minister of State.  She holds a degree in Philosophy, Politics, and Economics from the University of Oxford, and a masters in International Relations from the University of Aberdeen.



Daniel Therrien
Office of the Privacy Commission of Canada







Bradley Tosso
Assistant Information Commissioner
Gibraltar Regulatory Authority





Bradley Tosso is the Assistant Information Commissioner at the Gibraltar Regulatory Authority (“GRA”). 

Mr Tosso has 12 years experience in the field of compliance and regulation. He initiated his career in gambling regulation with previous positions held in the Gambling Commissioner’s office and a private operator.

With specialist professional experience and qualifications including a BSC in Computing and Management, an LLM in European Union Law and a further LLM in Information Rights Law, Mr Tosso has progressively advanced through the GRA’s structure since his appointment in 2013.

In his role Mr Tosso directly assists Gibraltar’s Information Commissioner in his regulation, supervision and enforcement of data protection and other information rights laws in Gibraltar.

Mr Tosso believes in engagement and guidance as integral parts of a modern and effective supervisory regime.



Brendan Van Alsenoy
Legal Advisor
Data Protection Authority





Brendan Van Alsenoy is a legal advisor at the Belgian Data Protection Authority.

Before joining the DPA, he worked as a legal researcher at the KU Leuven Centre for IT & IP law - imec, with a focus on data protection and privacy, intermediary liability and trust services.

In 2012, Brendan worked at the Organisation for Economic Co-operation and Development (OECD) to assist in the revision of the 1980 OECD Privacy Guidelines.

In 2016, he defended his doctoral thesis entitled: "Regulating data protection: the allocation of responsibility and risk among actors involved in personal data processing."

He is currently a senior affiliated researcher at the KU Leuven Centre for IT & IP law – imec and a co-editor of the periodical “Privacy & Persoonsgegevens” (“Privacy & Personal data”).


Wojciech Wiewiórowski
Assistant European Data Protection Supervisor
European Data Protection Supervisor












Carl Blake
Legal Director
Bupa Global                                          





Carl joined Bupa in October 2014 and became the Legal Director for Bupa Global in December 2017, with responsibility for legal risk matters across the business with a team of 14 lawyers covering matters including privacy and data protection, product and marketing, sales and distribution, customer services, digital and IT systems, and contentious matters.

Prior to this Carl spent three years at Royal Sun Alliance (RSA) in a number of positions within the Group Centre and Emerging Markets legal teams, including as General Counsel, Central and Eastern Europe and the Middle East, for which Carl was responsible for running a team of 11 lawyers and compliance officers dealing with a variety of legal and regulatory matters across those jurisdictions. Prior to RSA, Carl was a Senior Associate at the international law firm Clifford Chance in the Corporate Finance team.


John Bowman
Senior Principal





John is a Senior Principal in Promontory's privacy and data protection team. John advises clients on all aspects of compliance with data protection laws and regulations. He is a specialist on the European Union’s General Data Protection Regulation (GDPR). Prior to joining Promontory, John worked at the U.K. Ministry of Justice where he was the government’s lead negotiator on the GDPR. This work involved leading the U.K. delegation to the Council of the European Union’s DAPIX expert working group in Brussels, developing the government’s policy position on the GDPR, engaging with a wide range of stakeholders and advocates, and regularly briefing ministers.

John also represented the U.K. at the European Commission's Article 31 Committee, which is responsible for determining the adequacy of non-EU data-protection regimes. He earlier represented the U.K. government in negotiations on reviewing The Hague Conventions on International Child Abduction and led the government’s outreach to domestic Muslim communities on issues related to family law. John also carried out a comprehensive review of the U.K.’s claims management regulatory regime for the Ministry of Justice. John is a regular speaker on data protection matters and has had articles published by Privacy Laws and Business, Bloomberg BNA, IAPP and the European Data Protection Law Review.



Shawn Brown







Lien Ceulemans
Vice President and Associate General Counsel, Global Privacy







Alison Deighton







Debbie Evans
Data Protection Professional & Lawyer
Kincordia Limited








Ian Evans
Managing Director, EMEA







Olga Ganopolsky
General Counsel - Privacy and Data
Macquarie Group







Fabrizia Giacomini
VP, Associate General Counsel
21st Century Fox







John Grant
Civil Liberties Engineer                           
Palantir Technologies





John joined Palantir Technologies in September 2010 as the company’s first Civil Liberties Engineer.  Previously, John served for nearly a decade as an advisor in the United States Senate.  He began his career in the Senate as an aide to Senator Peter Fitzgerald before joining the staff of former presidential candidate and member of the Senate Republican leadership, Senator Lamar Alexander.  While working for Senator Alexander on issues ranging from the federal budget to homeland security, John attended law school at Georgetown University.  He earned his law degree shortly after joining the staff of the Senate Homeland Security and Governmental Affairs Committee.  As Counsel to Ranking Member Senator Susan Collins, John handled the Committee’s intelligence and privacy and civil liberties portfolios.  He conducted oversight of numerous programs within the Department of Homeland Security and the U.S. intelligence community as well as investigations into intelligence failures that led to the attacks at Fort Hood and the failed 2009 Christmas Day bombings.

As a Civil Liberties Engineer at Palantir, John has worked with customers all over the world, helping them to develop data protection practices that make the best use of Palantir’s privacy and civil liberties protective capabilities.  John is a co-author of The Architecture of Privacy (O’Reilly 2015) and most recently co-authored a chapter in The Cambridge Handbook of Consumer Privacy, “A Marketplace for Privacy: Incentives for Privacy Engineering and Innovation.”  (Cambridge UP, 2018)



Mark Keddie
Global Data Protection Officer
Dentsu Aegis Network





Mark Keddie is the Global Data Protection Officer for Dentsu Aegis Network Ltd, a multinational media and digital marketing communications company headquartered in London, UK. Operating in in a 145 countries, its core services are communications strategy through digital creative execution, media planning and buying, sports marketing and content creation, brand tracking and marketing analytics.

With over a decade of experience, Mark has been active in privacy since developing a professional interest as a Chartered Marketer working in the global energy sector. As CPO for BT Group Mark managed the application for BT's Binding Corporate Rules (Controller and Processor) - a first for a UK telco.

Mark has spoken at a wide variety of external events in Europe and America and contributes to in-house and external publications. In his capacity for managing relationships with regulatory authorities and professional bodies, he has held positions in various industry privacy groups, most recently serving on the IAPP European Advisory Board before becoming the Co-chair of the London IAPP Chapter. In addition to an MSc, Mark is also a IAPP Fellow In Privacy (FIP).  His outside interests include ultra-running and multi-day events.



Jenai Nissim
Legal Director








Soumya Patnaik
Data Protection Consultant
Privacy Perfect





Soumya Patnaik is a data protection consultant at PrivacyPerfect. Throughout her career, she has had extensive experience assisting multi-national organisations in navigating privacy laws across jurisdictions. Prior to joining PrivacyPerfect, she completed an LL.M in Advanced Studies in Law & Digital Technologies, from Leiden University, where she graduated top of her class.

She is a qualified advocate, registered with the Bar Council of India and has practised law for several years at a leading law firm based in India, with a primary sector focus on knowledge-based industries. During this time, she advised numerous global tech giants as well as start-ups on diverse issues ranging from foreign investment and market entry strategy, to cross-border transactions involving international data transfers. Soumya has been ranked as a Next Generation Lawyer by Legal 500 Asia-Pacific.

Clients value her practical approach to legal advice, broad international experience and hands-on attitude.


Michelle Phillips
Global Data Protection & Privacy Senior Counsel
British American Tobacco






Kevin Shepherdson
CEO & Founder
Straits Interactive


Claus Ulmer
Group Data Privacy Officer
Deutsche Telekom AG


Josh Zweig
Civil Liberties Engineer
Palantir Technologies



Law Firms

Ines Antas de Barros
Managing Associate
Vieira De Almeida


Rafi Azim-Khan





Rafi Azim-Khan is Head of Data Privacy, Europe and Head of Marketing Law at Pillsbury Winthrop Shaw Pittman LLP. Mr. Azim-Khan has been listed in Chambers Global and UK Directories for his e-commerce expertise and was named one of the UK’s “digital dozen” e-commerce and data protection specialists by Legal 500’s Insider Guides. He is recognized as an expert by Who’s Who Legal: Data 2018. He has also been ranked as a leader in Chambers Directory for his IP and Marketing Law work every year since 1995, particularly for digital marketing, social media, the launch of new products internationally or entering new markets/countries and dealing with claims, competitors and regulators. On the data side, Rafi has advised clients, ranging from GE and GM through to Silicon Valley startups, on the full range of data protection, cyber-security and e-commerce issues, including the GDPR, BCRs and data transfers, Big Data use and e-Privacy Regulations. He has co-authored 5 books including Regulation of the Internet, the IPA’s Ad Law, The Encyclopaedia of E-Commerce Law, and E-Business: The Practical Guide.


Kwang Bae Park
Head of Protection & Partner
Lee & Ko
South Korea


Ann Bevitt


Rebecca Cousin
Slaughter and May







Richard Cumbley
Solicitor, Partner and Global Practice Head






Danilo Doneda
Lawyer and Professor   
Public Law Institute


Jamie Drucker
Senior Associate
Bristows LLP


Isabel Ornelas
Vieira De Almeida


Nigel Parker
Allen & Overy


David Smith
Special Advisor                                 
Allen & Overy





David retired from his role as Deputy Data Protection Commissioner in November 2015 and joined A&O as special adviser on data protection on 1 January 2016.

David was instrumental in shaping the UK position on the General Data Protection Regulation. He was widely quoted giving the ICO view on regulatory developments – e.g. Safe harbour and the Google decision on the right to be forgotten. He also represented the ICO in the Article 29 Working Party of European Supervisory Authorities set up under the Data Protection Directive. The Article 29 Working Party is a highly influential group of national regulators across Europe who issue opinions on compliance. David was also involved at the highest level of the ICO’s enforcement regime.

His wealth of experience and knowledge of data protection policy and enforcement bolsters Allen & Overy’s existing data protection team in London at a time of significant regulatory change and growing client demand for advice and support in this fast moving area. During his time as Deputy Commissioner, David saw first-hand how this area of law has evolved and the impact it can have on businesses and ordinary citizens.    


Tanguy Van Overstraeten






Daniele Vecchi
Gianni, Origone, Grippo, Cappelli & Partners


Mark Watts
Bristows LLP



Ashley Winton
McDermott Will & Emery UK LLP







Academics and Interest Groups


Oliver Butler
Fellow by Special Election in Law
Wadham College, University of Oxford








Privacy Laws & Business


Stewart Dresner
Chief Executive
Privacy Laws & Business                             





Stewart Dresner graduated from the University of Lancaster in politics and marketing in 1973. He has written and researched extensively on data protection/privacy and freedom of information since 1975, when he initiated a research project on this subject at the UK Consumers Association. His research in the USA and Canada in 1976 enabled him to prepare a submission to the UK government-sponsored Lindop Committee, and write Open Government: Lessons from America, published in 1980.

He then joined Business International as a business journalist where he wrote on privacy laws for its publications and organised conferences in Austria, Belgium, Portugal, Spain, Sweden, and the UK. The company became a subsidiary of The Economist and he wrote its report on the first prosecution under the UK’s Data Protection Act 1984.

When The Economist rejected Stewart’s proposal for an international data protection law newsletter, he established Privacy Laws & Business in 1987. Its first service was the Privacy Laws & Business International Newsletter which has now developed to become the hub of a comprehensive global information service reporting on over 100 countries with data protection legislation and proposed legislation. Privacy Laws & Business services include consulting, conferences, training, recruitment, the Privacy Laws & Business UK Report (which also covers the Freedom of Information Act), advice to companies and policy makers, and the Privacy Officers Network.

Stewart was a founder and first Chairman of the UK's Data Protection Forum. He has spoken on data protection/privacy law at conferences in Australia, Belgium, Canada, Finland, Germany, France, Hungary, Ireland, Israel, the Netherlands, Portugal, Poland, Spain, Switzerland, the UK and the USA and to groups, such as the International Association of Privacy Professionals, the Institute of Chartered Accountants, The Records Management Society, the Information Systems Audit and Control Association, and the International Pension and Employee Benefits Lawyers Association.



Laura Linkomies
Editor, Privacy Laws & Business Reports      





Laura Linkomies is Editor of Privacy Laws & Business International and UK Reports, and PL&B enews service. Laura oversees the whole editorial process from researching, commissioning and managing freelancers to writing about a wide range of legislative and management issues within privacy, data protection and freedom of information. She also assists in conference planning and public relations, and provides secretariat services for the PL&B European Privacy Officers’ Network.

Laura first joined Privacy Laws & Business as Associate Editor for the International Report in 1997 and launched the UK Report in 2000. Before joining Privacy Laws & Business, she worked at the UK Information Commissioner's Office as a European Secretariat Officer facilitating co-operation with European Union national Data Protection Commissioners. Laura has also worked as freelance business content writer for Sweet & Maxwell, and written for several publications in Finland.

Laura holds a Masters degree in Political Science and Journalism from University of Tampere, Finland, and Advanced Certificate in Marketing from the Chartered Institute of Marketing. She is fluent in English and Finnish, and has a working knowledge of Swedish, Italian and German.


Tom Cooper
Deputy Editor, Privacy Laws & Business Reports





Tom Cooper began working for PL&B in 2010 as a sub editor. He produces the print and online versions of our PL&B UK and PL&B International reports using desk top publishing software. His role also involves close checking of stories and ensuring a consistent style across publications. He writes for PL&B Reports and undertakes administrative tasks as needed.

Tom trained as a journalist in Australia. He has worked for a number of local newspapers, and was editor of UK hockey magazine Push from 2008 to 2014.  He has had spells as an editor at the Commonwealth Parliamentary Association and for an online wire service covering European Union business news.


Valerie Taylor
Privacy Laws & Business                                  





Valerie qualified as a solicitor in 1994 with Clifford Chance, the London based international law firm, and throughout her legal career has specialised in data protection as well as IT and intellectual property law.

After leaving Clifford Chance, Valerie worked for several years in the in-house legal team at Royal Mail Group plc where she was the principal data protection adviser.
Valerie has been working with Privacy Laws & Business since 2002. She gives advice to large and small businesses in the public and private sector on all aspects of data protection and related legislation, including DP strategy, project management, policies and procedures, training and awareness and compliance monitoring.

She regularly carries out data protection health checks for organisations and advises them on a risk-based approach to compliance. She runs Data Protection training workshops for Privacy Laws & Business, as well as in-house training sessions for clients, and is a Legal Correspondent for the Privacy Laws & Business Reports.