Professor Dr.Ian Walden
Professor of Information and Communications Law Studies, Queen Mary, University of London
Dr Ian Walden is Professor of Information and Communications Law and Head of the Institute of Computer and Communications Law in the Centre for Commercial Law Studies, Queen Mary, University of London. His publications include EDI and the Law (1989), Information Technology and the Law (1990), EDI Audit and Control (1993), Cross-border Electronic Banking (2nd ed., 2000), Telecommunications Law Handbook (1997), E-Commerce Law and Practice in Europe (2001), Computer Crimes and Digital Investigations (2007), Media Law and Practice (2009), Telecommunications Law and Regulation (4th ed., 2012) and Free and Open Source Software (2013). Ian has been involved in law reform projects for the World Bank, the European Commission, Council of Europe, UNCTAD, ITU, UNECE and the EBRD, as well as for a number of individual states. Ian was awarded a Council of Europe Human Rights Fellowship in 1987 and 1988; was a seconded national expert to the European Commission DG-Industry in 1995; Board Member and Trustee of the Internet Watch Foundation from 2004 to 2009; on the Executive Board of the UK Council for Child Internet Safety from 2010 to 2012, and the Press Complaints Commission from 2009 to 2014. Ian is a solicitor and Of Counsel to Baker & McKenzie, he currently leads Queen Mary’s Legal initiative, which is part of the iLINC network and is a member of the Cloud Legal Project.
David Smith
Deputy Commissioner and Director of Data Protection, Information Commissioner’s Office
David Smith is the Deputy Commissioner with responsibility for the Data Protection supervisory functions of the Information Commissioner’s Office (ICO) based in Wilmslow, Cheshire.
As well as providing Data Protection leadership across the Information Commissioner’s Office, David has direct responsibility for oversight of its Strategic Liaison Division which develops and manages the ICO’s relations with its key stakeholders. He is a member of both the Commissioner’s Management Board and Executive Team.
The international aspects of David’s work involve him in representing the UK on the Article 29 Working Party of European Supervisory Authorities set up under the Data Protection Directive. In addition he was the Chairman of the data protection supervisory body for Europol from October 2006 to October 2009.
Vivienne Artz
Managing Director & General Counsel, CITI
Vivienne Artz is a Managing Director and Head of International for the IP and O&T Law Group in the General Counsel’s Office in London. The international team with lawyers in London, Hong Kong, Singapore and Japan, is responsible for all intellectual property, technology, e-commerce, general commercial/procurement/outsourcing, data privacy, banking secrecy and data security, electronic trading and order routing, and market data legal issues, across all business areas in the EMEA and APAC regions.
Prior to joining Citigroup in 2000, Vivienne worked in private practice in London. Vivienne chairs the AFME Data Protection Working Group and is an active participant on the E-Commerce Group and the Data Protection Groups at the BBA and CBI, as well as a Steering Committee member for the Technology Discussion Group. Vivienne is co-chair of the Citi Women Network in the UK, and leads the Legal Diversity Committee for EMEA.
Stewart Room
President, National Association of Data Protection Officers
Stewart has over 23 years’ experience as a Barrister and Solicitor, focusing for the last 13 years on technology and communications. He specialises in the field of data protection and information management, including the commercial exploitation of data, the security of data, regulatory investigations and litigation arising from the misuse of data. Stewart is rated as a leading individual in data protection by Chambers UK, who says he “is the kind of lawyer who inspires confidence” and “he is an excellent, first-rate, tactical lawyer.”
He holds a Master’s Degree in Computer and Communications Law and he is a past winner of the Financial Times Legal Innovator of the Year Award, for his work with global IT companies on “Privacy Enhancing Technologies”. Stewart is also a Director of Cyber Security Challenge UK and the President of the National Association of Data Protection Officers. He has written three leading textbooks on information law including “Butterworths Data Security Law and Practice”.
Mark Keddie
Chief Privacy Officer, BT Group
Mark Keddie is the Chief Privacy Officer for BT Group which, in addition to being an ISP and sports broadcaster, is one of the largest communication and cloud service providers in the world. With operations in over 190 countries Mark has overall responsibility for BT’s global data privacy strategy and compliance programme across the Functions and Lines of Business. In addition to data privacy, Mark’s portfolio extends to broader data governance matters, PCI DSS and information retention.
With over 15 years’ experience, Mark has been active in privacy since developing a professional interest as a Chartered Marketer working in the global energy sector. In his capacity for managing relationships with regulatory authorities and professional bodies, he has held Chair positions in industry privacy groups including the American Petroleum Institute, the European Privacy Officers’ Network and was a founding member of the European Privacy Officers’ Forum.
Mark has spoken at a wide variety of external events in Europe and America and has also contributed to in-house and external publications. His interest in privacy has allowed Mark to develop wider professional experience in ethics and compliance governance including fraud and anti-bribery & corruption.
In addition to an MSc, Mark holds various academic and professional qualifications including privacy, IT and fraud investigation. His outside interests include ultra-running.
James Leaton Gray
Controller, Information Policy, BBC
James Leaton Gray is the Controller, Information Policy in the BBC’s Future Media Division, where he is working on the data and privacy implications of the corporation’s entry into “big data”. For ten years prior to that he oversaw the operation of the Corporation’s systems for compliance with the UK Data Protection and Freedom of Information Acts, amongst others. His team was involved in many high profile cases in this rapidly evolving area of the law.
James has been working in broadcasting, mainly for the BBC, for over 30 years. He has worked on a wide variety of management roles including overseeing projects to ensure the BBC’s impartiality during elections and the introduction of staff multi-skilling in areas of BBC News. Before joining the legal section he was a programme maker and spent much of his time in political journalism. He edited many of the BBC’s Political and Parliamentary programmes including Today/Yesterday in Parliament, The Week in Westminster, Westminster Live, and the documentary series Scrutiny.
He was one of the first staff members to be invited to take part in the BBC’s MBA programme. He is a former Chairman of the Strategic Planning Society, and is a member of the Royal Television Society and the Radio Academy. He is on the editorial board of Data Protection Law & Policy and is a Member of the Examination Board for the Practitioner Certificate in Freedom of Information.
Richard Kemp
Solicitor, Kempitlaw
Richard Kemp is widely recognised as one of the world’s top IT lawyers. He has built an outstanding reputation for combining commerciality and client service with innovative legal solutions to the business challenges of technology development, deployment and regulation. Richard has won numerous industry awards and has been top ranked in IT since 1997 and in the ‘Expert Guide to the World’s Leading Lawyers – Best of the Best’ continuously since 2001. He set up Kemp & Co in 1997 as a sole practitioner and led the firm to the top rank of UK IT firms in 2011 before setting up Kemp IT Law in 2014.
Stephen Deadman
Group Privacy Officer, Vodafone
Stephen is the Group Privacy Officer and Head of Legal – Privacy, Security & Content Standards at Vodafone Group, one of the world’s leading mobile communications companies. Stephen is responsible for leading Vodafone’s global privacy policy and strategy, and the development and implementation of Vodafone’s global privacy programme.
Stephen joined Vodafone in 1997 where he played a central role in the creation of Vodafone’s global legal function. In 2002 Stephen founded and chaired Vodafone’s international network of privacy & security law experts. In 2005 he was appointed Head of Technology and Media law with responsibility, among other things, for legal and regulatory advice on the development of global products and services, and where he succeeded in the formulation and adoption of Vodafone’s global privacy policy.
With over 14 years in the mobile industry, Stephen has worked on many the emerging privacy issues for the sector including geo-location, mobile advertising, identity management and human rights, and spoken at many industry, privacy and security conferences in Europe and the US.
In 2005 Stephen was appointed European Chair of the Public Policy Expert Group of the Liberty Alliance, an industry alliance focused on building technology and business standards for federated identity management. Stephen was also one of the founder members of the multi-stakeholder dialogue that led to the formation of the Global Network Initiative in 2008, and continues his work with investors, academics and civil society organisations on the protection of human rights within the ICT sector. From 2009 Stephen helped found and co-lead the Mobile Privacy Initiative, a global mobile industry initiative under the auspices of the GSMA to create a privacy framework to advance privacy in the evolving mobile internet eco-system.
Stephen is also a Steering Committee member of the International Privacy Law Forum.
Stephen Page
Non-Executive Director and Boardroom Advisor,
Stephen is a leading expert in the boardroom issues of the digital age.
As a non-executive director and board advisor he has helped shape and lead some of the world’s most complex, mission-critical IT—and the businesses which rely on it.
He brings a particular focus on how boards can lead in the digital age—how they can create value from innovation; and how they can understand and mitigate new digital risks. He is one of the country’s leading experts on cyber security and the boardroom response to cyber risks.
Stephen has worked at the top levels of the UK’s defence, intelligence and national security community for 10 years—growing the UK’s counterterrorism capability, and now focusing on cyber security, cybercrime and serious organised crime.
Before focusing on his non-executive portfolio, Stephen was a leading technology and business strategist with a focus on large and global companies. At Accenture he led IT/digital Strategy Consulting, and transformation of clients’ IT capabilities, worldwide. He led business change implementation in 24 countries and in almost all industry sectors; and shaped large-scale outsourcing deals, commercial transactions and shared services.
He is a non-executive director of several businesses which are pursuing a bold digital transformation strategy.
Steven Wright
Global Privacy Officer, Unilever
Steve Wright is Global Privacy Officer who has responsibility to oversee the privacy for Unilever PLC. By using his solid risk and IT security understanding, 18 years of practical IT risk and business experience, coupled with his holistic knowledge of process and control frameworks – Steve shares his collective experience in implementing a global privacy framework. Having once served as a IT Security Director for a large professional services organization, and held interim high profile delivery roles, he knows first-hand the challenges and demands of privacy, cyber crime, identity theft, computer hacking, data leakage, access management, encryption, cyber-terrorism, fraud, consumer and staff awareness and the complex legal, regulatory and contractual requirements of today’s multi-connected and global trading digital environments.
Alison Deighton
Partner, Head of Data Protection & Privacy, TLT Solicitors
Alison is a Partner and head of our Data Protection & Privacy team. She works within the Commercial Services group, advising a wide range of private and public sector clients on all aspects of information law.
Alison has extensive experience advising clients on data protection compliance issues, including drafting privacy notices and policies, delivering training, advising on international data transfers, advising on marketing compliance issues, dealing with ICO investigations, conducting audits, managing data breach incidents and advising on data sharing arrangements. She also advises on freedom of information issues, including protecting information provided to public authorities, making freedom of information requests and the application of exemptions.
Prior to joining TLT Alison was an associate in the Telecommunications, Media and Technology team at city firm Linklaters. She is a member of the National Association of Data Protection Officers and the International Association of Privacy Professionals.
Suzanne Rodway
Group Head of Privacy, Royal Bank of Scotland
Suzanne is currently Group Head of Privacy for the Royal Bank of Scotland Group, with responsibility for oversight of the organisation’s compliance with data privacy, bank secrecy and freedom of information laws, worldwide.
She trained with global law firm Linklaters, where after completing a number of years in the Technology, Media & Telecoms practice, moved to an in-house to advise the firm on its own privacy and information risk management issues.
With the experience gained in this role Suzanne then undertook a secondment to Barclays as their interim head of data protection. She joined Barclays permanently in December 2006 as their Privacy Director within the Legal & Compliance team. For the last 2 years of her role at Barclays she was also Chair of the British Banker’s Association Data Protection Advisory Panel. Most recently Suzanne was the Chief Privacy Officer at NBCUniversal.
She represents Privacy on the Executive Committee of the recently formed Women’s Security Society, which aims to encourage the advancement of women working in today’s security world through the exchange of information and creation of collaborative relationships.
In 2009, under Suzanne’s leadership Barclays were awarded a Privacy Innovation award by the International Association of Privacy Professionals.
Andreas Klug
Privacy & Data Protection Counsel, Vice President, Mastercard – DataCash and Access Prepaid Worldwide, Mastercard Europe
Andreas is a dual-qualified English and German lawyer with more than 17 years of experience in Data Privacy, telecommunications and technology law as well as international commercial law. He also holds a specialist data privacy qualification from IAAP, being a Certified Information Privacy Manager (CIPM). As a member of MasterCard’s global privacy and information governance team he has global responsibility for data privacy matters regarding new acquisitions and supports MasterCard’s global processing group on strategic projects and initiatives. Prior to joining MasterCard Andreas spent more than 2 years at Colt Technology Services, a London based telecommunications and data centre provider with operations in Europe, India and Singapore. As senior corporate counsel he headed up the data privacy function and also had responsibility for corporate policy and other corporate matters. Andreas also spent more than 12 years as a lawyer with several international law firms including Steptoe & Johnson and Eversheds, where he advised multinational technology and communications companies on global data privacy compliance programmes.
Rachel Greening
Group Information Risk Manager and Data Protection Officer, Nuffield Health
Rachel Greening is Group Information Risk Manager & Data Protection Officer for Nuffield Health, the UK’s leading health and social enterprise charity providing services across a network of hospitals, medical centres, and fitness & wellbeing centres.
A qualified Lead Auditor in ISO27001 and ISO9001 standards, and a Certified Practitioner in Data Protection, Rachel is responsible for ensuring customer and employee information is processed securely across the entire Group, through the creation and implementation of policies, audit programmes, and training. Rachel has worked for Nuffield Health for 11 years and is passionate about communicating best practice, working with Group, Divisional and local teams, across Nuffield’s 300 sites to embed processes and compliance.
Helen Gourdin
Senior Counsel, Corporate and Global Functions, Diageo
Helen joined Diageo in 2002 and is Diageo’s global subject matter expert in anti-bribery and corruption, anti-money laundering and data privacy and owns these global policies and programmes. Helen is the group privacy officer and a member of the group Information Security Steering Committee and Digital Governance Leadership Team. Helen supports the Global Risk & Compliance and Global Audit & Risk teams as well as any global investigations.
Helen started her career at Clifford Chance, focusing primarily on commercial matters, then joined Diageo as New Business Ventures Counsel before taking on the role of Senior Counsel, Corporate Centre. Helen holds a first class honours joint degree in French and Law from Surrey University in Guildford, which included study at Lyons University and a work placement with Electricité de France in Paris.
Dr. Philip Raether
Executive Director, Executive Director and Legal Counsel, UBS
Philipp Raether is an Executive Director and Legal Counsel in the IT, Contracting & Shared Services Legal Team of UBS in London. In this capacity, Philipp looks after the bank’s data protection, banking secrecy and outsourcing projects and issues globally. Before joining UBS, Philipp has worked for seven years with the law firm Freshfields specializing in IP/IT/Data Protection. Philipp has studied law in Germany, Switzerland and the US; he is admitted as a German Rechtsanwalt and as a Solicitor in England and Wales.
Sally-Ann James
General Counsel, Metro Bank
Sally-Ann was the first lawyer to join Metro Bank in February 2012. Her role as General Counsel is to develop the legal function in a fast changing, expanding business.
Prior to joining Metro Bank, Sally-Ann spent nearly 20 years in Manchester undertaking various legal roles with the Co-operative Bank, Co-operative Financial Services and the Co-operative Banking Group.
Sally-Ann started her career in matrimonial and criminal law in Northampton, before moving on to join the corporate transactional team at Manches & Co in 1989.
Simon McDougall
Managing Director, Promontory Financial Group
Simon McDougall is a Managing Director in Promontory’s London office, and leads Promontory’s global privacy and data protection practice. He is a Chartered Accountant and until 2010, led Deloitte’s UK Privacy & Data Protection and Payments Regulation teams. He specialises in privacy and data protection, information governance and regulatory investigations.
Simon has lead engagements with some of the world’s largest financial institutions, technology firms, retailers and life sciences firms. He has developed rationalised privacy risk management models, built enterprise-wide privacy programs and managed in-depth data protection audits. He spent six months seconded as the Head of Privacy and Records Management for the retail half of a large international bank.
Simon has served on a range of industry and advisor groups, including the UK Data Protection Forum executive, the BSI Data Protection Editorial Board, the DataGuidance Panel of Experts, the President of the Law Society’s Surveillance Working Group, the DMA’s Cookies Law Working Group, and Lord Prescott’s Working Group for the Leveson Inquiry.
Stephen Bolinger
Chief Privacy Officer & Vice President, Legal, TeleSign
Stephen Bolinger — privacy maven, technology enthusiast, and coffee savant — oversees TeleSign’s global privacy program. CIPP certified since 2007, Bolinger is responsible for data protection, product guidance and legal counsel. He draws on significant experience in this area, including seven years as a key participant in the development and implementation of Microsoft’s privacy and data protection strategy for cloud computing.
Before joining TeleSign, Bolinger provided privacy and data protection guidance for Microsoft’s operations across Europe, the Middle East and Africa as EMEA Privacy Attorney. This included compliance advice for Microsoft’s subsidiaries across the region on topics such as marketing privacy, data subject access requests, and employment privacy. He also supported key negotiations for Microsoft’s cloud services by addressing data protection issues relating to cloud computing, and participated in policy work with privacy advocates, regulators, and legislators.
Prior to this, Bolinger was Commercial Attorney with Microsoft, supporting their consumer businesses in the UK on a broad range of topics. He also acted as Microsoft’s privacy subject matter expert, providing guidance on local compliance, as well as contributing to the company’s local and regional responses to enquiries from data protection regulators and other policy engagement.
Bolinger’s first role in law with Microsoft was as Privacy Attorney/Compliance Manager, when he advised the company’s Server and Tools Division’s software and services development organizations on privacy and data protection issues throughout the development lifecycle.
Prior to undertaking a career in law, Bolinger spent ten years in technical roles in network and systems engineering. Originally Director, Network Operations for FrontBridge Technologies, where he architected and oversaw the operation of global network operations, he continued as Manager of Systems Engineering for Microsoft after its acquisition of FrontBridge, before becoming Senior Developer, Exchange Hosted Services.
Bolinger is admitted to practice law in California and Washington, and received his LLM in Computer and Communications Law, with Merit, at Queen Mary University of London.
Mick Gorrill
Former Head of Enforcement, ICO
Mick Gorrill worked for the Information Commissioner’s Office for seven years. He was recruited as Head of Investigations with responsibility for the investigation of all criminal offences within the Data Protection Act 1998 and Freedom of Information Act 2000.
In 2005 he was promoted to Head the newly formed Regulatory Action Division (RAD) with responsibility for investigations, audit, remedies and enforcement. He was involved in the publication of the two reports to Parliament, What Price Privacy and What Price Privacy Now.
In 2007 he facilitated the growth of the enforcement and audit departments following the HMRC and MOD data losses. He also facilitated increased regulatory action including undertakings and audit.
In 2010 he became Head of Enforcement and was involved in the issuance of the first civil monetary penalties.
In 2011 he retired from the ICO and worked for three years as a consultant to a London Law Firm specialising in data privacy and data security.
Jessica Barker
Independent Cyber Security Consultant, J L Barker
Dr Jessica Barker is an independent cyber security consultant, focusing on how individuals, institutions and societies interact with technology and the impact of our changing relationship with networked information. Jessica’s expertise is in the ‘human’ side of cyber security, and her particular specialisms cover governance, strategy and policy, compliance and learning and development. Running her own company, which advises organisations how they can keep their information safe while getting the most out of it, Jessica works with a variety of organisations and is known for her ability to engage everyone from the most senior level of the civil service and FTSE100 companies to creative workers in small digital agencies.
In her free time, Jessica is passionate about encouraging young people, particularly young women and girls, to become more engaged with cyber security. She also makes regular media appearances to discuss current cyber security issues, most recently on The One Show, BBC Breakfast and Radio 4’s Today programme, and published in The Sunday Times.
Nick Mathys
Senior Associate , White & Black Legal
Nick is a specialist technology lawyer, a fluent Japanese speaker and a data protection specialist. Much of Nick’s commercial work focuses on the cloud computing, e-commerce and online services sector and the data protection and privacy issues arising from the cross-border provision of cloud-based services, mobile apps and e-commerce, particularly for Japanese and US cloud service providers. Nick started his legal career with the IP/IT team of Baker & McKenzie in London before joining the Corporate/TMT team of Herbert Smith’s Tokyo office in August 2007. He joined White & Black in 2012.
Raj Roy
Legal Director for Residential Energy, British Gas
Raj Roy is Legal Director for Residential Energy at British Gas where he is responsible for consumer affairs, competition and privacy. Prior to this, he was at Vodafone for the past nine years where he served most recently as Lead Counsel for Regulatory Affairs where his portfolio included competition law, telecoms regulation and privacy. In that capacity, he led Vodafone’s regulatory litigation on a number of strategic issues, including switching processes and interconnection charge controls and managed the process that secured regulatory approval for Vodafone’s groundbreaking network sharing collaboration with Telefonica.
Phil Thompson
Partner, White & Black Legal
Phil is a co-founder of and head of the Commercial & Technology team at White & Black. He is a specialist technology lawyer with particular expertise in issues relating to information and cyber security, data protection and privacy regulations and cloud computing. His clients include a number of multi-national corporations – many of which are high-tech organisations – notably in the information services, PCI, managed communications and ERP sectors.
Phil is also regularly consulted on information law matters such as data protection and information security by organisations whose principal activities fall outside the high-tech industries.
Phil has worked both in-house and in private practice.
Bridget Treacy
Partner, Hunton & Williams
Bridget Treacy leads Hunton & Williams’ UK Privacy and Cybersecurity team and is the Managing Partner of the Firm’s London office. Her practice focuses on all aspects of privacy, data protection, information governance, e-discovery and e-commerce issues for multinational companies across a broad range of industry sectors. Bridget’s background lies in complex technology transactions (including wide-ranging experience of advising on sourcing agreements, strategic alliances and other collaborative arrangements with a technology focus). This enables her to advise on the specific data protection and information governance issues that occur in a commercial context and to assist clients with data protection regulatory investigations. Bridget is the editor of the specialist privacy journal “Privacy and Data Protection”, and has contributed to a number of published texts. She is widely respected for offering pragmatic advice to clients. She is ranked as a “Star Individual” by Chambers UK 2014 and is recognised as a leading practitioner by Chambers Global 2014.
Rosemary Jay
Senior Attorney, Hunton & Williams
Rosemary Jay has advised in privacy and information law issues for over 25 years and is recognised as one of the top lawyers in the area of data protection in the UK, with Chambers and Partners recognising her in “Band 1” in data protection. Rosemary is the author of Sweet & Maxwell’s Data Protection Law & Practice, a contributing editor to The White Book on privacy and an editor of the Encyclopedia of Data Protection and Privacy.
Dr. Jörg Hladjk
Counsel, Hunton & Williams
Dr. Jörg Hladjk is a German-qualified attorney and Counsel in the Global Privacy and Cybersecurity practice of Hunton & Williams in Brussels. Jörg advises on complex EU data protection and data security matters. He has particular experience in developing strategies for international data transfers and leading pan-European projects to implement standard contractual clauses, Binding Corporate Rules and U.S.-EU Safe Harbor certification. Jörg regularly advises clients on emerging issues such as data breach notification, cloud computing, smart grids, big data, e-discovery, cybersecurity, digital marketing and mobile payment solutions. He has significant experience in contentious data protection matters and regularly represents clients before the German state and federal data protection authorities. Jörg was recognized as leading practitioner by “The International Who’s Who for Information Technology Lawyers 2013” and “The International Who’s Who of Internet, E-Commerce and Data Protection Lawyers 2012”. He is chair of the Advisory Board of “Trust in Digital Life” and has spoken and written extensively on data protection and IT security compliance topics.
Fred Houwen
Deputy General Counsel and Group Compliance Officer, Reckitt Benckiser
Fred is Group Compliance Officer and Deputy General Counsel for Group Legal Affairs at Reckitt Benckiser. He is responsible for a range of compliance areas at RB, with an increasing focus on data protection. He leads a team of specialist data protection lawyers who work closely with other functions in delivering RB’s data protection programme.
Fred started his career at Clifford Chance, where he specialised in European competition law. Following time in private practice and in the Government Legal Service, he joined RB in 2009.
Lee Miles
Deputy Head, National Crime Agency
35 years law enforcement experience predominantly in investigative, training and leadership roles. Specialising in covert policing leading pro-active national and international investigations against organised crime groups tackling all crime threats including drug trafficking, human trafficking, firearms and other threats.
In 2006 joined SOCA’s Cyber Department, during his tenure he has commanded all of Cyber’s Units including Operations, Intelligence, Technical and Futures, Forensics and Covert Support.
In 2009 promoted to Head of Cyber he continued to set the direction and standards for the development of SOCA’s response to cyber crime. He currently leads the operational response for the new National Crime Agency’s (NCA) National Cyber Crime Unit (NCCU) assisting to develop a transformational capability as the Deputy Head of the NCCU.
He is currently the Chair of the European Union Cybercrime Task Force (EUCTF), member of the board for the European Cyber Crime Centre (EC3) and on Interpol’s working group helping develop the Interpol Global Centre for Innovation (IGCI).