Steve Wright
Chief Privacy Officer, Unilever
Steve Wright is the global privacy officer responsible for overseeing the privacy for Unilever. By using his solid risk and IT security understanding, 18 years of practical IT risk and business experience, coupled with his holistic knowledge of process and control frameworks – Steve brings to bear his collective experience in implementing a global privacy framework. Having once served as IT Security Director for a large professional services organisation, and held interim high profile delivery roles, he knows first-hand the challenges and demands of privacy, cyber-crime, identity theft, computer hacking, data leakage, access management, encryption, cyber-terrorism, fraud, consumer and staff awareness and the complex legal, regulatory and contractual requirements of today’s multi-connected and globally trading digital environments.
Gemma Witham
Senior Privacy Counsel, Tesco
Gemma is the Senior Privacy Counsel for the Tesco Group and oversees all data and privacy issues across the operating countries, Tesco Bank and the telecoms businesses. Tesco is the third largest retailer in the world and is often seen as one of the pioneers in the world of data following its launch of the first loyalty scheme, Clubcard, in 1995. Prior to working at Tesco, Gemma spent three years at Wonga.com where she was Head of Legal for the international consumer lending businesses. Before Wonga, Gemma worked in private practice at Addleshaw Goddard LLP.
Duncan Cameron
Data Protection Manager, Sky
Duncan is currently the Data Protection Manager at Sky where he provides advice and support to the Sky group of companies on a wide variety of privacy and data governance matters. He was awarded an AHRC scholarship to study an MA in Records Management and has subsequently undertaken privacy and data governance roles across a number of sectors. Particular areas of professional interest include privacy by design and data retention.
Belinda Doshi
Chief Privacy Officer and Associate General Counsel, Pearson
Hans Martens
Regional Privacy Manager, GSK
Mark Gleeson
Partner, Squire Patton Boggs (UK) LLP
Mark is a partner in the international law firm Squire Patton Boggs specialising in data protection, privacy and freedom of information.
Mark has considerable experience of advising leading private and public sector organisations, both nationally and internationally, on information law. He advises on both a compliance and strategic basis.
He has advised on and managed a large number of multi-jurisdictional data projects.
He has particular expertise in advising on the exploitation and monetisation of information including the use of data including behavioural and location information. He has advised on a number of cutting edge data analytics projects including loyalty schemes, mobile payments, video analytics and telematics.
He has acted on behalf of clients under investigation by regulators, law enforcement and industry bodies in relation to data protection compliance. He has pursued and defended civil matters in tribunals and before the courts.
Mark also advises the private sector organisations and individuals on how to protect their information subject to freedom of information laws. He has successfully used the same legislation to gain access to valuable public information for commercial and litigation purposes.
James Leaton Gray
Director, The Privacy Practice
At The Privacy Practice James provides bespoke consultancy services in Data Protection and Privacy. Whilst also writing the Privacy Practice Blog shining light onto current issues in Privacy and Data Protection. Until earlier this year James was providing policy guidance and designing a privacy programme for the BBC as it develops its big data capability. For over 10 years James headed the BBC’s Information Policy and Compliance Department overseeing the BBC’s systems for compliance with the Data Protection and Freedom of Information Acts. Before that he worked on a variety of policy and management roles following a career in current affairs and political programmes production.
Johanna Pimentel Sanchez
EMEA Privacy Counsel, JPMorgan
Johanna Pimentel is currently an Executive Director and the EMEA privacy counsel for J. P. Morgan. Prior to joining J.P Morgan in 2013 she has held similar roles at Ericcson, Western Union and Orange. She has been focusing on Privacy for over 10 years, with broad experience concerning large multinationals in the areas of IT and Telecoms, E-commerce, Mobile, Mobile payments and financial sector on both B2C and B2B offerings. Johanna is participant on Data Protection Groups at AFME, BBA and CBI, as well as a Data Protection and London Committees of the Society for Computers and the Law.
Brad Bryant
Deputy Chief Privacy Counsel, AON
Amanda Brock
General Counsel, Global Switch
Amanda is General Counsel of Global Switch and a European Representative of the Open Invention Network. Having been General Counsel, Canonical – lead commercial sponsor of the open source operating system Ubuntu and open stack cloud partner – for 5 years, where she managed the worldwide legal function. Her experience is diverse, in particular in the technology sector and her expertise includes open source software, cloud computing, big data, IOT, new governance models for co-operation and “open” as well as device manufacture and distribution.
With over 20 years of experience of commercial and IT law her experience lends itself to her very commercial approach to legal advice. This has been primarily in house, including roles as European Manager at DSG International where she was the first lawyer at the ISP, Freeserve (UK’s first and biggest .com IPO), UK Legal Director, Aramark and General Counsel Nicole Farhi & French Connection.
Amanda is as a solicitor, admitted in England and Scotland and has a Masters in IP and IT law from Queen Mary and a Masters in Comparative Jurisprudence from New York University. Amanda is a Visiting Research Fellow at Queen Mary and was a founder of the QM Legal Incubator Q:Legal. She is a Judge and part of the Advisory Board of the UK Open Source Awards.
She has spoken at academic, legal and business conferences internationally and written extensively on open source, tech and commercial law, including being the author of “E-Business: A Practical Guide to the Laws” and having contributed the chapter on commercial agreements to Oxford University Press’s “Free and Open Source Software, Policy, Law and Practice”. She is currently writing a new legal text, “Legal Issues in IoT: Smart Laws for Smart Businesses”, to be published in February 2016.
Joanna Copping
Senior Privacy Counsel, Electronic Arts
Jo leads EA’s European and Latam Privacy function based in Europe. She is part of EA’s global privacy and consumer protection team and advised on international privacy, consumer and security matters.
Before joining EA in 2012, Joanna was privacy officer and content lawyer at Channel 5, having first trained and qualified as a solicitor into the Media Litigation department at Farrer & Co.
Monika Tomczak-Gorlikowska
Data Privacy Counsel, Shell
Monika Tomczak-Górlikowska is a Data Privacy Legal Counsel with Shell International Limited in London. Monika is a licensed attorney (adwokat) and has been with the offices of Miller, Canfield, W.Babicki, A.Chełchowski i Wspólnicy in Poland. In addition to the law studies, she has also received a Master of European Law degree (LLM cum laude) from the Law Department of the College of Europe in Brugge (Belgium). Monika is also a Co-Chair of the Forum on International Privacy Law and a frequent speaker at IAPP events. Monika has also worked for the Legal Service of the General Secretariat of the Council of the EU in Brussels. Monika is fluent in English, French, Spanish and Portuguese.
Nicola Carter
Data Protection Officer, Airbus
Nicola Carter is responsible for personal data compliance in Airbus in the UK and key member of the Airbus Group Personal Data Protection Network leading the Group wide Communication, Training and Awareness Centre of Expertise. In her UK role Nicola advises the business on data protection compliance, from CCTV policies and guidelines, to data sharing, privacy notices managing subject access requests and in addition provides UK specific legislative advice to transnational project teams. She is currently planning a campaign to promote Personal Data Protection day with focus on making the 2016 campaign relevant to Airbus Group facilities outside of the EU and also leading the implementation project on Binding Corporate Rules. When she is not working on personal data topics, Nicola has a supporting role to the HR Employee Relations team and outside of work enjoys walking with her dog and being mum of 3 sons.
Jacquie Elliott
Data Protection and Information Governance Lead, Metropolitan Housing Trust
Jacquie’s career in data protection began at the Legal Services Commission (now the Legal Aid Agency) in March 2000 when the 1998 Act came into force. As Information Compliance Manager, she took the lead on implementing the 1998 Act within the Head Office and 13 regional offices, managing a small team of Information Compliance Officers overseeing the access to information requests within the Commission and providing compliance advice on disclosures under FOIA as well as Subject Access requests. Jacquie also took the strategic lead to implement an Information Security Management System agenda built on the HMG Security Policy Framework, prior to the LSC’s transition to an Executive Agency of the Ministry of Justice. She is a BCS qualified data protection Practitioner and also has a Certificate in Information Security Management Principles (CISMP).
Jacquie is now responsible for promoting compliance with the Data Protection Act and other Information Governance legislation across the whole of Metropolitan Housing Trust, its subsidiary companies and its partnerships. Metropolitan is one of the UK’s leading providers of integrated housing services, providing affordable housing, care and support services and regeneration of communities. It currently has a portfolio over 38,0000 homes serving around 90,000 customers across London, the East of England and the East Midlands. Jacquie joined Metropolitan in 2013 during a period of transformation and has been instrumental in devising and implementing new policies and processes for personal information handling and sharing of data across the multi agencies it works with to provide services to its customers and stakeholders. Jacquie has a wealth of experience with handling complex subject access requests and is currently preparing the Trust for the impending new EU Regulations when they come into force.
Ken Munro
Senior Partner, Pen Test Partners
Ken Munro is Partner and Founder of Pen Test Partners LLP, a firm of experienced penetration testers, otherwise known as ethical hackers, all of whom have a stake in the business. He regularly blogs on everything from secure coding to hacking cars and the Internet of Things. He also writes for various newspapers and industry magazines in an effort to get beyond the unhelpful scaremongering put about by many security vendors. A familiar face on the speaker circuit, Ken enjoys courting controversy and speaks widely on computer security, taking great pleasure in highlighting vulnerabilities in software and hardware. Ken has worked in the field of information security for over 15 years.
Vivienne Artz
Managing Director, Citi
Vivienne Artz is a Managing Director and Head of International for the IP and O&T Law Group in the General Counsel’s Office in London.
The International team, with lawyers in London, Hong Kong, Singapore and Japan, is responsible for all intellectual property, technology, e-commerce, general commercial/procurement/outsourcing, data privacy, banking secrecy and data security, electronic trading and order routing, and market data legal issues, across all business areas in the EMEA and APAC regions.
Prior to joining Citigroup in 2000, Vivienne worked in private practice in London.
Vivienne chairs the AFME Data Protection Working Group and is an active participant on the E-Commerce Group and the Data Protection Groups at the BBA and CBI, as well as a Steering Committee member for the Technology Discussion Group. Vivienne is co-chair of the Citi Women Network in the UK, and leads the Legal Diversity Committee for EMEA.
Andreas Klug
Privacy & Data Protection Counsel, MasterCard
Andreas is a dual-qualified English and German lawyer with more than 17 years of experience in Data Privacy, telecommunications and technology law as well as international commercial law. He also holds a specialist data privacy qualification from IAAP, being a Certified Information Privacy Manager (CIPM). As a member of MasterCard’s global privacy and information governance team he has global responsibility for data privacy matters regarding new acquisitions and supports MasterCard’s global processing group on strategic projects and initiatives. Prior to joining MasterCard Andreas spent more than 2 years at Colt Technology Services, a London based telecommunications and data centre provider with operations in Europe, India and Singapore. As senior corporate counsel he headed up the data privacy function and also had responsibility for corporate policy and other corporate matters. Andreas also spent more than 12 years as a lawyer with several international law firms including Steptoe & Johnson and Eversheds, where he advised multinational technology and communications companies on global data privacy compliance programmes.
Nick Mathys
Partner, White & Black
Nick is a specialist technology lawyer, a fluent Japanese speaker and a data protection specialist. Much of Nick’s commercial work focuses on the cloud computing, e-commerce and online services sector and the data protection and privacy issues arising from the cross-border provision of cloud-based services, mobile apps and e-commerce, particularly for Japanese and US cloud service providers. Nick started his legal career with the IP/IT team of Baker & McKenzie in London before joining the Corporate/TMT team of Herbert Smith’s Tokyo office in August 2007. He joined White & Black in 2012 and has recently been promoted to become a partner in the firm.
Alison Deighton
Partner, TLT
Alison is a Partner and head of our Data Protection & Privacy team. She works within the Commercial Services group, advising a wide range of private and public sector clients on all aspects of information law.
Alison has extensive experience advising clients on data protection compliance issues, including drafting privacy notices and policies, delivering training, advising on international data transfers, advising on marketing compliance issues, dealing with ICO investigations, conducting audits, managing data breach incidents and advising on data sharing arrangements. She also advises on freedom of information issues, including protecting information provided to public authorities, making freedom of information requests and the application of exemptions.
Prior to joining TLT Alison was an associate in the Telecommunications, Media and Technology team at city firm Linklaters. She is a member of the National Association of Data Protection Officers and the International Association of Privacy Professionals.
Cameron Craig
Deputy General Counsel and Group Head of Data Privacy, HSBC
Cameron Craig is deputy general counsel and group head of data privacy at HSBC, a role which he took on in September last year. In this new role he has responsibility for advising the Bank on global data privacy risks and appropriate measures to address these risks. Before joining HSBC Cameron was a partner in DLA Piper’s IP & Technology Team where he built and was the co-chair of DLA Piper’s EU Data Protection and Privacy Team. He worked as an engineer before turning to the law and his practice retains a strong technology focus. He has extensive experience in advising on outsourcing transactions and in managing and implementing global data protection solutions for international businesses. Cameron has managed many multi-jurisdictional projects, co-ordinating advice on compliance with data protection legislation across the world and advising clients on strategies for cloud adoption. Cameron is recognised as a data protection expert in Chambers for both UK and international data protection law which in 2010 stated that “he is well respected by market observers, who recommend him for his client-friendly and commercial approach” and in 2011 states that he is “technically second to none,” while clients value his “approachable manner and commercial advice.” The 2012 edition of Legal 500 recommends Cameron for “co-ordinating privacy projects for blue-chip clients” and the UK data protection team for providing ‘top-notch commercial advice’ on regulatory compliance matters, including for online products, international data transfers and security breach issues. He is also a regular contributor to journals and is the author of the data protection chapter for the Communications Law Handbook published recently by Bloomsbury Professional.
Rosemary Jay
Senior Attorney, Hunton & Williams
Rosemary Jay has advised in privacy and information law issues for over 25 years and is recognised as one of the top lawyers in the area of data protection in the UK, with Chambers and Partners recognising her in “Band 1” in data protection. Rosemary is the author of Sweet & Maxwell’s Data Protection Law & Practice, a contributing editor to The White Book on privacy and an editor of the Encyclopedia of Data Protection and Privacy.
Bridget Treacy
Partner, Hunton & Williams
Bridget Treacy leads Hunton & Williams’ UK Privacy and Cybersecurity team and is the Managing Partner of the Firm’s London office. Her practice focuses on all aspects of privacy, data protection, information governance, e-discovery and e-commerce issues for multinational companies across a broad range of industry sectors. Bridget’s background lies in complex technology transactions (including wide-ranging experience of advising on sourcing agreements, strategic alliances and other collaborative arrangements with a technology focus). This enables her to advise on the specific data protection and information governance issues that occur in a commercial context and to assist clients with data protection regulatory investigations. Bridget is the editor of the specialist privacy journal “Privacy and Data Protection”, and has contributed to a number of published texts. She is widely respected for offering pragmatic advice to clients. She is ranked as a “Star Individual” by Chambers UK 2014 and is recognised as a leading practitioner by Chambers Global 2014.
Mark Devereux
Senior Principal, Promontory
Mark Devereux is a Senior Principal in Promontory’s London office focused on information security and risk management. Prior to joining Promontory, he was EMEA Head of Business Information Risk at Goldman Sachs, and was responsible for the technology risk programmes within its EMEA business divisions as well as Operations globally. During his time in this role Mark created and off-shored a vendor technology risk programme and a business aligned data security incident response programme. Before joining Goldman Sachs he worked at a number of financial institutions in technical roles designing and implementing infrastructure systems.
Simon McDougall
Managing Director - Global Privacy and Data Protection, Promontory
Simon McDougall is a Managing Director in Promontory’s London office, and leads Promontory’s global privacy and data protection practice. He is a Chartered Accountant and until 2010, led Deloitte’s UK Privacy & Data Protection and Payments Regulation teams. He specialises in privacy and data protection, information governance and regulatory investigations.
Simon has lead engagements with some of the world’s largest financial institutions, technology firms, retailers and life sciences firms. He has developed rationalised privacy risk management models, built enterprise-wide privacy programs and managed in-depth data protection audits. He spent six months seconded as the Head of Privacy and Records Management for the retail half of a large international bank.
Simon has served on a range of industry and advisor groups, including the UK Data Protection Forum executive, the BSI Data Protection Editorial Board, the DataGuidance Panel of Experts, the President of the Law Society’s Surveillance Working Group, the DMA’s Cookies Law Working Group, and Lord Prescott’s Working Group for the Leveson Inquiry.
Sue Khan
Senior Counsel – Marketing & Consumer, Telefónica
Sue joined an award winning in-house team at Telefónica (the brand operating as “O2”) in 2008. Her specialist fields include marketing, consumer and data protection. Much of Sue’s commercial work focuses on data opportunities for this leading network operator, and advising on the benefits and risks associated with innovative big data projects in the mobile sector. Sue is the legal advisor for the information strategy councils that sit within Telefónica and its group companies. She steers the business on a range of matters including, cloud computing, e-commerce, mobile apps, commercial contracts and data protection and privacy issues arising from the provision of heavily regulated mobile (and value-add) services to a base of 22 million customers. Sue’s also advises and helps to direct her clients on security breaches and incident management and response. She started her career at The Carphone Warehouse.
Kamini Bharvada
Legal Counsel, Data Privacy Compliance, Accenture
Kamini joined Accenture in 2006 and is part of the global data privacy compliance team, covering mainly the EMEA region but also dealing with multiple global projects. She advises on global internal strategic projects and initiatives relating to Accenture’s 300,000 + employees (eg roll out of BYOC, review of DPO network, surveys, marketing etc) as well as privacy by design on Accenture’s offerings to clients including use of big data, internet of things, data localisation/cross border transfers and inclusion of data privacy provisions in client contracts.
Prior to joining Accenture, Kamini was part of the Privacy and IT/E-Commerce group at Morgan Stanley and prior to that she worked for a US law firm specialising in IT, data privacy and commercial law. Kamini has studied European law in the UK and Belgium and holds the IAPP specialised data privacy qualifications in CIPP E, CIPP US, CIPT and CIPM.
Paula Barrett
Partner, Eversheds
Paula is the international head of Eversheds’ privacy and information law group and also leads on its international e-commerce work.
With a strong background in information technology law, Paula has developed extensive experience in data protection/privacy law domestically and internationally. She is currently advising on data protection compliance issues in 60+ countries around the world and our data protection practice is independently ranked by Chambers as being amongst the best in the UK.
Helen Gourdin
Senior Counsel, Global Compliance, Diageo
Helen joined Diageo in 2002 and is Diageo’s global subject matter expert in anti-bribery and corruption, anti-money laundering and data privacy and owns these global policies and programmes. Helen is the group privacy officer and a member of the group Information Security Steering Committee and Digital Governance Leadership Team. Helen supports the Global Risk & Compliance and Global Audit & Risk teams as well as any global investigations.
Helen started her career at Clifford Chance, focusing primarily on commercial matters, then joined Diageo as New Business Ventures Counsel before taking on the role of Senior Counsel, Corporate Centre. Helen holds a first class honours joint degree in French and Law from Surrey University in Guildford, which included study at Lyons University and a work placement with Electricité de France in Paris.
Mark Keddie
Chief Privacy Officer, BT Group
Mark Keddie is the Chief Privacy Officer for BT Group which, in addition to being an ISP and sports broadcaster, is one of the largest communication and cloud service providers in the world. With operations in over 190 countries Mark has overall responsibility for BT’s global data privacy strategy and compliance programme across the Functions and Lines of Business. In addition to data privacy, Mark’s portfolio extends to broader data governance matters, PCI DSS and information retention.
With over 15 years’ experience, Mark has been active in privacy since developing a professional interest as a Chartered Marketer working in the global energy sector. In his capacity for managing relationships with regulatory authorities and professional bodies, he has held Chair positions in industry privacy groups including the American Petroleum Institute, the European Privacy Officers’ Network and was a founding member of the European Privacy Officers’ Forum.
Mark has spoken at a wide variety of external events in Europe and America and has also contributed to in-house and external publications. His interest in privacy has allowed Mark to develop wider professional experience in ethics and compliance governance including fraud and anti-bribery & corruption. .
In addition to an MSc, Mark holds various academic and professional qualifications including privacy, IT and fraud investigation. His outside interests include ultra-running.
Richard Kemp
Solicitor, Kemp IT Law
Richard Kemp is widely recognised as one of the world’s top IT lawyers. He has built an outstanding reputation for combining commerciality and client service with innovative legal solutions to the business challenges of technology development, deployment and regulation. Richard has won numerous industry awards and has been top ranked in IT since 1997 and in the ‘Expert Guide to the World’s Leading Lawyers – Best of the Best’ continuously since 2001. He set up Kemp & Co in 1997 as a sole practitioner and led the firm to the top rank of UK IT firms in 2011 before setting up Kemp IT Law in 2014.
Rhiannon Webster
Partner, DAC Beachcroft
Rhiannon is a specialist information lawyer with considerable expertise in and experience of advising on data protection law both in the UK and on international projects.
Rhiannon offers strategic advice on the data protection compliance steps required to implement global IT platforms, data protection issues in new technologies such as cloud services, telematics, big data initiatives and the internet of things and data security breach management including representing clients in their communications with the ICO and other regulators. She also advises clients on privacy and cookies policies and consents and data protection compliance for companies based outside Europe, who wish to enter the European market.
Rhiannon has particular expertise in advising on data protection issues in the health and insurance sectors. Her recent experience includes guiding a UK health insurer through a data security breach including notifications to the FCA and ICO, managing and advising on the data protection compliance steps involved on the global roll out of a claims management system and undertaking a data protection compliance audit of a UK branch of a global insurance company and drafting and implementing resultant privacy policies and notices. Rhianon has also advised both insurers and the health sector on fraud data sharing initiatives.
Rhiannon regularly provides bespoke training to clients on data protection and is a frequent and popular speaker on information law at conferences.
Rhiannon qualified in 2006 having joined Beachcroft Wansbroughs as a trainee in 2004.
Andrew Farquhar
Senior Legal Counsel, Skyscanner
Andrew joined Skyscanner in March 2013 as the company’s first in-house lawyer and is a senior legal counsel in the now 7-strong legal team. Andrew is responsible for advising the business on a wide range of technology-related intellectual property, data privacy, brand protection, regulatory, commercial contracts and M&A matters on a global basis. Prior to joining Skyscanner, Andrew trained with DLA Piper and was a member of their award winning intellectual property and technology team.
Raphaelle Conyard
Head of Legal – Privacy, British Gas
Raphaelle began her career in privacy at Masons (now Pinsent Masons) as a data protection paralegal in 2000. After a spell within the HBOS Group as a Data Protection Officer, Raphaelle joined Centrica in 2003 as Senior Data Protection Officer responsible for corporate centre compliance.
In 2008 she progressed to Data Protection Manager focusing to a greater extent on British Gas customer information compliance.
Raphaelle was promoted to her current Head of Legal – Privacy role in 2012 and also completed her legal training contract and qualified as a solicitor in 2014.
Raphaelle has experience in running data protection compliance programmes, advising on big data projects, large scale commercial deals and customer database management solutions.
Ellis Parry
Global Lead – Data Privacy, BP
Ellis Parry started his career as a solicitor in private practice before joining AstraZeneca pharmaceuticals in 2001 as a specialist IT lawyer. Parry became AstraZeneca’s Global Privacy Officer in 2005, leaving to join BP as its Global Lead for Data Privacy in December 2010. At BP, Parry is responsible for devising and implementing BP’s global approach to personal information handling, including the maintenance of BP’s Binding Corporate Rules and their interplay with the principle of ‘accountability’ which it is expected will be made explicit in the GDPR. Parry has an MBA. In 2014 Parry spoke both in the US and EU on the topic of accountability and in 2015 has spoken on the topics of the compliance challenges posed by matrixed international businesses, the private sector’s view of the Freedom of Information Act and is the subject of a Leading Practices Profile by the Association of Corporate Counsel.