This is a listing of the membership of the DHS Data Privacy and Integrity Advisory Committee.
Sponsor: Sam Kaplan, DHS Chief Privacy Officer
Executive Director: Sandra L. Taylor, Director of Administration, DHS Privacy Office
Biographies of Members
Chair: Lisa J. Sotto, managing partner of Hunton & Williams LLP’s New York office and chair of the firm’s top-ranked Global Privacy and Cybersecurity practice. Ms. Sotto was named among The National Law Journal’s “100 Most Influential Lawyers.” She was voted the world’s leading privacy advisor in all of Computerworld’s annual surveys and is recognized by Chambers and Partners as a “Star” performer for Privacy & Data Security; she is the only privacy lawyer in the U.S. to receive this distinguished ranking. Ms. Sotto also is recognized as a “leading lawyer” for cyber law (including data protection and privacy) by The Legal 500 United States. She was featured as “The Queen of Breach” in an article by New York Super Lawyers Magazine. Ms. Sotto is the editor and lead author of the legal treatise entitled Privacy and Cybersecurity Law Deskbook, published by Aspen Publishers, Wolters Kluwer Law & Business. She is a member of the family of a 9/11 victim.
Jim Adler is managing director and board member of Toyota AI Ventures, and vice president at Toyota Research Institute. Most recently, Jim was vice president of products and marketing at Metanautix, a big data analytics startup funded by Sequoia Capital and Workday that was acquired by Microsoft. Previously, he was the vice president of data systems and chief privacy officer at Intelius, which was acquired by H.I.G Capital. Intelius also spun-off Talentwise, which was acquired by Sterling Talent Solutions. In addition, he founded VoteHere, a pioneer in cryptographic secure and secret online voting for public elections that was funded by Cisco and HP. Jim started his career as a rocket engineer for Lockheed Martin. He received his bachelor’s degree in electrical engineering with high honors from the University of Florida and a master’s degree in electrical and computer engineering from the University of California, San Diego.
M. Peter Adler is the Global Cybersecurity Regulatory & Compliance lead for Accenture LLP where he advices on international cyber security compliance across the company’s offerings and services. Peter is also a member of the Department of Homeland Security (DHS) Data Privacy and Integrity Advisory Committee (DPIAC) and serves as an advisor to the DHS Secretary and Chief Privacy Officer. He is a founder and Board member of Data Guardian Pros, a company that provides dentists and doctors with work-flow-based HIPAA/HITECH compliance platform and tools. Peter attended Georgetown University Law Center, where in 1993 he received his Master of Laws (LL.M.), International Law, with distinction. He received his Juris Doctor (J.D.) from Mitchell Hamline College of Law in 1983 and his Bachelor of Science in Communications (B.S.C.) in 1978 from the Ohio University, Scripps College of Communications. He is certified as an information privacy professional (CIPP/US) and was a certified information systems security professional (CISSP) from 2001 – 2011) (now inactive).
Sharon A. Anolik, President, Privacy Panacea, San Francisco, CA. Ms. Anolik provides strategic privacy solutions and advisory services to companies. She has served as the Global Privacy Risk and Strategy Leader for a Fortune 15 healthcare company, the Chief Privacy Officer for a public technology company, led privacy and compliance departments for a major healthcare insurer, and served as legal counsel for numerous others where she has led privacy program governance and operations and advised on applications of big data and privacy innovation. Ms. Anolik clerked for the California Supreme Court, was an adjunct professor of Cyberlaw and Privacy at Golden Gate University School of Law, and is a senior technical advisor on privacy issues to the HBO comedy series “Silicon Valley”. Ms. Anolik is a frequent industry speaker, co-inventor of a privacy indicator method patent (pending), and serves on several privacy advisory boards.
Dr. Suzanne Barber is the AT&T Endowed Professor in Engineering and Director of the Center for Identity at The University of Texas at Austin. The Center for Identity (UT CID) is a public-private partnership serving as a center of excellence to advance research and education in identity security and privacy. Dr. Barber also serves as the Program Director of the MS Degree Program in Identity Management and Security offering a multi-disciplinary curriculum scheduled for working professionals. Dr. Barber is the former Director of Software Engineering at The University of Texas.
Allen Brandt is the Executive Director and Chief Privacy Officer at the Depository Trust and Clearing Corporation (DTCC), an organization processing securities and other transactions for the global financial markets. Previously, Mr. Brandt was the Director, Corporate Counsel and the Chief Privacy Official for the Graduate Management Admission Council®. He provided legal guidance and counsel on U.S. and global consumer privacy issues, created the organization’s data protection policies and procedures, and worked with regulators to enable enhanced exam security using new technologies. His experience includes integrating privacy awareness and implementation throughout the organization and has presented privacy programs to the European Commission and European Data Protection Supervisor, as well as to the U.S. Federal Trade Commission, U.S. Department of Commerce, and U.S. Department of State.
Jeffry Brueggeman is Vice President-Global Public Policy for AT&T. He is responsible for developing and advocating AT&T’s global public policy positions on privacy, cybersecurity and Internet policy issues. Mr. Brueggeman represents AT&T in a wide range of legislative, regulatory and policy development proceedings. Prior to assuming his current rule, Mr. Brueggeman was AT&T’s Deputy Chief Privacy Officer. In this role, he helped manage AT&T’s privacy policies and coordinate the implementation of data privacy and security programs across the company. Before joining AT&T, Mr. Brueggeman was an attorney in private practice, specializing in communications law.
Steven Chabinsky is the global chair of White & Case’s international Data, Privacy & Cybersecurity practice. He also is the Cyber Tactics columnist for Security magazine. Prior to joining White & Case, Steven served as General Counsel and Chief Risk Officer for an international cybersecurity technology firm, and was presidentially appointed to the White House Commission on Enhancing National Cybersecurity. Steven’s prior government service includes his having served as Deputy Assistant Director of the FBI's Cyber Division, after having organized and led the Bureau’s Cyber Intelligence program and after having served as the FBI's top cyber lawyer. Steven also served as the senior cyber advisor to the United States Director of National Intelligence, and was a member of the White House Transition Planning Office to establish DHS.
Dennis Dayman has more than 25 years of experience combating spam, security/privacy issues, data governance issues, and improving email delivery through industry policy, ISP relations and technical solutions. As Return Path’s Chief Privacy and Security Officer, Dayman leverages his experience and key relationships to provide best practices to Return Path, its customers, and ensures the compliance of their communications data flows. He is also responsible for coordinating and managing Return Path’s international electronic commerce, privacy and Internet related policy issues. Previously to Return Path, he was Eloqua’s Chief Privacy and Security Officer. Eloqua was acquired by Oracle for $871 Million dollars in 2012 and is now the centerpiece of Oracle's marketing cloud. Dayman is actively involved in creating current Internet and digital communication regulations, privacy/security policies and anti-spam legislation laws for state and federal governments. He is a longstanding member of several boards and advisory committees within the messaging industry and also sits on several advisory boards for Internet companies and is also a partner, mentor, and frequent investor in start-ups.
Mary Dickerson is Assistant Vice President/Assistant Vice-Chancellor for IT Security and serves as Chief Information Security Officer for the University of Houston and the University of Houston System. As CISO, she is responsible for strategic planning and implementation of information security practices, encompassing a range of activities from compliance to technical forensics. In her role, she also serves the University as a subject matter expert for the media on information security matters. Ms. Dickerson served as Chair of the Texas Cybersecurity, Education and Economic Development Council (TCEEDC) originally established in 2011 by Texas Senate Bill 988, and is currently Vice-Chair of its successor, the Texas Cybersecurity Council. Ms. Dickerson holds a variety of industry certifications including: PMP, CISM and CISSP. Ms. Dickerson has a BS from Texas A&M University and an MBA from the University of Houston, Bauer College of Business.
Laurie Dzien is the Chief Privacy Officer and Associate General Counsel at the Financial Industry Regulatory Authority, Inc. (FIRNA) where she leads the FINRA corporate privacy program and is responsible to develop and implement corporate strategy relating to safeguarding consumer, constituent and corporate data. Ms. Dzien received her Master of Laws in International Legal Studies from The American University and her Juris Doctorate from The Temple University School of Law.
Melodi (Mel) M. Gates, CIPP/US, Senior Legal Editor, Privacy & Data Security, Thomson Reuters Practical Law, Denver, CO. Ms. Gates develops legal know-how content to help lawyers and others manage privacy and data security risks and navigate related laws and regulations. Previously, she was a senior associate at Squire Patton Boggs (US) LLP, practicing in the areas of cybersecurity, privacy, technology, and administrative law. Prior to practicing law, Ms. Gates worked for over twenty years in technical and leadership roles in telecommunications and cybersecurity, last serving as chief information security officer (CISO) for Qwest Communications International, Inc. (now part of CenturyLink) from 2002-2009.
Lynn Goldstein, Senior Strategist, Information Accountability Foundation, and Founder, Indicium LLC. Previously, Ms. Goldstein was the Chief Data Officer for the Center for Urban Science + Progress at New York University, Brooklyn, NY. Prior to joining New York University, Ms. Goldstein was the Chief Privacy Officer and Privacy General Counsel for JPMorgan Chase and the Chief Privacy Officer for Bank One. Also at Bank One, Ms. Goldstein was General Counsel for the credit card company and Head of Litigation. Prior to joining JPMorgan Chase and predecessor entities, Ms. Goldstein was in private practice and clerked for a federal judge. She is a lawyer, a Certified Information Privacy Professional, and a frequent speaker on privacy topics.
Joanna Lyn Grama is a Senior Consultant at Vantage Technology Consulting Group. Joanna has more than 15 years of experience in higher education with a strong focus in law, IT security policy, compliance, governance, and data privacy. Most recently, Joanna was Director of Cybersecurity and IT Governance, Risk and Compliance programs at EDUCAUSE where she directed programs designed to help improve higher education information security governance, compliance, data protection, and privacy postures. In addition to being a prolific author and frequent public speaker on information security and privacy issues, she is also author of the textbook, Legal Issues in Information Security, 2 ed (2015). Joanna has a law degree from the University of Illinois College of Law, and is a Certified Information Systems Security Professional (CISSP) and Certified Information Privacy Technologist (CIPT).
Robyn Greene is the Senior Policy Counsel and government affairs lead for New America's Open Technology Institute specializing in issues concerning surveillance and cybersecurity. She helps to research and develop policies to protect individuals' privacy, secure the internet, and fuel the development of and access to emerging technologies. Prior to joining the Open Technology Institute, Robyn worked at the American Civil Liberties Union's Washington Legislative Office, where she worked on legislation and executive branch policies concerning surveillance, cybersecurity, government secrecy, and federal law enforcement oversight for three years. She earned a B.A. in government and politics at the University of Maryland, and a J.D. from Hofstra University School of Law.
John Kropf is the Corporate Privacy Executive for Northrop Grumman. Previously, Kropf worked as deputy chief counsel for Privacy and Information Governance for Reed Elsevier. Kropf also served as Deputy Chief Privacy Officer for the U.S. Department of Homeland Security where he worked on several negations with the European Union related to data protection. His other government service includes work as an attorney-advisor for the departments of Justice and State. He has written extensively on global privacy issues including A Guide to U.S. Government Practice on Global Information Sharing, (2nd Ed.). He earned his law degree and Master of Public and International Affairs from the University of Pittsburgh and his undergraduate from Denison University. He is a Board member of International Association of Privacy Professionals and has achieved CIPP/US, CIPP/G and CIPP/E certifications.
Sarah Morrow, Chief Privacy Officer of Texas Health and Human Services (Texas HHS). Sarah is responsible for the Texas HHS Privacy Division program, operations, policies, procedures, and privacy protections for all of Texas State Hospitals, State Supported Living Centers and Regional Offices as well as the governance of all Confidential Information held by Texas HHS. Sarah holds a MBA in Information Security Management, and designations as a Certified Information Privacy Professional, a Certified Information Management Professional, and GIAC Information Security Professional.
Dr. Charles Palmer, Distinguished Research Staff Member at IBM Research and Member of the IBM Academy of Technology Leadership Team, focuses on special projects relating to security & privacy, unique customer challenges, and broad security and privacy issues for IBM. He is also an Adjunct Professor of Computer Science at Dartmouth. Dr. Palmer is a member of various advisory committees in Washington, DC and on the editorial board for IEEE Security & Privacy.
Julie Park, Manager, Data Privacy Office, The Church of Jesus Christ of Latter-day Saints, Salt Lake City, UT. Ms. Park manages the global privacy program for the Church and oversees compliance with global data privacy laws and regulations. Ms. Park is also an adjunct instructor at Weber State University, teaching Information Technology for the John B. Goddard School of Business & Economics.
Christopher Pierson, Executive Vice President, General Counsel & Chief Security Officer for Viewpost Orlando, FL. Dr. Pierson oversees Viewpost’s cybersecurity and compliance programs and is also a Distinguished Fellow of the Ponemon Institute. Previously, Chris was the first Chief Privacy Officer, SVP for the Royal Bank of Scotland’s (RBS) U.S. banking operations leading its privacy and data protection program. Chris was also a corporate attorney for Lewis and Roca where he established it’s Cybersecurity Practice representing companies on security and data breach matters and served as the President and Chairman of the Board of the InfraGard Phoenix Member’s Alliance, Inc. Chris is a graduate of Boston College (B.A., M.A.) and The University of Iowa (Ph.D., J.D.). He is a frequent conference presenter, and is often quoted on cybersecurity issues.
Tracy Ann Pulito-Michalek - Tracy Pulito, Assistant General Counsel, Privacy, InterPublic Group (IPG), where she leads IPG’s global privacy program. Tracy is responsible for providing legal advice to IPG and all of its agencies regarding data privacy regulations and meeting privacy and data protection compliance obligations. Prior to joining IPG, Tracy worked in the Global Privacy Compliance Office at JPMorgan Chase, and at Starwood Hotels & Resorts Worldwide, Inc. as the VP, Deputy Chief Privacy Officer.
Peter E. Sand, J.D., FIP, CIPM/T, CIPPG/US/E/C, joined Amazon’s Lab 126 in October 2017. As the Lab’s first dedicated privacy geek, Peter leads the integration of privacy and customer trust into Amazon’s customer-facing devices and services. Prior to Amazon, Peter served as the first privacy officer for MGM Resorts International. For 10 years prior to MGM, Peter served as the Director of Privacy Technology for the U.S. Department of Homeland Security (DHS) where he helped create what became the leading privacy office in the federal government. Before DHS, Peter served as Chief Information Officer and Chief Deputy Attorney General for the Pennsylvania Office of Attorney General where he started a new organization that combined operational IT responsibilities with online public protection, education, and criminal law strategy. Peter partners with IT and Infosec teams, analytics and data management teams, as well as legal, compliance, and special technology teams to design pragmatic solutions to the people side of IT. After a lifetime on the East Coast, Peter moved to Sin City, NV where he enjoys the spectacle of both the Strip and the Red Rock Mountains.
Russell Schrader is General Counsel and Chief Privacy Officer for Commerce Signals Inc., a start-up specializing in permissioned sharing of data in a privacy-centric environment. Based in the Bay Area and Charlotte, Commerce Signals helps marketers make better, faster decisions by linking advertising exposures to payment transaction data in near-real time. Mr. Schrader is the former Senior Vice President and Chief Privacy Officer of Visa Inc. Mr. Schrader was responsible for privacy and data security policies and issues and a principal legal liaison for Visa financial institutions' attorneys on regulatory issues. He has written and taught on data security, privacy, payment card innovation, and electronic commerce issues.
Jeewon Kim Serrato is partner in the San Francisco office and Head of the Data Protection, Privacy and Cybersecurity Practice in the United States at Norton Rose Fulbright US LLP. Ms. Serrato was named a 2017 Cybersecurity & Data Privacy Trailblazer by the National law Journal and recognized as one of the 30 best and brightest data breach response lawyers in Cybersecurity Docket’s “Incident Response 30.” As a member of Norton Rose Fulbright’s global Technology and Innovation and Cyber Risk teams, Jeewon advises companies in all sectors on legal and regulatory compliance, data monetization strategies, new technology implementation, product design, proof of concept, risk mitigation, data breach response, and strategic engagement with key government agencies. Prior to joining the private sector, Ms. Serrato served as the Chief Privacy Officer at Fannie Mae, where she led the organization’s privacy risk assessments, managed its operations from a privacy and cybersecurity perspective, and handled data security incidents. She also served as the lead privacy executive for Reed Elsevier (now RELX Group), a member of the Chief Information Security Officer Group on the Dell Security Solutions Advisory Board and Legislative Counsel in the U.S. House of Representatives.
Dr. Robert H. Sloan is Professor and Department Head, Department of Computer Science, University of Illinois at Chicago. Dr. Sloan’s research includes theoretical computer science, artificial intelligence, computer science education, cryptography, and computer security. In recent years, his primary research has focused on public policy and legal issues in computer security and privacy. He was a program office for the National Science Foundation for two years in the early 2000s, and more recently served as a member of the Cybersecurity Subcommittee of the Illinois Governor’s Technology Advisory Board
Chris Teitzel is founder and CEO of Lockr, a security startup focused on providing key management as a service for businesses of all sizes. Dedicated to the principal that best-practice data protection should be affordable and easy for all to use, Lockr is changing the paradigm for how secure systems are built and deployed worldwide. Chris has over a decade of experience leading software development and is an advocate for privacy and encryption on the open web, and in particular the Drupal development community where he works with a team on the encryption ecosystem and create privacy standards for the project. Passionate about web security, privacy and encryption, he regularly speaks around the globe to audiences in terms they can understand, helping to demystify security and make it approachable for everyone regardless of their technical capability.
Tokë Vandervoort is the Vice President and Deputy General Counsel at Under Armour. She has spent most of her career as strategic technology and privacy counsel for tech, telecom, and internet solutions providers. At Under Armour, she and her team support the world’s third largest and fastest growing sports apparel and footwear business, as well as its digital enterprise that makes up the largest online fitness and wellness community globally. A diverse group of more than 40 experts in Intellectual Property; Privacy; Commercial and Technology Transactions; Litigation; Employment; and Consumer Protection; they are responsible for striking the right balance between accelerating innovation and growth and operationalizing a dizzying array of international legal requirements to advance and protect Under Armour globally. Toke is also a member of the US Department of Homeland Security Data Privacy and Integrity Advisory Committee, and sits on the advisory boards of both the Center for Democracy and Technology Advisory Council and the Georgetown Cyber Security Law Institute. Early in her career, she served on two federal district court clerkships. She is a first generation American and a New Orleans native, and now calls Washington, DC her home.
Marjorie Weinberger joined the Metropolitan Area Planning Council (“MAPC”) in 2017, as the Procurement Services Manager/Senior Counsel. In this position Ms. Weinberger is responsible for the collaborative procurement of goods and services for 101 cities and towns in Massachusetts. Ms. Weinberger procures and contracts for the design and implementation of information technology systems and infrastructure. Ms. Weinberger is responsible to ensure that all MAPC IT contracts are designed to implement best practices to protect personally identifiable information. Prior to her work at MAPC, Ms. Weinberger had been Senior Legal Counsel to the Massachusetts Department of Transportation and the Registry of Motor Vehicles. During her nearly 20 year tenure with the Commonwealth of Massachusetts, Ms. Weinberger was responsible for development and implementation of policies and procedures for protecting personal information held in the State’s database of over six million licensing and registration records. Ms. Weinberger has been a speaker on the need to design information privacy in an era of “Big Data” collection in emerging transportation data systems.
Alexander M. White, Deputy Chief Privacy Officer, South Carolina Department of Administration Enterprise Privacy Office. Mr. White serves as a state subject-matter expert on privacy and data protection, supporting privacy compliance and best practices for SC agencies and entities. He is an attorney licensed in Illinois and the District of Columbia and a member of the International Association of Privacy Professionals' (IAPP) Privacy Bar Section Advisory Board. Prior to joining the State of South Carolina, he worked in the insurance industry in emerging issues, enterprise risk management, regulatory compliance, and product development, including drafting and review of cyber liability forms. He holds a variety of privacy, legal, cybersecurity, and risk management qualifications and is a two-time graduate of the University of Georgia, where he earned a bachelor's degree in history and a Juris Doctor.
Ron Whitworth - Ron Whitworth is Senior Vice President and Chief Privacy Officer at SunTrust in Atlanta, Georgia. He manages the Enterprise Privacy Office for SunTrust Banks, Inc. and all of its affiliates and subsidiaries. Ron is a Fellow of Information Privacy (FIP), Certified Information Privacy Manager (CIPM) and Certified Information Privacy Professional for the United States, Canada and Europe (CIPP/US, CIPP/C and CIPP/E), as certified by the International Association of Privacy Professionals (IAPP). Prior to joining SunTrust, Ron served as Senior Vice President, Chief Privacy Officer and Associate General Counsel at EverBank in Jacksonville, FL. Earlier in his legal career, Ron was an attorney with Sullivan & Worcester, LLP, counseling clients on a wide variety of state, U.S., and international privacy and data security matters. He was also a member of S&W's Telecommunications Group, and worked closely with its Trademarks, Copyright & Licensing Group on matters involving online businesses. Before joining Sullivan & Worcester, Ron was a member of Commissioner Jonathan Adelstein’s staff at the FCC, and was an Associate with Fletcher, Heald & Hildreth, P.L.C. Ron also spent six years as editor-in-chief of Inside Wisconsin and Badger Nation Magazine and covered University of Wisconsin athletics for the Associated Press. He has appeared on dozens of local and national radio and television programs, including ESPN Radio and Fox Sports Radio. Ron is also a former associate producer for "The George Michael Sports Machine" and the NBC-4 Sports Department in Washington, D.C.
Richard (Rick) Wichmann is the Director of Data Privacy for Carnival Corporation and PLC. Rick has over 16 years as a Privacy and Regulatory Compliance leader, with subject matter expertise in Anti-Money Laundering, OFAC, and Data Security and has worked extensively with the compliance efforts on HIPAA, Gramm-Leach-Bliley, Security Breach laws, USA PATRIOT Act, and the Payment Card Industry Data Security Standards. He is a Member of the International Association of Privacy Professionals and Association of Certified Anti-Money Laundering Specialists.