This is a listing of the membership of the DHS Data Privacy and Integrity Advisory Committee.
Sponsor: Karen L. Neuman, DHS Chief Privacy Officer
Executive Director: Sandra L. Taylor, Director of Administration, DHS Privacy Office
Biographies of Members
Chair: Lisa J. Sotto, managing partner of Hunton & Williams LLP’s New York office and chair of the firm’s top-ranked Global Privacy and Cybersecurity practice. Ms. Sotto was named among The National Law Journal’s “100 Most Influential Lawyers” in 2013. She was voted the world’s leading privacy advisor in Computerworld’s three most recent annual surveys and was recognized by Chambers and Partners as a “Star” performer for Privacy & Data Security; she was the only privacy lawyer in the U.S. to receive this distinguished ranking. Ms. Sotto also is recognized as a “leading lawyer” in the 2013 edition of The Legal 500 United States. She was named one of Ethisphere Magazine’s 2013 “Attorneys Who Matter,” listing attorneys who “have risen to the top.” She was featured as “The Queen of Breach” in an article by New York Super Lawyers Magazine. Ms. Sotto is the editor and lead author of the legal treatise entitled Privacy and Data Security Law Deskbook, published by Aspen Publishers, Wolters Kluwer Law & Business. She is a member of the family of a 9/11 victim.
Jim Adler, Vice President of Products and Chief Privacy Officer, Metanautix, Los Altos, CA. Metanautix is a big data startup focused on data management and analysis for large enterprises. Most recently, Mr. Adler served as the first Chief Privacy Officer and Vice President of Data Systems at Intelius, an organization that provides businesses and consumers with background checks, public record searches, and predictive intelligence. At Intelius, he led big data technology teams, privacy efforts, consumer advocacy outreach, and negotiations with the U.S. Senate and the Federal Trade Commission. Mr. Adler is a frequent public speaker and author on the power of data, privacy, security, and identity technologies.
Sharon A. Anolik, President, Privacy Panacea, San Francisco, CA. Ms. Anolik provides strategic privacy advisory services to companies. She has served as the Global Privacy Risk and Strategy Leader for a Fortune 15 healthcare company, the Chief Privacy Officer for a public technology company, and the legal counsel for numerous others where she has led privacy program governance and operations and advised on applications of big data and privacy innovation. Ms. Anolik clerked for the California Supreme Court and was an adjunct professor of Cyberlaw and Privacy at Golden Gate University School of Law. Ms. Anolik is a frequent industry speaker, co-inventor of a privacy indicator method patent (pending), and serves on several privacy advisory boards.
K. Suzanne Barber, Professor of Electrical and Computer Engineering at the University of Texas at Austin. Ms. Barber is Director of the University’s Center for Identity, an effort of federal and state government and private-sector entities to develop identity management applications, to conduct education and outreach, and to combat identity management threats and fraud.
Allen Brandt, brings more than 20 years of experience in the technology and information industries to work with businesses and policy makers to form practical solutions for today’s global data economy. Previously, Mr. Brandt was the Director and Corporate Counsel for Data Privacy & Security and the Chief Privacy Official for the Graduate Management Admission Council®. He provided legal guidance and counsel on U.S. and global consumer privacy issues, created the organization’s data protection policies and procedures, and worked with regulators to enable enhanced exam security using new technologies. His experience includes integrating privacy awareness and implementation throughout the organization and has presented privacy programs to the European Commission and European Data Protection Supervisor, as well as to the U.S. Federal Trade Commission, U.S. Department of Commerce, and U.S. Department of State. He serves on the Board of Directors of the International Association of Privacy Professionals, is an Advisory Board member of the Future of Privacy Forum, and is a hearing officer for U.S. /EU Safe Harbor complaints that are brought to the Better Business Bureau for resolution. Mr. Brandt has created policies for IT and cloud computing, research standards, device and social media, and privacy training, in addition to executive level briefings on the impact of existing and proposed privacy regulations.
Alan Broder, Novetta Fellow and Chairman, Novetta Solutions, McLean, VA, and Adjunct Clinical Professor of Computer Science at Yeshiva University, New York. Mr. Broder has over 30 years of experience designing and leading the development of large scale data exploitation systems on parallel architectures. Mr. Broder advises on technology policy and strategic issues related to entity disambiguation, privacy protection, and data quality in the context of Big Data analytics.
James M. Byrne, Chief Privacy Officer and Associate General Counsel for Lockheed Martin Corporation, Bethesda, MD. Prior to joining Lockheed Martin, Mr. Byrne was a career Senior Executive Service official with over 20 years of professional experience in the military and federal government, including several years as a federal international narcotics prosecutor and deployed Marine infantry officer. Prior to leaving the government Jim served as the Deputy Special Counsel with the Office of the U. S. Special Counsel. He also served overseas with the Office of the Special Inspector General for Iraq Reconstruction. Mr. Byrne serves on the board of directors for the International Association of Privacy Professionals.
Joshua Galper, Chief Policy Officer and General Counsel of Personal.com, Washington, D.C. Mr. Galper oversees legal, privacy, and public policy activities and is co-head of security for Personal, the industry-leading personal data vault, private networking, and identity management solution. He was previously a partner at Orrick, Herrington & Sutcliffe, where he co-led the legal crisis management and strategic response practice, handling high-profile litigation, investigations, and controversies for clients in the U.S. and abroad, and, before that, an associate in Sidley Austin’s privacy and internet law practice. Mr. Galper has been named a Privacy by Design ambassador, is a member of the World Economic Forum's Rethinking Personal Data Project, and has taught at Georgetown University Law Center.
Melodi (Mel) M. Gates, CIPP/US, Senior Legal Editor, Intellectual Property & Technology Service, Privacy & Data Security, Thomson Reuters Practical Law, Denver, CO. Previously, Ms. Gates was a senior associate at Squire Patton Boggs (US) LLP, practicing in the areas of cybersecurity, privacy, technology, and administrative law. Prior to practicing law, she worked for over twenty years in technical and leadership roles in the telecommunications industry, last serving as chief information security officer (CISO) for Qwest Communications International, Inc. (now part of CenturyLink) from 2002-2009.
Lynn Goldstein, Chief Data Officer, Center for Urban Science + Progress at New York University, Brooklyn, NY. Prior to joining New York University, Ms. Goldstein was the Chief Privacy Officer and Privacy General Counsel for JPMorgan Chase and the Chief Privacy Officer for Bank One. Also at Bank One, Ms. Goldstein was General Counsel for the credit card company and Head of Litigation. Prior to joining JPMorgan Chase and predecessor entities, Ms. Goldstein was in private practice and clerked for a federal judge. She is a lawyer, a Senior Scholar of the Information Accountability Foundation, a Certified Information Privacy Professional, and a frequent speaker on privacy topics.
Joanna L. Grama, Director of IT Governance, Risk, and Compliance and Cybersecurity Programs, EDUCAUSE, a nonprofit association committed to advancing higher education, Louisville, CO. Ms. Grama has experience in higher education information security policy and compliance activities related to the security and privacy of personally identifiable information. She was the former Information Security Policy and Compliance Director for Purdue University, IN.
Joanne McNabb, Director of Privacy Education and Policy, Privacy Enforcement and Protection Unit, California Department of Justice. The Unit protects Californians’ constitutionally guaranteed right to privacy, enforces state and federal privacy laws, educates consumers and businesses, and makes recommendations to the Attorney General on privacy matters. Ms. McNabb is a Certified Information Privacy Professional, with specializations in Government and Information Technology, and is a Fellow of the Ponemon Institute, a research center on privacy, data protection and information security policy. From 2001 until 2012, Ms. McNabb directed the California Office of Privacy Protection, which was a resource and advocate on privacy issues. Before that she worked in public affairs and marketing, in both the public and private sectors, including five years with an international marketing company in France. She attended Occidental College and holds a master’s degree in Medieval Literature from the University of California, Davis.
Sarah Morrow, Chief Privacy Officer, State of South Carolina. Ms. Morrow has over 14 years of industry and regulatory compliance experience, the last five specifically in higher education as chief privacy officer for the Pennsylvania State University, and previously as the privacy consultant to the Smithsonian Institution. She is an active member of the International Association of Privacy Professionals, serving on their Education Advisory Board and chairing the Certification Foundation Exam Development Board.
Greg Nojeim, Director, Freedom, Security, and Technology Project, Center for Democracy and Technology, Silver Spring, MD. Mr. Nojeim is a former legislative counsel for the American Civil Liberties Union responsible for national security, immigration, and privacy.
Charles Palmer, Chief Technology Officer, Security and Privacy, Associate Director of Computer Science Research at IBM, Yorktown Heights, NY. Dr. Palmer manages the Security, Networking, and Privacy Departments at the IBM Thomas J. Watson Research Center, where various teams around the world are developing privacy-related technology and exploring how technology can help preserve privacy while improving data quality.
Julie Park, Manager, Data Privacy Office, The Church of Jesus Christ of Latter-day Saints, Salt Lake City, UT. Ms. Park manages the global privacy program for the Church and oversees compliance with global data privacy laws and regulations. Ms. Park is also an adjunct instructor at Weber State University, teaching Information Technology for the John B. Goddard School of Business & Economics.
Christopher Pierson, Executive Vice President, Chief Security Officer and Chief Compliance Officer for LSQ Holdings, Orlando, FL. Dr. Pierson oversees LSQ’s cybersecurity and compliance program and is also a Distinguished Fellow of the Ponemon Institute. Prior to joining LSQ, Dr. Pierson was the Senior Vice President and first Chief Privacy Officer for the Royal Bank of Scotland’s U.S. banking operations and a corporate attorney for Lewis and Roca. Dr. Pierson was President and Chairman of the Board of the InfraGard Phoenix Member’s Alliance, Inc., from 2003-2007 and served on the Arizona Office of Homeland Security’s Homeland Security Coordinating Council from 2003-2006.
Russell Schrader, Chief Privacy Officer and Senior Vice President for Visa, Inc., San Francisco, CA. Mr. Schrader has primary legal responsibilities for a broad range of complex enterprise risk, privacy, data protection, cybersecurity, technology, and payment systems policies and issues. He is a principal legal liaison with Visa system stakeholders and attorneys on worldwide regulatory issues. Mr. Schrader is also a Director of the Council of Better Business Bureaus and an advisor to a number of privacy and data security groups.
Jeewon Kim Serrato is a counsel in Debevoise & Plimpton’s Washington, DC office, and a member of the Cybersecurity & Data Privacy practice. She handles a variety of counseling, litigation, crisis management and transactional matters for clients facing data privacy and cybersecurity issues. Prior to joining the firm in 2015, Ms. Serrato managed Fannie Mae’s privacy program as the Chief Privacy Officer, where she led the organization’s privacy risk assessments, reviewed its operations from a privacy and cybersecurity perspective, and handled data security incidents. She is a member of the Chief Information Security Officer Group on the Dell Software President’s Advisory Board.
Barry Steinhardt, Senior Advisor and Trustee, Privacy International. Now retired, Mr. Steinhardt served from 1993-2009 in various leadership roles in the American Civil Liberties Union, most recently as Director of the ACLU’s Technology and Liberty Project working on issues including airline passenger screening, video surveillance, database privacy, and border security.
C.M. Tokë Vandervoort, Vice President and Assistant General Counsel for Technology, Privacy and Security and Chief Privacy Officer, XO Communications, Herndon, VA. With over twenty years of experience in technology related law, Ms. Vandervoort is the principal legal point of contact for technical operations at XO, including Network Engineering, IT, Service Delivery and Marketing. She counsels clients on product and technology development, security compliance, licensing, outsourcing, and intellectual property matters. Ms. Vandervoort is integral to developing and operationalizing privacy, network and information security policies, and leads related training, investigations and enforcement activity working closely with executives and technical staff across the enterprise and with counterparts at major suppliers, customers and law enforcement.
Marjorie S. Weinberger, Legal Counsel to the Massachusetts Department of Transportation (MassDOT) and Information Security Officer for the MassDOT Registry of Motor Vehicles Division. Ms. Weinberger is responsible for development and implementation of policies and procedures for protecting personal information held in the State’s database of over five million licensing and registration records.
Richard Wichmann, Privacy and Risk Officer for Bupa Latin America, based in Miami, FL. Mr. Wichmann is responsible for the oversight, maintenance, and training on corporate compliance programs in the areas of Information Governance, Anti-money Laundering, and OFAC/Sanctions screening, in addition to corporate Risk Management. Mr. Wichmann was formerly Privacy Officer for Assurant Solutions and Assurant Specialty Property.