This is a listing of the membership of the DHS Data Privacy and Integrity Advisory Committee.
Biographies of Members
Chair: Lisa J. Sotto is managing partner of Hunton Andrews Kurth LLP’s New York office and chair of the firm’s top-ranked Global Privacy and Cybersecurity practice. Ms. Sotto was named among The National Law Journal’s “100 Most Influential Lawyers.” She was voted the world’s leading privacy advisor in all of Computerworld’s annual surveys and is recognized by Chambers and Partners as a “Star” performer for Privacy & Data Security; she is the only privacy lawyer in the U.S. to receive this distinguished ranking. Ms. Sotto also is recognized as a “leading lawyer” for cyber law (including data protection and privacy) by The Legal 500 United States. She was featured as “The Queen of Breach” in an article by New York Super Lawyers Magazine and nicknamed “The Priestess of Privacy” by the Penn Law Journal. Ms. Sotto is the editor and lead author of the legal treatise titled Privacy and Cybersecurity Law Deskbook, published by Wolters Kluwer Publishers.
Sharon A. Anolik is President of Privacy Panacea LLC, based in San Francisco, CA. Ms. Anolik provides strategic data privacy advice to companies of all sizes. She has served as the Global Privacy Risk and Strategy Leader for a Fortune 15 healthcare company, the Chief Privacy Officer for a public technology company, led privacy and compliance departments for a major healthcare insurer, and served as legal counsel for numerous others where she has led privacy program governance and operations and advised on applications of big data and privacy innovation. Ms. Anolik chairs the Compliance & Audit Committee of the Board for El Camino Hospital, clerked for the California Supreme Court, was an adjunct professor of Cyberlaw and Privacy at Golden Gate University School of Law, and was a senior technical advisor on privacy issues to the HBO comedy series “Silicon Valley.” Ms. Anolik is a frequent industry speaker, sought after expert witness in privacy-related litigation, co-inventor of a privacy indicator method patent (pending), and serves on several privacy advisory boards.
Dennis Dayman has more than 25 years of experience working on security/privacy issues, data governance issues, and protecting and improving data through industry policy, regulatory policy relations, and technical solutions. Previously he was Return Path’s Chief Privacy and Security Officer. During that time Dayman leveraged his experience and key relationships to provide best practices to Return Path and its customers and ensured the compliance of their communications data flows. He was also responsible for coordinating and managing Return Path’s international electronic commerce, privacy and Internet related policy issues. Previously to Return Path, he was Eloqua’s Chief Privacy and Security Officer. Eloqua was acquired by Oracle for $871 Million dollars in 2012 and is now the centerpiece of Oracle's marketing cloud. Dayman is actively involved in creating current Internet and digital communication regulations, privacy/security policies and anti-spam legislation laws for state and federal governments. He is a longstanding member of several boards and advisory committees within the communications industry and also sits on several advisory boards for Internet companies and is also a partner, mentor, and frequent investor in start-ups.
Mark H. Francis is a tech and data partner at the law firm Holland & Knight LLP in New York, with a focus on cybersecurity, data privacy, intellectual property and emerging technology. Mark’s practice spans counseling, legal compliance, investigations, litigation, and a wide array of transactions. In connection with his practice, Mark advises clients on information governance, third party risk management, federal, state and foreign privacy laws, artificial intelligence, adtech and data strategy. He frequently counsels clients in response to data breaches and other incidents, guiding them through internal investigations, regulatory inquiries, and legal disputes. Mark has a background in computer science and telecommunications, and received his JD/MBA from Fordham University. He is a Certified Information Systems Security Professional (CISSP) and Certified Ethical Hacker (CEH), as well as an IAPP CIPP/US, CIPT and Fellow of Information Privacy. Mark is currently serving on the board of the New York Metro InfraGard Members Alliance and the IAPP’s CIPP/US Exam Development Board.
Lynn Goldstein is Senior Strategist at the Information Accountability Foundation and is the Founder of GDPRsimple, a SaaS product that helps small and medium sized businesses implement the GDPR, and of Indicium LLC, a privacy and data protection consulting firm. Previously, Ms. Goldstein was the Chief Data Officer for the Center for Urban Science + Progress at New York University, Brooklyn, NY. Prior to joining New York University, Ms. Goldstein was the Chief Privacy Officer and Privacy General Counsel for JPMorgan Chase and the Chief Privacy Officer for Bank One. Also at Bank One, Ms. Goldstein was General Counsel for the credit card company and Head of Litigation. Prior to joining JPMorgan Chase and predecessor entities, Ms. Goldstein was in private practice and clerked for a federal judge. She is a lawyer, a Certified Information Privacy Professional, a Venture Mentor at Arizona State University, and a frequent speaker on privacy topics.
Sarah Knight is Chief Privacy Officer and Lead Counsel for Privacy, Cybersecurity, and Information Governance at Gilead Sciences, Inc. Ms. Knight is an accomplished attorney with over ten years of law firm, government, and corporate experience in the areas of data privacy, information governance, and eDiscovery counseling and litigation, including for the cybersecurity and the intelligence communities.
John Kropf is the Corporate Privacy Executive for Northrop Grumman. Previously, Kropf worked as deputy chief counsel for Privacy and Information Governance for Reed Elsevier. Kropf also served as Deputy Chief Privacy Officer for the U.S. Department of Homeland Security where he worked on several negations with the European Union related to data protection. His other government service includes work as an attorney-advisor for the departments of Justice and State. He has written extensively on global privacy issues including A Guide to U.S. Government Practice on Global Information Sharing, (3rd Ed.). He earned his law degree and Master of Public and International Affairs from the University of Pittsburgh and his undergraduate from Denison University. He is a Board member of International Association of Privacy Professionals and has achieved CIPP/US, CIPP/G and CIPP/E certifications.
Dr. Chris Pahl is a seasoned privacy and compliance program executive with over 20 years of experience in cross-functional leadership, operationalizing privacy compliance, and designing highly effective privacy solutions to complex problems. He has extensive experience in process improvements, organizational operations, and building global privacy teams. He is an adjunct faculty member at three universities, teaching business ethics and business management courses.
Charles Palmer is Distinguished Research Staff Member at IBM Research and Member of the IBM Academy of Technology Leadership Team. He focuses on special projects relating to security & privacy, unique customer challenges, and broad security and privacy issues for IBM. He is also an Adjunct Professor of Computer Science at Dartmouth. Dr. Palmer is a member of various advisory committees in Washington, DC and on the editorial board for IEEE Security & Privacy.
Tom Plofchan is Managing Partner at Pangiam, a public-private partnership technology company. Pangiam facilitates private industry's use of emerging technology to enhance customer experience and safety across a number of homeland security-adjacent industries such as aviation. Prior to Pangiam, Tom served as the Counterterrorism Counselor to the Secretary at the Department of Homeland Security, and as a national security advisor to the Department of Energy's Pacific Northwest National Laboratory. He is currently a Senior Advisor at the Center for Naval Analyses, the Department of the Navy's Federally Funded Research and Development Center.
Chris Teitzel is founder and CEO of Lockr, a security startup focused on providing key management as a service for businesses of all sizes. Dedicated to the principal that best-practice data protection should be affordable and easy for all to use, Lockr is changing the paradigm for how secure systems are built and deployed worldwide. Mr. Teitzel has over a decade of experience leading software development and is an advocate for privacy and encryption on the open web, and in particular the Drupal development community where he works with a team on the encryption ecosystem and create privacy standards for the project. Passionate about web security, privacy and encryption, he regularly speaks around the globe to audiences in terms they can understand, helping to demystify security and make it approachable for everyone regardless of their technical capability.
Surbhi Tugnawat is the Chief Information Security Officer (CISO) for SRI International where she provides tactical oversight for identity management, security operations, and risk management. Ms. Tugnawat applies policies and standards across all technology projects, systems and services and directs and approves the design of security systems to protect against threats and reduce vulnerabilities. She holds both a Master of Business Administration (MBA) and a Master of Computer Management (MCM).
C.M. Toke Vandervoort has enjoyed a distinguished career in the law as a strategic partner advising corporate business operations in the technology, privacy/cyber and data, consumer products, retail, manufacturing and telecom sectors. She has served as the SVP, Deputy General Counsel at Under Armour where she lead a global interdisciplinary team providing Commercial, Digital, Privacy, Litigation, Consumer Protection, Intellectual Property and Employment expertise to advance the mission of UA’s performance sports footwear, apparel and equipment business, as well as its suite of digital health/fitness/wellness mobile apps (MyFitnessPal, MapMyFitness, etc. with nearly 300M accounts worldwide). She led the nascent UA Privacy program to receive international recognition for program innovation and the companies response to a major global data breach in the same year. Prior to that, Ms. Vandervoort served as VP, Asst. General Counsel for technology, privacy/security and the Chief Privacy Officer to a major US telecom/internet solutions company, where she also developed its inaugural privacy program. She has extensive experience in Technology innovation; Privacy program development, compliance and breach response; Litigation, regulatory enforcement and investigations; Consumer protection, marketing/advertising and social media; Intellectual Property portfolio management; Government relations engagement; and Board, Audit Committee and senior executive briefings in these areas. Ms. Vandervoort is also an active member of the Georgetown Cyber Security Law Institute Advisory Board, and Women in Cyber. She has also served as an advisor to the Center for Democracy & Technology; an HHS-initiated steering committee advising on the creation of non-HIPAA health data rules; and as a Co-founder of the Association of Corporate Counsel Data Privacy & Security Forum.
Ron Whitworth is Senior Vice President and Chief Privacy Officer at Truist in Charlotte, N.C. He manages the Enterprise Privacy Office for Truist Financial Corporation, and all of its affiliates and subsidiaries. Ron is a Fellow of Information Privacy (FIP), Certified Information Privacy Manager (CIPM) and Certified Information Privacy Professional for the United States, Canada and Europe (CIPP/US, CIPP/C and CIPP/E), as certified by the International Association of Privacy Professionals (IAPP). Prior to joining SunTrust (now Truist), Ron served as Senior Vice President, Chief Privacy Officer and Associate General Counsel at EverBank in Jacksonville, FL. Earlier in his legal career, Ron was an attorney with Sullivan & Worcester, LLP, counseling clients on a wide variety of state, U.S., and international privacy and data security matters. He was also a member of S&W's Telecommunications Group, and worked closely with its Trademarks, Copyright & Licensing Group on matters involving online businesses. Before joining Sullivan & Worcester, Ron was a member of Commissioner Jonathan Adelstein’s staff at the FCC, and was an Associate with Fletcher, Heald & Hildreth, P.L.C. Ron also spent six years as editor-in-chief of Inside Wisconsin and Badger Nation Magazine and covered University of Wisconsin athletics for the Associated Press. He has appeared on dozens of local and national radio and television programs, including ESPN Radio and Fox Sports Radio. Ron is also a former associate producer for "The George Michael Sports Machine" and the NBC-4 Sports Department in Washington, D.C.