This is a listing of the membership of the DHS Data Privacy and Integrity Advisory Committee.
Sponsor: Sam Kaplan, DHS Chief Privacy Officer
Executive Director: Sandra L. Taylor, Director of Administration, DHS Privacy Office
Biographies of Members
Chair: Lisa J. Sotto, managing partner of Hunton & Williams LLP’s New York office and chair of the firm’s top-ranked Global Privacy and Cybersecurity practice. Ms. Sotto was named among The National Law Journal’s “100 Most Influential Lawyers.” She was voted the world’s leading privacy advisor in all of Computerworld’s annual surveys and is recognized by Chambers and Partners as a “Star” performer for Privacy & Data Security; she is the only privacy lawyer in the U.S. to receive this distinguished ranking. Ms. Sotto also is recognized as a “leading lawyer” for cyber law (including data protection and privacy) by The Legal 500 United States. She was featured as “The Queen of Breach” in an article by New York Super Lawyers Magazine. Ms. Sotto is the editor and lead author of the legal treatise entitled Privacy and Cybersecurity Law Deskbook, published by Aspen Publishers, Wolters Kluwer Law & Business. She is a member of the family of a 9/11 victim.
Jim Adler is managing director and board member of Toyota AI Ventures, and vice president at Toyota Research Institute. He also serves on the Department of Homeland Security Data Privacy and Integrity Advisory Committee. Most recently, Jim was vice president of products and marketing at Metanautix, a big data analytics startup funded by Sequoia Capital and Workday that was acquired by Microsoft. Previously, he was the vice president of data systems and chief privacy officer at Intelius, which was acquired by H.I.G Capital. Intelius also spun-off Talentwise, which was acquired by Sterling Talent Solutions. In addition, he founded VoteHere, a pioneer in cryptographic secure and secret online voting for public elections that was funded by Cisco and HP. Jim started his career as a rocket engineer for Lockheed Martin. He received his bachelor’s degree in electrical engineering with high honors from the University of Florida and a master’s degree in electrical and computer engineering from the University of California, San Diego.
M. Peter Adler is a privacy, cybersecurity privacy and technology attorney. At Accenture LLP, he is currently lead cybersecurity and technology compliance counsel, for global offerings and services. He is also a member of the Board of Directors of Data Guardian Pros where he created the content for the company’s Dental Guardian HIPAA/HITECH compliance portal. Peter attended Georgetown University Law Center, where in 1993 he received his Master of Laws (LL.M.), International Law, with distinction. He received his Juris Doctor (J.D.) from William Mitchell College of Law in 1983 and his Bachelor of Science in Communications (B.S.C.) from Ohio University, Scripps College of Communications in 1978. He is certified as an information privacy professional (CIPP) and he passed the certified information systems security professional (CISSP) examination in 2001.
Sharon A. Anolik, President, Privacy Panacea, San Francisco, CA. Ms. Anolik provides strategic privacy solutions and advisory services to companies. She has served as the Global Privacy Risk and Strategy Leader for a Fortune 15 healthcare company, the Chief Privacy Officer for a public technology company, led privacy and compliance departments for a major healthcare insurer, and served as legal counsel for numerous others where she has led privacy program governance and operations and advised on applications of big data and privacy innovation. Ms. Anolik clerked for the California Supreme Court, was an adjunct professor of Cyberlaw and Privacy at Golden Gate University School of Law, and is a senior technical advisor on privacy issues to the HBO comedy series “Silicon Valley”. Ms. Anolik is a frequent industry speaker, co-inventor of a privacy indicator method patent (pending), and serves on several privacy advisory boards.
Dr. Suzanne Barber is the AT&T Endowed Professor in Engineering and Director of the Center for Identity at The University of Texas at Austin. The Center for Identity (UT CID) is a public-private partnership serving as a center of excellence to advance research and education in identity security and privacy. Dr. Barber also serves as the Program Director of the MS Degree Program in Identity Management and Security offering a multi-disciplinary curriculum scheduled for working professionals. Dr. Barber is the former Director of Software Engineering at The University of Texas.
Allen Brandt is the Executive Director and Chief Privacy Officer at the Depository Trust and Clearing Corporation (DTCC), an organization processing securities and other transactions for the global financial markets. Previously, Mr. Brandt was the Director, Corporate Counsel and the Chief Privacy Official for the Graduate Management Admission Council®. He provided legal guidance and counsel on U.S. and global consumer privacy issues, created the organization’s data protection policies and procedures, and worked with regulators to enable enhanced exam security using new technologies. His experience includes integrating privacy awareness and implementation throughout the organization and has presented privacy programs to the European Commission and European Data Protection Supervisor, as well as to the U.S. Federal Trade Commission, U.S. Department of Commerce, and U.S. Department of State.
Jeffry Brueggeman is Vice President-Global Public Policy for AT&T. He is responsible for developing and advocating AT&T’s global public policy positions on privacy, cybersecurity and Internet policy issues. Mr. Brueggeman represents AT&T in a wide range of legislative, regulatory and policy development proceedings. Prior to assuming his current rule, Mr. Brueggeman was AT&T’s Deputy Chief Privacy Officer. In this role, he helped manage AT&T’s privacy policies and coordinate the implementation of data privacy and security programs across the company. Before joining AT&T, Mr. Brueggeman was an attorney in private practice, specializing in communications law.
Steven Chabinsky is the global chair of White & Case’s international Data, Privacy & Cybersecurity practice. He also is the Cyber Tactics columnist for Security magazine. Prior to joining White & Case, Steven served as General Counsel and Chief Risk Officer for an international cybersecurity technology firm, and was Presidentially appointed to the White House Commission on Enhancing National Cybersecurity. Steven’s prior government service includes his having served as Deputy Assistant Director of the FBI's Cyber Division, after having organized and led the Bureau’s Cyber Intelligence program and after having served as the FBI's top cyber lawyer. Steven also served as the senior cyber advisor to the United States Director of National Intelligence, and was a member of the White House Transition Planning Office to establish DHS.
Mary Dickerson is Assistant Vice President/Assistant Vice-Provost for IT Security and serves as Chief Information Security Officer for the University of Houston and the University of Houston System. As CISO, she is responsible for strategic planning and implementation of information security practices, encompassing a range of activities from compliance to technical forensics. In her role, she also serves the University as a subject matter expert for the media on information security matters. Ms. Dickerson’s previous roles include IT Project Manager responsible for PCI Compliance for the University of Houston System as well as multiple enterprise projects and initiatives. Ms. Dickerson has a Bachelor of Science from Texas A&M University and an MBA from the University of Houston, Bauer College of Business.
Laurie Dzien is the Chief Privacy Officer and Associate General Counsel at the Financial Industry Regulatory Authority, Inc. (FIRNA) where she leads the FINRA corporate privacy program and is responsible to develop and implement corporate strategy relating to safeguarding consumer, constituent and corporate data. Ms. Dzien received her Master of Laws in International Legal Studies from The American University and her Juris Doctorate from The Temple University School of Law.
Melodi (Mel) M. Gates, CIPP/US, Senior Legal Editor, Privacy & Data Security, Thomson Reuters Practical Law, Denver, CO. Ms. Gates develops legal know-how content to help lawyers and others manage privacy and data security risks and navigate related laws and regulations. Previously, she was a senior associate at Squire Patton Boggs (US) LLP, practicing in the areas of cybersecurity, privacy, technology, and administrative law. Prior to practicing law, Ms. Gates worked for over twenty years in technical and leadership roles in telecommunications and cybersecurity, last serving as chief information security officer (CISO) for Qwest Communications International, Inc. (now part of CenturyLink) from 2002-2009.
Lynn Goldstein, Senior Strategist, Information Accountability Foundation, and Founder, Indicium LLC. Previously, Ms. Goldstein was the Chief Data Officer for the Center for Urban Science + Progress at New York University, Brooklyn, NY. Prior to joining New York University, Ms. Goldstein was the Chief Privacy Officer and Privacy General Counsel for JPMorgan Chase and the Chief Privacy Officer for Bank One. Also at Bank One, Ms. Goldstein was General Counsel for the credit card company and Head of Litigation. Prior to joining JPMorgan Chase and predecessor entities, Ms. Goldstein was in private practice and clerked for a federal judge. She is a lawyer, a Certified Information Privacy Professional, and a frequent speaker on privacy topics.
Joanna Lyn Grama is a Senior Consultant at Vantage Technology Consulting Group. Joanna has more than 15 years of experience in higher education with a strong focus in law, IT security policy, compliance, governance, and data privacy. Most recently, Joanna was Director of Cybersecurity and IT Governance, Risk and Compliance programs at EDUCAUSE where she directed programs designed to help improve higher education information security governance, compliance, data protection, and privacy postures. In addition to being a prolific author and frequent public speaker on information security and privacy issues, she is also author of the textbook, Legal Issues in Information Security, 2 ed (2015). Joanna has a law degree from the University of Illinois College of Law, and is a Certified Information Systems Security Professional (CISSP) and Certified Information Privacy Technologist (CIPT).
Robyn Greene is the policy counsel and government affairs lead for New America's Open Technology Institute specializing in issues concerning surveillance and cybersecurity. She helps to research and develop policies to protect individuals' privacy, secure the internet, and fuel the development of and access to emerging technologies. Prior to joining the Open Technology Institute, Robyn worked at the American Civil Liberties Union's Washington Legislative Office, where she worked on legislation and executive branch policies concerning surveillance, cybersecurity, government secrecy, and federal law enforcement oversight for three years. She earned a B.A. in government and politics at the University of Maryland, and a J.D. from Hofstra University School of Law.
Sarah Morrow, Chief Privacy Officer of Texas Health and Human Services. Previously she was the Chief Privacy Officer for The Pennsylvania State University and the University of New Mexico. She has served as a privacy consultant for the Smithsonian Institution and for State Farm Family of Companies as an employee of TEK Systems. Sarah is a Certified Information Privacy Professional, a GIAC Information Security Professional and earned her MBA in Information Security Management.
Dr. Charles Palmer, Distinguished Research Staff Member at IBM Research and Member of the IBM Academy of Technology Leadership Team, focuses on special projects relating to security & privacy, unique customer challenges, and broad security and privacy issues for IBM. He is also an Adjunct Professor of Computer Science at Dartmouth. Dr. Palmer is a member of various advisory committees in Washington, DC and on the editorial board for IEEE Security & Privacy.
Julie Park, Manager, Data Privacy Office, The Church of Jesus Christ of Latter-day Saints, Salt Lake City, UT. Ms. Park manages the global privacy program for the Church and oversees compliance with global data privacy laws and regulations. Ms. Park is also an adjunct instructor at Weber State University, teaching Information Technology for the John B. Goddard School of Business & Economics.
Christopher Pierson, Founder & CEO of Binary Sun Cyber Risk Advisors, provides strategic & operational advice on the intersection of cybersecurity, business, risk and law for companies and boards. He is a globally recognized cybersecurity expert and entrepreneur who holds several cybersecurity, anti-fraud, and technology patents. Dr. Pierson serves on the Department of Homeland Security’s Data Privacy & Integrity Advisory Committee and Cybersecurity Subcommittee and is a Distinguished Fellow of the Ponemon Institute. Previously, Chris was a founding executive of Viewpost, a FinTech payments company, serving as their CSO and General Counsel and was also the first Chief Privacy Officer, SVP for the Royal Bank of Scotland’s (RBS) U.S. banking operations leading its privacy and data protection program. Chris was also a corporate attorney for Lewis and Roca where he established its Cyber Security Practice representing companies on cybersecurity and data breaches. Chris is a graduate of Boston College (B.A., M.A.) and The University of Iowa (Ph.D., J.D.), is a sought after keynote speaker on cybersecurity and privacy, board advisor for startups, and is frequently quoted by the media on these topics.
Tracy Ann Pulito-Michalek, Executive Director, Global Privacy Compliance, JPMorgan Chase & Company, where she is responsible for JP Morgan’s privacy compliance approach and integration on how to protect sensitive and personal data relating to customers, clients, employees, and others. Tracy is responsible for the oversight and controls relating to safeguarding data from a privacy perspective to include developing JP Morgan’s framework for privacy compliance relating to data protection, developing privacy processes and tools, managing project workstreams and personnel (who may be drawn from multiple departments), running project action plans/deliverables, and raising risks to senior leaders.
Peter E. Sand, J.D., FIP, CIP-M/T, CIPP-G/US/E/C, joined MGM Resorts International in May 2014 as the Company's first privacy officer. Prior to MGM, Peter served as the Director of Privacy Technology for the U.S. Department of Homeland Security (DHS) where he started in 2004 and helped create what became the leading privacy office in the federal government. Before DHS, Peter served as Chief Information Officer and Chief Deputy Attorney General for the Pennsylvania Office of Attorney General where he started a new organization that combined operational IT responsibilities with online public protection, education, and criminal law strategy. Peter partners productively with IT and Infosec teams, analytics and data management, teams, as well as legal, compliance, and special technology teams to design pragmatic privacy solutions to the people side of information risk management challenges. After living on the East Coast his entire life, Peter recently moved to Sin City, NV where he enjoys the spectacle of both the Strip and the Red Rock Mountains.
Russell Schrader is General Counsel and Chief Privacy Officer for Commerce Signals Inc., a start-up specializing in permissioned sharing of data in a privacy-centric environment. Based in the Bay Area and Charlotte, Commerce Signals helps marketers make better, faster decisions by linking advertising exposures to payment transaction data in near-real time. Mr. Schrader is the former Senior Vice President and Chief Privacy Officer of Visa Inc. Mr. Schrader was responsible for privacy and data security policies and issues and a principal legal liaison for Visa financial institutions' attorneys on regulatory issues. He has written and taught on data security, privacy, payment card innovation, and electronic commerce issues.
Jeewon Kim Serrato is partner in the San Francisco office and Head of the Data Protection, Privacy and Cybersecurity Practice in the United States at Norton Rose Fulbright US LLP. Ms. Serrato was named a 2017 Cybersecurity & Data Privacy Trailblazer by the National law Journal and recognized as one of the 30 best and brightest data breach response lawyers in Cybersecurity Docket’s “Incident Response 30.” As a member of Norton Rose Fulbright’s global Technology and Innovation and Cyber Risk teams, Jeewon advises companies in all sectors on legal and regulatory compliance, data monetization strategies, new technology implementation, product design, proof of concept, risk mitigation, data breach response, and strategic engagement with key government agencies. Prior to joining the private sector, Ms. Serrato served as the Chief Privacy Officer at Fannie Mae, where she led the organization’s privacy risk assessments, managed its operations from a privacy and cybersecurity perspective, and handled data security incidents. She also served as the lead privacy executive for Reed Elsevier (now RELX Group), a member of the Chief Information Security Officer Group on the Dell Security Solutions Advisory Board and Legislative Counsel in the U.S. House of Representatives.
Robert H. Sloan is Professor and Department Head, Department of Computer Science, University of Illinois at Chicago. Mr. Sloan’s research includes theoretical computer science, artificial intelligence, cryptography, and computer security. In recent years, his primary research has focused on public policy and legal issues in computer security and privacy. He is a member of the Cybersecurity Subcommittee of the Illinois Governor’s Technology Advisory Board. He was a program office for the National Science Foundation for two years in the early 2000s.
C.M. Toke Vandervoort is Vice President, Deputy General Counsel, Under Armour. Ms. Vandervoort has more than 25 years experience providing strategic legal counsel to major U.S. technology companies. At Under Armour, she provides cross-functional leadership and strategic legal advice on critical business initiatives to advance Under Armour's international sports apparel, footwear and equipment business along with its Connected Fitness data and mobile app business (comprised of MyFitnessPal, MapMyFitness, Endomondo and UA Record) with over 215m fitness users worldwide. She leads a broad interdisciplinary team comprised of Commercial and Technology Transactions, Privacy, Patents & Trademarks, Brand Protection, Employment, Consumer Protection, Real Estate and Litigation professionals, with collaborative leadership responsibility for Cyber Security and Incident Response. Prior to joining Under Armour in early 2016, she was the VP & Assistant General Counsel for Technology, Privacy & Security at XO Communications (now a Verizon company) as well as its Chief Privacy Officer, previously held senior legal positions at EDS and MCI, and clerked in US District Court in Colorado. She has served as a member of the DPIAC since 2014 and also co-chairs the ACC NCR Data Privacy & Security Forum.
Marjorie Weinberger joined the Metropolitan Area Planning Council (“MAPC”) in 2017, as the Procurement Services Manager/Senior Counsel. In this position Ms. Weinberger is responsible for the collaborative procurement of goods and services for 101 cities and towns in Massachusetts. Ms. Weinberger procures and contracts for the design and implementation of information technology systems and infrastructure. Ms. Weinberger is responsible to ensure that all MAPC IT contracts are designed to implement best practices to protect personally identifiable information. Prior to her work at MAPC, Ms. Weinberger had been Senior Legal Counsel to the Massachusetts Department of Transportation and the Registry of Motor Vehicles. During her nearly 20 year tenure with the Commonwealth of Massachusetts, Ms. Weinberger was responsible for development and implementation of policies and procedures for protecting personal information held in the State’s database of over six million licensing and registration records. Ms. Weinberger has been a speaker on the need to design information privacy in an era of “Big Data” collection in emerging transportation data systems. This is Ms. Weinberger’s second term as a Member of the DPIAC.
Alexander M. White, Deputy Chief Privacy Officer, South Carolina Department of Administration Enterprise Privacy Office. Mr. White serves as a state subject-matter expert on privacy and data protection, supporting privacy compliance and best practices for SC agencies and entities. He is an attorney licensed in Illinois and the District of Columbia and a member of the International Association of Privacy Professionals' (IAPP) Privacy Bar Section Advisory Board. Prior to joining the State of South Carolina, he worked in the insurance industry in emerging issues, enterprise risk management, regulatory compliance, and product development, including drafting and review of cyber liability forms. He holds a variety of privacy, legal, cybersecurity, and risk management qualifications and is a two-time graduate of the University of Georgia, where he earned a bachelor's degree in history and a Juris Doctor.
Richard Wichmann is the Privacy and Risk Officer for Bupa Global, an International Health Insurer. He is responsible for HIPAA compliance and the development, maintenance and oversight of a geographically-expanding, international privacy program including privacy policies and notices, standardized procedures, information risk training, third-party oversight and privacy & security impact assessments. Rick has over 15 year in privacy and is a Certified Information Privacy Practitioner (CIPP/US), Certified Information Privacy Manager (CIPM) and currently serves as IAPP KnowledgeNet Co-Chair for South Florida. He was formerly Privacy Officer for the Assurant Solutions and Assurant Specialty Property. Insurance Companies.