Skip to main content

Seventeenth Annual Institute on Privacy and Data Security Law

Speaker(s): Adam Kardash, Alan Charles Raul, Alfred J. Saikali, Austin P. Berglas, Ben Beeson, David Glockner, Ewa M. Abrams, H. Leigh Feldman, J. Andrew Heaton, JoAnn Stonier, Joel R. Reidenberg, Kathleen A. McGee, Keith Enright, Kevin D. Leitão, Laura Juanes Micas, Lauren Shy, Lisa J. Sotto, Maneesha Mithal, Margaret A. Keane, Matthew E. Morningstar, Megan L. Brown, Miriam H. Wugmeister, Mitchell S. Bompey, Peter M. Lefkowitz, Phyllis H. Marcus, Teena H. Lee, Zoe Strickland
Recorded on: Jun. 6, 2016
PLI Program #: 148909

Professional Activities:

Ewa Abrams is Vice President - Associate General Counsel & Chief Privacy Officer of Tiffany & Co. Her work at Tiffany spans a wide variety of practice areas including corporate transactional; intellectual property and unfair competition; data privacy and security; internet and technology, advertising and media law; and regulatory and compliance matters. She is lead counsel responsible for the company’s commercial trade and technology agreements and further has responsibility over all aspects of the management of Tiffany’s worldwide intellectual property matters, including licensing, internet-related issues, advertising and social media. In her role as Chief Privacy Officer, she is manages worldwide privacy compliance for the company, including implementing compliance programs and identifying, evaluating and managing risks associated with enterprise data privacy and information management.

Ms. Abrams is an Adjunct Professor at Fordham University Law School, where she teaches a Business Law course / internship practicum.

Board Affiliations / Committees: 

Ms. Abrams served on the Board of Directors of the International Anti-Counterfeiting Coalition (c.2010- 2016) and its Executive Committee (c.2014-2016); the Advisory Board of the Center for Anti- Counterfeiting and Product Protection at Michigan State University (c. 2012-present); the New York City Bar Committee on Trademark Infringement & Unfair Competition (2016); the National Retail Federation Committee on Data Privacy & Cybersecurity (c. 2012-present) and the National Retail Federation / EuroCommerce Joint Task Force on the EU General Data Protection Regulation (2016- present).


Ms. Abrams received her Juris Doctor from Brooklyn Law School in New York (2003) and her Bachelor’s of Arts from Bucknell University in Pennsylvania (cum laude (2000)).

Speaking Engagements:

Ms. Abrams has previously presented on numerous intellectual property rights and data privacy issues for the International Trademark Association, Practicing Law Institute, the New York County Lawyers’ Association, New York City Bar, Federal Bar Association, Association of Corporate Counsel, Benjamin N. Cardozo School of Law, Fordham Law School, as well as other anti-counterfeiting, brand protection and data privacy forums (c.2004-present).

Mitchell Bompey is a Managing Director at Morgan Stanley, heading up the Global Technology, Data Protection and Sourcing legal group.  Mitchell is based in New York and oversees lawyers in New York, London, Hong Kong and Singapore.  The group advises Morgan Stanley on legal issues associated with technology solutions and regulatory matters, privacy, information security, intellectual property, outsourcing regulatory requirements and procurement.  Mitchell joined Morgan Stanley in 2000 as an attorney in the Technology and Intellectual Property legal group.  Previously, Mitchell worked as an associate at the law firms of Weil, Gotshal & Manges and Fish & Neave.  Mitchell earned a Juris Doctor degree, graduating in 1994 from the University of Virginia School of Law, and a B.S. in Mechanical Engineering, graduating in 1989 from Tufts University.

ALAN RAUL is the founder and leader of Sidley's highly ranked Privacy and Cybersecurity practice. He represents companies on federal, state and international privacy and cybersecurity issues, including digital governance, global data protection and compliance programs, data breaches, consumer protection issues and Internet law. Alan advises companies regarding their cybersecurity preparedness and helps them manage data security incidents. His practice involves litigation and counseling regarding consumer class actions and investigations, enforcement actions and policy development by the FTC, State Attorneys General, SEC, Department of Justice, financial regulators, EU Data Protection Authorities, and other government agencies.

He regularly represents leading tech, telecom, media, financial services and other companies with respect to their digital governance, compliance and crisis management. Alan has recently represented a special cybersecurity review committee of the Board of Directors of a major tech company in connection with its independent investigation of the company's handling of significant data breaches.

Alan provides clients with perspective gained from extensive government service. He previously served as Vice Chairman of the White House Privacy and Civil Liberties Oversight Board, General Counsel of the Office of Management and Budget, General Counsel of the U.S. Department of Agriculture, and Associate Counsel to the President.

Alan serves as a member of the Technology Litigation Advisory Committee of the U.S. Chamber Litigation Center (affiliated with the U.S. Chamber of Commerce). He also serves as a member of the American Bar Association's Cybersecurity Legal Task Force by appointment of the ABA President, and as a member of the Practicing Law lnstitute's (PLI) Privacy Law Advisors Group.

Alan is a member of the governing Board of Directors of the Future of Privacy Forum. He is a member of the Center for Democracy and Technology's Advisory Committee. Alan also serves on the Executive Committee of the Federalist Society's Administrative Law Practice Group. Alan is a frequent author and speaker on privacy, cybersecurity and related issues. He is overall editor arid a contributing author of The Privacy, Data Protection and Cybersecurity Law Review (Law Business Research Ltd, 5th ed. 2018).

Alan holds degrees from Harvard College (AB magna cum /aude),  Harvard Kennedy School of Government (MPA), and Yale Law School (JD).  He clerked for Judge Malcolm R. Wilkey of the U.S. Court of Appeals for the D.C. Circuit.

Austin P. Berglas is Senior Managing Director and head of the U.S. Cyber Investigations and Incident Response practice at K2 Intelligence. He brings deep investigative experience in counter intelligence, national security, criminal cyber investigations and incident response to K2 Intelligence.

Before joining K2 Intelligence, Austin served as Assistant Special Agent in Charge (ASAC) of the Federal Bureau of Investigation’s (FBI’s) Cyber Branch in the New York Office (NYO), where he oversaw all national security and criminal cyber investigations in the largest cyber branch in the FBI. Among the high-profile, joint and international operations he managed were the dismantlement of the Blackshades organization and seizures of numerous TOR-based sites, including Silk Road and Silk Road 2.0. Most recently, he led the criminal investigation into the computer network attack against JPMorgan Chase and established the Financial Cyber Crimes Task Force, the FBI’s first joint effort with the New York City Police Department (NYPD) and the Metropolitan Transportation Authority (MTA) to combat cyber threats and high-technology crimes affecting New York City and the nation. Prior to being named ASAC of the NYO’s Cyber Branch, he was designated as an Assistant Inspector, Inspection Division, FBI Headquarters in Washington, D.C.

In May 2013, Austin was named Acting Special Agent in Charge (A/SAC) of the NYO’s Special Operations/Cyber Division, where he led over 400 employees in the largest technical and physical surveillance operation in the FBI, overseeing all investigations in the New York Cyber branch, an office he helped to create in 2009. As A/SAC, he was also responsible for the Special Events and Crisis Management Programs consisting of SWAT, Evidence Response, Underwater Search and Recovery, and Rapid Deployment. While at the FBI he also served as supervisor of the New York Office Computer Crimes Squad/Cyber Crimes Coordinator, where he was responsible for investigations into computer intrusions, intellectual property rights violations, and Internet fraud, extortion and gambling. In addition, he served as the Crimes Against Children Coordinator in the FBI’s NYO, responsible for the coordination and investigation of crimes including international and domestic kidnapping, sex tourism, and the sexual exploitation of children over the Internet.

He has been rewarded for his work, receiving the FBI Director’s Award for Excellence in a Cyber Investigation in 2010 and the Voice for All Children Award presented by the Coalition Against Child Abuse and Neglect in 2006.

Prior to entering the FBI in 1999, Austin was a Captain in the United States Army, serving in various roles as a light cavalry officer and deploying to Haiti in 1995 in support of Operation Uphold Democracy.


He received his B.S. from Dickinson College and has participated in Navigating Strategic Change hosted at the Kellogg School of Management at Northwestern University.

Ben Beeson is Senior Vice President and Leader of the Cybersecurity Practice at Lockton Companies. Based in Washington, DC, he advises organizations on how best to mitigate emerging cyber risks to mission critical assets that align with the business strategy. As insurance continues to take a greater role in a comprehensive enterprise cyber risk management program, Ben also designs and places customized insurance solutions to fit an organization’s specific needs. Ben’s experience ranges from addressing data privacy issues in the utility, financial, healthcare, retail, and hospitality industries to identifying emerging property damage and bodily injury risks from a cyber attack in energy, transportation, and manufacturing.

Prior to moving to Washington DC, Ben was based in Lockton’s London office for seven years, where he cofounded and built one of the leading cybersecurity teams in the industry.

Ben holds a B.A. (Hons) degree in modern languages from the University of Durham, UK, and a certification in cybersecurity strategy from Georgetown University, Washington DC.

Cybersecurity Policy

  • March 2015 - Testified before the Senate Commerce Committee on the evolving cyber insurance marketplace.
  • 2013-2014 - US federal government engagement in creation of NIST Cybersecurity Framework.
  • December 2013 -Lloyd’s of London Roundtable Chair with Department of Homeland Security.


  • Advisory Board Member – American University’s Kogod Cybersecurity Governance Center.
  • Member – BENS, (Business Executives for National Security).

Selected Speaking Engagements

  • April 2015 – “Cyber insurance, the next big thing or the next requirement?” RSA, San Francisco.
  • March 2014 — International Engagement on Cyber, Georgetown University, Institute for Law, Science and Global Security —Panelist —  “Private-Public Partnerships to Protect Critical Infrastructure.”
  • May 2014 — Business Insurance Cyber Risk Summit, Washington, DC—Panelist “Are You Covered?”

Selected Publications

  • March 2015 – Senate Commerce Committee written testimony - Evolving Cyber Insurance Marketplace.
  • January 2015 – “With New Cybersecurity approach can insurers meet demand?” Law360
  • March 2014: “Why Every Board Should Care about Cybersecurity?”Coauthored with General Michael Hayden for Texas ACG Capital Connection

J. Andrew Heaton is a principal in Ernst & Young LLP and serves as Global Lead Counsel – Data Privacy and Security for the global EY organization.  In this role, he leads EY’s global data protection team, serves as global privacy officer for the organization, and advises EY on legal aspects of data protection and information technology worldwide.  Prior to assuming his global responsibilities in 2014, he served in a similar capacity with EY’s practice in the United States, and was also lead counsel for EY’s financial services practice.

Mr. Heaton graduated summa cum laude from Bradley University in Illinois.  He received his law degree with honors from the University of Chicago Law School.  He joined EY in 1994 and was named a principal in 2000.

Mr. Heaton is a Certified Information Privacy Manager, a Certified Information Privacy Professional/US, and a member of the bars of New York, the District of Columbia and Maryland.

JoAnn C. Stonier is EVP/Chief Data Officer for Mastercard.  In this role, she is responsible for enterprise-wide data strategy and management to ensure the organization maximizes the value of its information assets. Ms. Stonier and her team of global professionals identify the opportunities associated with Mastercard’s information assets and assist in the development of the tools, processes, policies and standards necessary to enable their use.

Previously, Ms. Stonier was EVP Chief Information Governance & Privacy Officer for the organization.  In that role she was responsible for worldwide privacy and information governance, leading those teams as well as leading regulatory engagement in this area.  Prior to joining Mastercard in 2008, Ms. Stonier was the Chief Privacy Officer for American Express Company.  She also held various roles of increasing responsibility at American Express, including Chief Operating Officer, American Express Tax & Business Services; Vice President, Acquisition Integration; and Vice President & Assistant to the Chairman.  Ms. Stonier has worked at Waldenbooks, Inc., PepsiCo and started her career as an auditor for PriceWaterhouse Coopers. 

In addition to her work at Mastercard, Ms. Stonier is an adjunct professor at Pratt Institute where she teaches business strategy and international business, in the Design Management Master’s program.

Ms. Stonier received her Juris Doctorate from St. John’s University in Queens, and her Bachelor of Science degree from St. Francis College.  She holds memberships in the Bar of the State of New York and the Bar of the State of New Jersey.  Ms. Stonier has been recognized as a leader in data and privacy by a number of organizations including the Aspen Institute, the United Nations, and the Information Governance Initiative and has served on the board of the International Association of Privacy Professionals, the Center for Information Policy Leadership and the Information Accountability Foundation. She is a well-regarded speaker at industry events and often addresses the need for balancing data innovation and privacy.  JoAnn is based in Purchase, NY.

Kathleen A. McGee is counsel at Lowenstein Sandler, where she is a member of the firm’s Tech Group and White Collar Criminal Defense practice and focuses primarily on regulatory compliance and investigations. 

Kathleen is former Chief of the Bureau of Internet and Technology (BIT) for the New York State Attorney General’s Office, where she directed the enforcement of New York and federal privacy, data security, and consumer protection laws in the online and technology environment. She led groundbreaking investigations into Internet Service Providers in New York state, violations of the Children’s Online Privacy and Protection Act (COPPA), and astroturfing and false endorsements in promotions, as well as a successful litigation against Daily Fantasy Sports. Kathleen’s recent policy work has included developing legislation on data security and the use of software bots in ticket sales.  

Earlier, Kathleen was Director of the Mayor’s Office of Special Enforcement for the City of New York, where she focused on the policy and civil enforcement of quality-of-life issues such as illegal hotels and counterfeit trademark activity. She also developed policy and legislative initiatives for the Criminal Justice Coordinator’s Office. During that time, Kathleen co-developed the New Business Acceleration Team, a multiagency initiative that simplified governmental processes and procedures for new businesses and streamlined new business openings. 

Kathleen served for over six years as a prosecutor of sex crimes, child abuse, and domestic violence for the Bronx County District Attorney’s Office. She was also a co-developer and program coordinator of the Chicago Public Housing Recycling Buy-Back Program, an economic-environmental initiative she launched as an AmeriCorps VISTA in the 1990s. 

Kathleen regularly presents on issues of data security, privacy, consumer protection, and investigations. She is a graduate of Boston University School of Law, the University of Chicago, and Sarah Lawrence College.

Kevin Leitão is a seasoned attorney and business executive with more than 15 years of in-house counsel and compliance leadership experience. He has developed and led risk-based compliance, security, privacy, vendor management and BSA/AML programs at several companies, including GE Capital (Consumer Finance and Commercial Finance), Merrill Lynch, TIAA-CREF and Softcard. Since joining Ballard Spahr in 2015, Mr. Leitão has advised clients in a range of industries on digital commerce, data security, privacy, risk management/governance, BSA/AML matters and compliance program development.

Mr. Leitão’s risk assessment and risk management work includes participating in enterprise risk management program development, developing and serving on risk governance committees, selecting and implementing “governance, risk and control” tools and supporting initiatives to foster convergence among control group activities, including compliance, internal audit, information security and operational risk management. He is also a Six Sigma Green Belt.

Kevin began his legal career as a corporate and regulatory lawyer at LeBouef, Lamb, Leiby & MacRae in New York. He is a graduate of Yale Law School, Cambridge University (which he attended as a Marshall Scholar) and Brown University.

Matthew E. Morningstar is an Executive Director and Counsel in Morgan Stanley's US Litigation Department, where he is responsible for managing complex litigation and regulatory matters across the Firm.  His practice focuses on a variety of areas, including securities litigation, credit crisis litigation arising out of the Firm’s structured product businesses, municipal securities litigation and regulatory matters and intellectual property disputes.  Prior to joining Morgan Stanley in 2005, Matthew was an Associate in the Litigation Department in the New York office of Mayer Brown.

Matthew is a member of the Board of Directors of the National Association of Minority and Women Owned Lawyers (NAMWOLF), and the co-chair of NAMWOLF’s Advisory Council, the corporate counsel advisory board.  Matthew is also the Chair of the Supplier Diversity Sub-Committee of Morgan Stanley’s Legal and Compliance Division Diversity and Inclusion Committee.

Matthew was honored to receive the 2013 National LGBT Bar Association Out & Proud Corporate Counsel Award in New York.  Matthew was commended for his commitment to diversity in the profession, particularly his visibility as an out senior lawyer and his work concerning expanded use of minority and women-owned law firms.

Matthew also served as Vice-Chair of the Gay Men’s Health Crisis (GMHC) Board of Directors, where he was also Co-Chair of the Governance Committee.  Matthew is also the past Co-chair of the New York Democratic Lawyers Council, New York's only year-round voting rights and election protection organization.  Matthew was honored to serve on the Democratic National Committee’s Platform Committee in 2008, which called for a fully-inclusive non-discrimination act as well as an end to the discriminatory Don’t Ask Don’t Tell policy.

Matthew is a 1997 graduate of Columbia, and a 2001 graduate of Cornell Law School, where he served as Chancellor of the Moot Court Board.

Peter Lefkowitz is Chief Privacy & Digital Risk Officer at Citrix Systems.  Peter oversees legal and regulatory risk associated with data, products and systems, as well as policy engagement on digital issues.  Prior to joining Citrix, Peter worked at GE, where he served as Chief Privacy Officer (Corporate) and then as Senior Data Rights Management Counsel (Digital) and at Oracle, where he was Vice President of Privacy and Security Legal and Chief Privacy Officer.  Peter is Chairman of the Board of the International Association of Privacy Professionals and a member of the Boston Bar Association Council.  Peter holds a Bachelor of Arts in History, magna cum laude, from Yale College and a law degree from Harvard Law School.

Teena Lee is the Vice President & Associate General Counsel, Privacy, for News Corporation, where she is responsible for data privacy globally for News Corp.  She manages News Corp’s corporate data privacy accountability program, and oversees the data privacy management programs of the various business units under the News Corp umbrella of companies.  Ms. Lee previously held a similar position at The Estee Lauder Companies Inc. as the former Vice President, Privacy and Ecommerce Counsel, and was responsible for the management of the global data privacy program, as well as serving dedicated attorney roles to Estee Lauder’s ecommerce and social/digital media advertising divisions.

Prior to Estee Lauder, Teena was a senior associate at the law firm, Davis Wright Tremaine LLP.  Teena is a graduate of the New York University School of Law.

Few lawyers in the world have Miriam Wugmeister's breadth and understanding of privacy and data security laws, obligations, and practices. In the words of her clients, she is “extremely practical and phenomenally smart. Just about one of the best privacy advisers there is” (Chambers USA). Co-chair of Morrison & Foerster’s market-leading Global Privacy and Data Security Group and ranked among the top in the profession by all major directories, Ms. Wugmeister is regularly called upon by some of the world’s largest and most complex multinational organizations to confront their most difficult U.S. and international privacy challenges. “Tremendous at helping you come up with practical solutions to real problems” (Chambers USA), she develops cutting-edge solutions for clients that marry legal compliance with business realities.

Having helped hundreds of clients respond to data security incidents, Ms. Wugmeister has worked on several of the most noteworthy and largest data security incidents over the past few years. She has been praised as “clearly operating at the top of her profession; distinguished by her passion, ability to relate to clients, and practical business-minded advice” by Legal 500, which recently named Morrison & Foerster as the 2015 Cyber Crime Firm of the Year. Ms. Wugmeister also works with dozens of companies to develop comprehensive customized incident response plans, training staff, conducting extensive table top exercises, and addressing key issues with Boards of Directors and executive management.

Ms. Wugmeister advises organizations on the planning and execution of complex global compliance efforts, assists in the negotiation of strategic deals, and defends regulatory and litigation matters relating to privacy and data security in the U.S. and internationally. She serves as an arbitrator for the EU-US Privacy Shield Framework Binding Arbitration Program. Ms. Wugmeister regularly advises on data security breach issues; the global collection, use, sharing of employee, customer, vendor, and consumer personal information; ediscovery and monitoring conflicts; social media issues; and cloud computing deals, as well as on developing data security policies and procedures and cybersecurity preparedness and response plans. She also counsels clients on cutting-edge consumer privacy issues surrounding emerging technologies such as the Internet of Things (IoT), telematics, and big data.

As leader of the Global Privacy Alliance (GPA), Ms. Wugmeister encourages the rational development of privacy laws around the world and monitors privacy practices, laws, and regulations globally. On behalf of the GPA’s members, she takes an active role in anticipating upcoming privacy legislation and educating regulators on the commercial implications of proposed regulations. Ms. Wugmeister developed the firm’s Privacy Library and the MoFoNotes subscription database so that organizations can keep apprised of privacy and data security compliance requirements in jurisdictions around the world. She is also co-editor of Global Employee Privacy and Data Security Law, Second Edition (BNA Books, 2011).

Chambers USA and Chambers Global recommend Ms. Wugmeister in the top tier of privacy and data security lawyers worldwide, and Legal 500 US recognizes her as a leading lawyer for her “professionalism and strong international presence.” For her work in data protection and privacy, Ms. Wugmeister is an inaugural inductee into the 2017 Legal 500 Hall of Fame, which is comprised of outstanding U.S. lawyers who have been recommended as Legal 500 “Leading Lawyers” for the last six consecutive years. In 2016, she was named one of Financial Times’ “Top 10 Innovative Lawyers in North America” and a National Law Journal “Cybersecurity and Data Privacy Trailblazer” for her cutting-edge work in this space.  Ms. Wugmeister was previously designated an Ethisphere “Attorney Who Matters,” and a BTI Client Service All-Star, and has been featured in Best Lawyers in America every year since 2008.

Leigh is currently the Head of Privacy and Information Compliance and the Global Chief Privacy Officer within the Corporate Compliance Group at Citi.  In this role, Leigh leads several related functions that touch on the collection, maintenance, use, sharing and disposition of information, including the Chief Privacy Office, Records Management, Compliance Data Governance and compliance coverage for Information Security, Enterprise Operations and Technology, Export Licensing and Citi Security and Investigative Services.

Prior to joining Citi, Leigh was the Chief Privacy Officer at American Express responsible for leading the Global Privacy Team and the Global Privacy Program across the Company.  Prior to that, Leigh spent four years as the Senior Privacy Executive at Bank of America, where he managed the Privacy, Information and Data Compliance team, and ten years at Merrill Lynch, where he was Chief Privacy Counsel and led the Technology, Privacy and Information Law team.  Prior to joining Merrill Lynch, Leigh worked in private practice in New York specializing in Internet, e-commerce and corporate law. 

Leigh received his law degree from Georgetown University and his undergraduate degree from the State University of New York at Binghamton.  In addition to being a lawyer, Leigh is certified by the International Association of Privacy Professionals as a Certified Information Privacy Manager.

Named among The National Law Journal’s “100 Most Influential Lawyers,” Lisa Sotto chairs Hunton Andrews Kurth’s top-ranked Global Privacy and Cybersecurity practice and is the managing partner of the firm’s New York office.  She also serves on the firm’s Executive Committee.  Lisa has received widespread recognition for her work in the areas of privacy and cybersecurity.  She was voted the world’s leading privacy advisor in all surveys by Computerworld magazine and has received top rankings for privacy and data security by Chambers and Partners and The Legal 500.  Lisa serves as the Chairperson of the Department of Homeland Security’s Data Privacy and Integrity Advisory Committee. 

Featured as “The Queen of Breach” in an article by New York Super Lawyers Magazine, Lisa provides extensive advice on cybersecurity risks, incidents and policy issues, including proactive cyber incident readiness.  Since 2005, she has advised clients on more than 1,600 cybersecurity and data breach incidents in the U.S. and abroad, including many of the seminal events.  Lisa is the editor and lead author of the legal treatise entitled Privacy and Cybersecurity Law Deskbook, published by Aspen Publishers, Wolters Kluwer Law & Business. 

Lisa assists clients in identifying, evaluating and managing risks associated with privacy and data security practices.  She advises clients on GLB, HIPAA, COPPA, CAN-SPAM, FCRA, VPPA, security breach notification laws, and other U.S. state and federal privacy and data security requirements (including HR rules), and global data protection laws (including those in the EU, Asia and Latin America).  More recently, Lisa’s work includes assisting dozens of clients in developing strategies for complying with the California Consumer Privacy Act of 2018.

Lisa is chair of the New York Privacy Officers’ Forum and a former member of the Board of Directors of IAPP.  She received her J.D. from the University of Pennsylvania Law School, where she was an editor of the Law Review.  She received her B.A. from Cornell University, with Distinction in All Subjects.  Lisa is admitted to practice in New York.


Phyllis is counsel to Hunton & Williams LLP’s global competition team and has a unique combination of experience in advertising enforcement and privacy law. Her practice focuses on advertising, marketing and consumer protection issues. She also counsels clients on compliance with the Children’s Online Privacy Protection Act (COPPA) Rule and managing related enforcement actions. Phyllis joined Hunton & Williams LLP from the Federal Trade Commission (FTC), where she held numerous leadership positions during her longstanding tenure, handling both advertising and marketing issues, and privacy matters (with a focus on children’s privacy).

With at the FTC, Phyllis served as the Chief of Staff of the Bureau of Consumer Protection’s Division of Advertising Practices. In that role, she oversaw the FTC’s advertising workload, handled congressional matters, wrote high profile speeches and testimony regarding FTC advertising initiatives, and led several FTC investigations involving deceptive health claims, endorsements and disclosures. Phyllis also was awarded the Official Commendation for Distinguished Service by the Chairwoman of the FTC in October 2015.

From 2006 to 2013, Phyllis led the FTC’s children’s online privacy program. In this capacity, Phyllis was responsible for bringing a host of civil penalty actions enforcing the COPPA Rule, including the first $1 million COPPA civil penalty and a subsequent record-setting $3 million penalty. Phyllis also led the 2010-2012 team responsible for overhauling the COPPA Rule, and has a keen understanding of the complexities of the revised regulations.

Phyllis has been interviewed by a number of media outlets, including The New York Times, The Washington Post and NPR Marketplace. She is frequently sought after to speak on consumer protection issues, such as protecting children online, the COPPA Rule and other FTC advertising initiatives and enforcement actions.

Phyllis was a law clerk to Judge John C. Eldridge of the Maryland Court of Appeals. She is admitted to practice in the District of Columbia. She received her JD from University of Michigan Law School, cum laude, and her BA from the University of Pennsylvania, magna cum laude.

Al Saikali is a Chambers-ranked lawyer specializing in privacy and data security law.  He represents companies in minimizing the risks associated with the collection, use, storage, and security of personal information.  In addition to chairing Shook, Hardy & Bacon’s Privacy and Data Security practice, he founded and chairs the Sedona Conference’s Working Group on Privacy and Data Security, and co-chairs the American Bar Association’s Cybersecurity Law Institute.  He has won the Lexology Client Choice award in technology law the last two years in a row and was named a “Trailblazer in Cybersecurity” by the National Law Journal in 2015.  In his spare time, Al is an Adjunct Professor at Saint Thomas University where he teaches Cybersecurity Law, and he maintains a blog (Data Security Law Journal) where he writes about emerging trends and issues in privacy and data security law.  Al has been quoted by the Wall Street Journal, Bloomberg BusinessWeek, and Law360 for his thoughts on privacy and data security legal trends. 

Keith Enright serves as Google’s Chief Privacy Officer and leads the global privacy legal team. He joined Google in March 2011.  He has nearly 20 years of experience in creating and implementing programs for privacy, data stewardship, and information risk management.

Prior to joining Google, Keith served as the senior-most privacy executive at two Fortune 500 online and offline retail enterprises, as senior consultant for a leading global consulting practice, and as General Counsel for a successful advertising technology company.

Keith served a 5-year term on the Board of Directors of the International Association of Privacy Professionals. He has been a guest speaker at Harvard Law School, Stanford Law School, and the Massachusetts Institute of Technology, and is frequently a featured speaker at industry events focusing on technology, privacy and data protection. He is a member of the Maryland Bar and holds the Certified Information Privacy Professional, U.S., and Government (CIPP/US, CIPP/G) certifications.

Laura Juanes Micas is a multilingual law, policy and privacy expert in the technology industry. She currently serves as Global Director of Privacy Policy Engagement at Facebook Inc. 

Laura is a Spanish qualified lawyer, based in the United States, with more than fifteen years of professional experience in technology and media companies. In her role at Facebook, she leads a global team that regularly engages with regulators, policymakers, experts and advocates in order to inform on key privacy issues that impact how individuals use or relate to Facebook’s technology daily. Prior to joining Facebook, she served as an Assistant General Counsel, Privacy & Human Rights, at Yahoo Inc., where she led the legal and public policy team’s efforts on global privacy matters and the company’s Business and Human Rights Program.

Before assuming her AGC role at Yahoo, Laura held various positions, including as General Counsel at Yahoo Spain and as Director of Product Compliance and Law Enforcement response for the Americas. Laura is a law graduate of the Universidad Auto´noma de Madrid, where she worked as a lawyer before joining Yahoo.

Laura holds U.S. and EU Certifications for International Privacy Professionals (CIPP). She serves on the Advisory Board of the Information Accountability Foundation and chairs the Latin America chapter of the Centre for Information Policy Leadership. She is a mentor of startups and entrepreneurs in South Florida and Latin America and a proud Board and founder Member of Woman in Tech Miami Council, with a mission to connect and empower women with diverse technological backgrounds.

Zoe Strickland is the newly appointed VP, Global Privacy & US Commercial Compliance head for Cigna health and life insurance. She most recently served as the Managing Director, Global Chief Privacy Officer, for JPMorgan Chase, where she was responsible for domestic and global privacy compliance at the company enterprise level, including its privacy policies, procedures, governance, strategy, training, and administration. Previously, Zoe served as the VP, Chief Privacy Officer for UnitedHealth Group and for Walmart Stores Inc. 

Zoe is an active participant in the privacy community.  She serves on the Advisory Board of the Future of Privacy Forum and several other cross-industry organizations. She previously served on the Board of Directors for the International Association of Privacy Professionals (IAPP). Zoe is a frequent speaker at industry conferences and events, has testified before subcommittees of the House Energy and Commerce Committee, and has been quoted in national and trade media sources, including USA Today, the New York Times, and National Public Radio.

David Glockner is the Chief Compliance Officer for Citadel, a global hedge fund based in Chicago. From 2013-2017 he served as Regional Director of the SEC’s Chicago Regional Office, overseeing the SEC’s examination and enforcement work in nine Midwestern states. While at the SEC he also served as co-chair of the SEC’s Cybersecurity Working Group and was a leader in the SEC’s efforts to expand its use of data analytics in examination and enforcement work. Prior to joining the SEC, he was a managing director at a global digital risk management firm. He spent nearly 25 years as a prosecutor in the United States Attorney’s Office in Chicago, including 11 years as chief of the office’s criminal division, where he was involved in numerous high-profile matters involving public corruption, financial fraud, and national security. He is an adjunct professor at the University of Illinois College of Law, where he teaches a class on cybersecurity and the legal system.

Joel R. Reidenberg is the Stanley D. and Nikki Waxberg Chair and Professor of Law at Fordham University where he directs the Center on Law and Information Policy.   He was the inaugural Microsoft Visiting Professor of Information Technology Policy at Princeton teaching in the computer science department and more recently a visiting lecturer teaching cybersecurity policy at Princeton's Woodrow Wilson School.  Reidenberg has also previously taught at the Universite de Paris-Sorbonne and the Institut d'etudes Politques de Paris.   Reidenberg publishes regularly on both information privacy and on information technology law and policy.  He is a member of the American Law Institute and an Advisor to the ALI’s Principles of Law of Data Privacy project.  Reidenberg has served as an expert adviser to the U.S. Congress, the Federal Trade Commission, the European Commission and the World Intellectual Property Organization. At Fordham, Reidenberg previously served as the University’s Associate Vice President for Academic Affairs and, prior to his academic career, he was an associate at the law firm Debevoise & Plimpton.  Reidenberg is a graduate of Dartmouth College, earned a J.D. from Columbia University and a Ph.D. in law from the Université de Paris –Sorbonne.  He is admitted to the Bars of New York and the District of Columbia.

Lauren Shy is Chief Privacy Officer and Senior Legal Director at PepsiCo, Inc.  PepsiCo is one of the world’s leading food and beverage companies with a global portfolio of diverse and beloved brands. PepsiCo’s products are sold in more than 200 countries and territories around the world. Lauren has been in this role since August 2014 and with PepsiCo since February 2012. She is based in PepsiCo’s Purchase, NY headquarters.

A frequent speaker on privacy and legal ethics, Lauren is a Certified Information Privacy Manager (CIPM), a Certified Information Privacy Professional (CIPP/US), and a Certified Compliance and Ethics Professional (CCEP). She is a member of the International Association of Privacy Professionals’ (IAPP) Women Leading Privacy Advisory Board and the Corporate Executive Board’s (CEB) Data Privacy Leadership Council. Lauren is a past member of the NYC Bar Association’s Committees on Information Technology Law (2004-2007); Consumer Affairs (2007-2010); and Professional Responsibility (2011-2014).

Prior to joining PepsiCo, Lauren was the Assistant (Deputy) General Counsel at a global immigration law firm where she handled a range of corporate matters including data privacy.

Lauren graduated from the University of Michigan in Ann Arbor, Michigan and Case Western Reserve University School of Law in Cleveland, Ohio. She is licensed in New York.

Maneesha Mithal is the Associate Director of the Federal Trade Commission’s Division of Privacy and Identity Protection, which focuses on consumer privacy, data security, and credit reporting issues.  In this capacity, she has managed significant initiatives, including reports on Big Data, the data broker industry, the Internet of Things, consumer privacy, facial recognition, and mobile privacy disclosures.  She has testified before Congress on data security, connected cars, facial recognition, and identity theft.  She has also supervised Commission investigations that resulted in consent orders, including against companies such as Wyndham, Google, Facebook, Twitter, Lifelock, HTC, Snapchat, Uber, and Lenovo.  She has held numerous positions at the Commission, including Chief of Staff of the Bureau of Consumer Protection, and Assistant Director of the International Division of Consumer Protection.  Prior to joining the Commission in 1999, Ms. Mithal was an attorney at the Washington law firm of Covington & Burling.  Ms. Mithal earned her law degree from the Georgetown University Law Center and her undergraduate degree from Georgetown University.

Margaret Keane is a Partner in the employment group at the international firm of DLA Piper LLP.  She is based in San Francisco and works with clients to address the challenges of today’s workplace, including workplace privacy, employee mobility issues, mobile devices, wage and hour compliance, and related workplace issues.  

Megan Brown is a partner in the Litigation, Appellate, and Telecom, Media and Technology practices at Wiley Rein in Washington DC.  She leads the firm’s cyber security and data security practices, working for companies and associations on security and privacy, wireless, mobile devices, and encryption.  Recent work has involved the FCC privacy initiatives, helping develop the NIST Cybersecurity Framework, the Internet of Things, and Internet and mobile security.  She represents clients before various government agencies including the FCC, FTC, DOJ, and NIST, to name a few.  She also assists in analyzing federal efforts to enhance national cybersecurity capabilities under the NIST Framework.  Megan also works with the Wiretap Act and Stored Communications Act.  Megan helps clients navigate complex regulatory proceedings and manage state regulation that interferes with national business planning.   This includes litigating challenges to law and regulation, particularly state and local laws that regulate technology and innovation.  Megan files amicus briefs on the First Amendment and other issues in the Supreme Court.   She was named a “Rising Star” for technology law in 2014.  Megan received her law degree from Harvard Law School, and clerked the Honorable E. Grady Jolly on the United States Court of Appeals for the Fifth Circuit.  She served in the Department of Justice as Counsel to United States Attorneys General Michael B. Mukasey and Alberto Gonzales.  Megan is on the Board of the Women’s High Tech Coalition, and serves an appointee of Maryland Governor Hogan on judicial selection for Maryland Trial Courts.

Adam is an acknowledged Canadian legal industry leader in privacy and data management. He leads the Osler’s national Privacy and Data Management practice. Adam has been lead counsel on many of the most significant privacy matters in Canada. He advises Fortune 500 clients in their business critical data-protection issues, compliance initiatives and data governance. He regularly represents clients on regulatory investigations and security breaches, and has acted on many of the largest Canadian security incidents to date.  Adam is Special Counsel to the Interactive Advertising Bureau of Canada and counsel to the Digital Advertising Alliance of Canada.