Skip to main content

Nineteenth Annual Institute on Privacy and Data Security Law


Speaker(s): Abigail M. Lyle, Alan Charles Raul, Alfred J. Saikali, Bojana Bellamy, Chandra B. McMahon, Chris Nims, Darlene Cedres, Eric M. Friedberg, Ian C. Ballon, J. Andrew Heaton, Joanna Fine, John C. Cleary, Kumneger Emiru, Laura Juanes Micas, Lisa J. Sotto, Maneesha Mithal, Margaret A. Keane, Matthew D. Lawless, Matthew W. Van Hise, Mihir Kshirsagar, Mike Dvilyanski, Miriam H. Wugmeister, Peter M. Lefkowitz, Robert J. Jones, Zoe Strickland
Recorded on: May. 29, 2018
PLI Program #: 219185

John Cleary’s practice focuses on serving the Technology Transaction and Data Privacy needs of U.S. companies, with an emphasis on data security incidents and other cyber controversies.

John also brings his dispute resolution skills to bear on problems faced by clients across an array of litigation and pre-litigation settings, principally in the areas of intellectual property, cybersecurity, insurance, banking and maritime law.  John previously served for several years as an Assistant U.S. Attorney in Washington, D.C., representing U.S. government agencies and officials in a range of constitutional and other federal sector issues.
 
Memberships
  • New York Intellectual Property Law Association
  • Maritime Law Association of the United States
  • Amicus Brief Committee, Member 
  • Committee on Cybersecurity, 2015 - present

  • Vice Chair


ALAN RAUL is the founder and leader of Sidley's highly ranked Privacy and Cybersecurity practice. He represents companies on federal, state and international privacy and cybersecurity issues, including digital governance, global data protection and compliance programs, data breaches, consumer protection issues and Internet law. Alan advises companies regarding their cybersecurity preparedness and helps them manage data security incidents. His practice involves litigation and counseling regarding consumer class actions and investigations, enforcement actions and policy development by the FTC, State Attorneys General, SEC, Department of Justice, financial regulators, EU Data Protection Authorities, and other government agencies.

He regularly represents leading tech, telecom, media, financial services and other companies with respect to their digital governance, compliance and crisis management. Alan has recently represented a special cybersecurity review committee of the Board of Directors of a major tech company in connection with its independent investigation of the company's handling of significant data breaches.

Alan provides clients with perspective gained from extensive government service. He previously served as Vice Chairman of the White House Privacy and Civil Liberties Oversight Board, General Counsel of the Office of Management and Budget, General Counsel of the U.S. Department of Agriculture, and Associate Counsel to the President.

Alan serves as a member of the Technology Litigation Advisory Committee of the U.S. Chamber Litigation Center (affiliated with the U.S. Chamber of Commerce). He also serves as a member of the American Bar Association's Cybersecurity Legal Task Force by appointment of the ABA President, and as a member of the Practicing Law lnstitute's (PLI) Privacy Law Advisors Group.

Alan is a member of the governing Board of Directors of the Future of Privacy Forum. He is a member of the Center for Democracy and Technology's Advisory Committee. Alan also serves on the Executive Committee of the Federalist Society's Administrative Law Practice Group. Alan is a frequent author and speaker on privacy, cybersecurity and related issues. He is overall editor arid a contributing author of The Privacy, Data Protection and Cybersecurity Law Review (Law Business Research Ltd, 5th ed. 2018).

Alan holds degrees from Harvard College (AB magna cum /aude),  Harvard Kennedy School of Government (MPA), and Yale Law School (JD).  He clerked for Judge Malcolm R. Wilkey of the U.S. Court of Appeals for the D.C. Circuit.


J. Andrew Heaton is a principal in Ernst & Young LLP and serves as Global Lead Counsel – Data Privacy and Security for the global EY organization.  In this role, he leads EY’s global data protection team, serves as global privacy officer for the organization, and advises EY on legal aspects of data protection and information technology worldwide.  Prior to assuming his global responsibilities in 2014, he served in a similar capacity with EY’s practice in the United States, and was also lead counsel for EY’s financial services practice.

Mr. Heaton graduated summa cum laude from Bradley University in Illinois.  He received his law degree with honors from the University of Chicago Law School.  He joined EY in 1994 and was named a principal in 2000.

Mr. Heaton is a Certified Information Privacy Manager, a Certified Information Privacy Professional/US, and a member of the bars of New York, the District of Columbia and Maryland.


Peter Lefkowitz is Chief Privacy & Digital Risk Officer at Citrix Systems.  Peter oversees legal and regulatory risk associated with data, products and systems, as well as policy engagement on digital issues.  Prior to joining Citrix, Peter worked at GE, where he served as Chief Privacy Officer (Corporate) and then as Senior Data Rights Management Counsel (Digital) and at Oracle, where he was Vice President of Privacy and Security Legal and Chief Privacy Officer.  Peter is Chairman of the Board of the International Association of Privacy Professionals and a member of the Boston Bar Association Council.  Peter holds a Bachelor of Arts in History, magna cum laude, from Yale College and a law degree from Harvard Law School.


Robert J. Jones is the Global Head of Financial Lines, Specialty Claims, at AIG.  Robert is responsible for claims within the Cyber, Media, Technology, Fidelity and Kidnap & Ransom lines of business.  Robert has developed Financial Lines expertise through a variety of technical and managerial roles in Claims, Reinsurance and Underwriting.  Robert began his career at The Travelers in 1989 and joined AIG in 1992.  Robert received a B.S. from the State University of New York at Binghamton.


Few lawyers in the world have Miriam Wugmeister's breadth and understanding of privacy and data security laws, obligations, and practices. In the words of her clients, she is “extremely practical and phenomenally smart. Just about one of the best privacy advisers there is” (Chambers USA). Co-chair of Morrison & Foerster’s market-leading Global Privacy and Data Security Group and ranked among the top in the profession by all major directories, Ms. Wugmeister is regularly called upon by some of the world’s largest and most complex multinational organizations to confront their most difficult U.S. and international privacy challenges. “Tremendous at helping you come up with practical solutions to real problems” (Chambers USA), she develops cutting-edge solutions for clients that marry legal compliance with business realities.

Having helped hundreds of clients respond to data security incidents, Ms. Wugmeister has worked on several of the most noteworthy and largest data security incidents over the past few years. She has been praised as “clearly operating at the top of her profession; distinguished by her passion, ability to relate to clients, and practical business-minded advice” by Legal 500, which recently named Morrison & Foerster as the 2015 Cyber Crime Firm of the Year. Ms. Wugmeister also works with dozens of companies to develop comprehensive customized incident response plans, training staff, conducting extensive table top exercises, and addressing key issues with Boards of Directors and executive management.

Ms. Wugmeister advises organizations on the planning and execution of complex global compliance efforts, assists in the negotiation of strategic deals, and defends regulatory and litigation matters relating to privacy and data security in the U.S. and internationally. She serves as an arbitrator for the EU-US Privacy Shield Framework Binding Arbitration Program. Ms. Wugmeister regularly advises on data security breach issues; the global collection, use, sharing of employee, customer, vendor, and consumer personal information; ediscovery and monitoring conflicts; social media issues; and cloud computing deals, as well as on developing data security policies and procedures and cybersecurity preparedness and response plans. She also counsels clients on cutting-edge consumer privacy issues surrounding emerging technologies such as the Internet of Things (IoT), telematics, and big data.

As leader of the Global Privacy Alliance (GPA), Ms. Wugmeister encourages the rational development of privacy laws around the world and monitors privacy practices, laws, and regulations globally. On behalf of the GPA’s members, she takes an active role in anticipating upcoming privacy legislation and educating regulators on the commercial implications of proposed regulations. Ms. Wugmeister developed the firm’s Privacy Library and the MoFoNotes subscription database so that organizations can keep apprised of privacy and data security compliance requirements in jurisdictions around the world. She is also co-editor of Global Employee Privacy and Data Security Law, Second Edition (BNA Books, 2011).

Chambers USA and Chambers Global recommend Ms. Wugmeister in the top tier of privacy and data security lawyers worldwide, and Legal 500 US recognizes her as a leading lawyer for her “professionalism and strong international presence.” For her work in data protection and privacy, Ms. Wugmeister is an inaugural inductee into the 2017 Legal 500 Hall of Fame, which is comprised of outstanding U.S. lawyers who have been recommended as Legal 500 “Leading Lawyers” for the last six consecutive years. In 2016, she was named one of Financial Times’ “Top 10 Innovative Lawyers in North America” and a National Law Journal “Cybersecurity and Data Privacy Trailblazer” for her cutting-edge work in this space.  Ms. Wugmeister was previously designated an Ethisphere “Attorney Who Matters,” and a BTI Client Service All-Star, and has been featured in Best Lawyers in America every year since 2008.


Ian C. Ballon is Co-Chair of Greenberg Traurig LLP’s Global Intellectual Property & Technology Practice Group and represents internet, mobile, entertainment and technology companies in defending data privacy, security breach and TCPA class action suits and in other intellectual property and technology litigation. A list of recent cases may be found at http://www.gtlaw.com/Ian-C-Ballon-experience.

He is also the author of the leading treatise on internet and mobile law, E-Commerce and Internet Law: Treatise with Forms 2d edition, the 5-volume set published by West (www.IanBallon.net), which includes extensive coverage of security breach and data privacy issues. In addition, he is the author of The Complete CAN-SPAM Act Handbook (West 2008) and The Complete State Security Breach Notification Compliance Handbook (West 2009). He also serves as Executive Director of Stanford University Law School’s Center for E-Commerce, which hosts the annual Best Practices Conference where lawyers, scholars and judges are regularly featured and interact.

Ian was named the Lawyer of the Year for Information Technology Law in the 2019, 2018, 2016 and 2013 editions of Best Lawyers in America and was recognized as the 2012 New Media Lawyer of the Year by the Century City Bar Association. In both 2018 and 2019 he was recognized as one of the Top 1,000 trademark attorneys in the world for his litigation practice by World Trademark Review. In addition, in 2019 he was named one of the top 20 Cybersecurity lawyers in California and in 2018 one of the Top Cybersecurity/Artificial Intelligence lawyers in California by the Los Angeles and San Francisco Daily Journal. He received the “Trailblazer” Award, Intellectual Property, 2017 from The National Law Journal and he has been recognized as a “Groundbreaker” in The Recorder’s 2017 Litigation Departments of the Year Awards. In 2010, he was the recipient of the California State Bar Intellectual Property Law section's Vanguard Award for significant contributions to the development of intellectual property law (http://ipsection.calbar.ca.gov/IntellectualPropertyLaw/IPVanguardAwards.aspx).

Mr. Ballon was listed in Variety's "Legal Impact Report: 50 Game-Changing Attorneys" and has been named by the LA Daily Journal as one of the Top 75 intellectual property litigators in California in every year that the list has been published (2009 through 2018) and as one of the top 100 lawyers in California. He is also listed in Legal 500 U.S., The Best Lawyers in America (in the areas of information technology and intellectual property) and Chambers and Partners USA Guide in the areas of privacy and data security and information technology. Mr. Ballon also holds the CIPP/US certification from the International Association of Privacy Professionals (IAPP).

Ian can be reached at: Ballon@gtlaw.com, 310-586-6575 or via leading social media platforms (IanBallon).


Mr. Friedberg is a seasoned executive with 30 years of public and private sector experience in law, cyber-crime response, IT security, forensics, investigations and e-discovery. His expertise is sought by boards, audit committees, law firms, and the courts. He has helped many Fortune 500 companies improve their governance and technology initiatives and their cyber regulatory compliance. He led Stroz Friedberg for over 16 years, from a start-up into a $150m, 550-person consulting and technical services firm with nine U.S. and four foreign offices. While always a principal business developer and leader of major client assignments, he oversaw geographic and service line growth, M&A, infusions of $150m in private equity capital, board interactions and, in late 2016, the sale of the company to Aon plc.

Before building Stroz Friedberg, Mr. Friedberg was for 11 years a federal prosecutor in Brooklyn, where he led the Computer Crime and Narcotics Units. He began his career as an intellectual property and securities litigator at Skadden, Arps.

Mr. Friedberg is national leader in all forms of computer crime, including attacks by state-sponsored agents, organized crime, hacktivists, and malicious insiders. He has led responses to some of the most serious attacks on the nation’s companies and has conducted enterprise security risk assessments in many sectors, including financial services, media and entertainment, Internet, sports, health care, law, consulting, oil and gas, and engineering. He is an expert in incident response governance, technologies, policies, and procedures. He has been quoted extensively on cyber-crime and IT security issues in print, digital and television media, including the Wall Street Journal, the Financial Times, The New York Times, cnbc.com, and Fox Business News.

Mr. Friedberg is also a leader in the fields of e-discovery, forensics and privacy, having managed hundreds of high-profile assignments in those areas, testified as an expert, been appointed by courts as a Special Master, and led the development of methodologies for forensic and privacy investigations. He has lectured extensively and has published book chapters and articles on managing risk and conducting investigations in e-discovery and forensics. He is a member of the International Association of Privacy Professionals.

Mr. Friedberg holds a J.D. from Brooklyn Law School and a B.A. from Brandeis University.


Named among The National Law Journal’s “100 Most Influential Lawyers,” Lisa Sotto chairs Hunton Andrews Kurth’s top-ranked Global Privacy and Cybersecurity practice and is the managing partner of the firm’s New York office.  She also serves on the firm’s Executive Committee.  Lisa has received widespread recognition for her work in the areas of privacy and cybersecurity.  She was voted the world’s leading privacy advisor in all surveys by Computerworld magazine and has received top rankings for privacy and data security by Chambers and Partners and The Legal 500.  Lisa serves as the Chairperson of the Department of Homeland Security’s Data Privacy and Integrity Advisory Committee. 

Lisa assists clients in identifying, evaluating and managing risks associated with privacy and data security practices.  She advises clients on GLB, HIPAA, COPPA, CAN-SPAM, FCRA, VPPA, security breach notification laws, and other U.S. state and federal privacy and data security requirements (including HR rules), and global data protection laws (including those in the EU, Asia and Latin America).  More recently, Lisa’s work includes assisting dozens of clients in developing strategies for complying with the California Consumer Privacy Act of 2018.

Featured as “The Queen of Breach” in an article by New York Super Lawyers Magazine, Lisa provides extensive advice on cybersecurity risks, incidents and policy issues, including proactive cyber incident readiness.  Since 2005, she has advised clients on more than 1,600 cybersecurity and data breach incidents in the U.S. and abroad, including many of the seminal events.  Lisa is the editor and lead author of the legal treatise entitled Privacy and Cybersecurity Law Deskbook, published by Aspen Publishers, Wolters Kluwer Law & Business. 

Lisa is chair of the New York Privacy Officers’ Forum and a former member of the Board of Directors of IAPP.  She received her J.D. from the University of Pennsylvania Law School, where she was an editor of the Law Review.  She received her B.A. from Cornell University, with Distinction in All Subjects.  Lisa is admitted to practice in New York.


 


Al Saikali is a Chambers-ranked lawyer specializing in privacy and data security law.  He represents companies in minimizing the risks associated with the collection, use, storage, and security of personal information.  In addition to chairing Shook, Hardy & Bacon’s Privacy and Data Security practice, he founded and chairs the Sedona Conference’s Working Group on Privacy and Data Security, and co-chairs the American Bar Association’s Cybersecurity Law Institute.  He has won the Lexology Client Choice award in technology law the last two years in a row and was named a “Trailblazer in Cybersecurity” by the National Law Journal in 2015.  In his spare time, Al is an Adjunct Professor at Saint Thomas University where he teaches Cybersecurity Law, and he maintains a blog (Data Security Law Journal) where he writes about emerging trends and issues in privacy and data security law.  Al has been quoted by the Wall Street Journal, Bloomberg BusinessWeek, and Law360 for his thoughts on privacy and data security legal trends. 


Kumneger Emiru is a Senior Manager, Corporate Counsel at ServiceNow, where she focuses on global privacy compliance and manages ServiceNow’s AMS privacy team. Kumneger serves as the lead negotiator on commercial transactions related to privacy for both inbound and outbound agreements. Her responsibilities also include product counseling and support and drafting privacy policies and procedures. During her tenure at ServiceNow, Kumneger also provided contract support to regional sales teams.

Kumneger previously worked at MongoDb supporting sales teams with commercial contracts, and at Workday, where her work included conducting privacy audits and trainings. She began her career at the Department of Health and Human Services, Office for Civil Rights, where she investigated alleged HIPAA violations.

Kumneger is a Certified Information Privacy Professional US/Europe. She received her law degree from the University of Iowa, College of Law and holds an A.B. from the University of Chicago with honors in dual concentrations of Public Policy and African and African American Studies.

Kumneger is admitted to practice in Illinois and is a registered in-house counsel in California.


Laura Juanes Micas is a multilingual law, policy and privacy expert in the technology industry. She currently serves as Global Director of Privacy Policy Engagement at Facebook Inc. 

Laura is a Spanish qualified lawyer, based in the United States, with more than fifteen years of professional experience in technology and media companies. In her role at Facebook, she leads a global team that regularly engages with regulators, policymakers, experts and advocates in order to inform on key privacy issues that impact how individuals use or relate to Facebook’s technology daily. Prior to joining Facebook, she served as an Assistant General Counsel, Privacy & Human Rights, at Yahoo Inc., where she led the legal and public policy team’s efforts on global privacy matters and the company’s Business and Human Rights Program.

Before assuming her AGC role at Yahoo, Laura held various positions, including as General Counsel at Yahoo Spain and as Director of Product Compliance and Law Enforcement response for the Americas. Laura is a law graduate of the Universidad Auto´noma de Madrid, where she worked as a lawyer before joining Yahoo.

Laura holds U.S. and EU Certifications for International Privacy Professionals (CIPP). She serves on the Advisory Board of the Information Accountability Foundation and chairs the Latin America chapter of the Centre for Information Policy Leadership. She is a mentor of startups and entrepreneurs in South Florida and Latin America and a proud Board and founder Member of Woman in Tech Miami Council, with a mission to connect and empower women with diverse technological backgrounds.


Matthew W. Van Hise is an Assistant Attorney General and Chief of the Privacy Unit at the Illinois Attorney General’s Office.  AAG Van Hise has been with the Attorney General’s Office working in the Consumer Fraud Bureau since 2011.  He enforces the Illinois Consumer Fraud and Deceptive Business Practices Act and spends the majority of his time focusing on privacy, data security, and data breach related investigations and litigation.  AAG Van Hise functions as both the lead and co-lead attorney for many national multistate investigations into several of the largest data breach incidents to date.

As Chief of the Privacy Unit, he serves as the point person within the Illinois Attorney General’s Office on matters such as privacy, data security, technology, and the secure handling of consumers’ personal information.  AAG Van Hise also oversees the Illinois Attorney General’s Identity Theft Unit, which was created in 2006 and has assisted over forty-five thousand consumers with complaints covering a wide variety of identity theft issues and privacy areas. 

Matthew leads the National Association of Attorneys General Privacy Working Group, on both privacy and identity theft.  He also co-leads the NAAG medical privacy discussions. 

Prior to this, he worked at the Michigan Attorney General’s Office, on both privacy and identity theft.  Matthew received a B.A. from Bradley University and a J.D. from the Thomas M. Cooley Law School in Lansing, Michigan.  Matthew has served as panelist and as guest speaker at numerous data security and privacy conferences throughout the country.  He is an active member in the International Association of Privacy Professionals, holding the CIPP/US certification, as well as a member in many local, state, and national Bar Associations.


Zoe Strickland is the newly appointed VP, Global Privacy & US Commercial Compliance head for Cigna health and life insurance. She most recently served as the Managing Director, Global Chief Privacy Officer, for JPMorgan Chase, where she was responsible for domestic and global privacy compliance at the company enterprise level, including its privacy policies, procedures, governance, strategy, training, and administration. Previously, Zoe served as the VP, Chief Privacy Officer for UnitedHealth Group and for Walmart Stores Inc. 

Zoe is an active participant in the privacy community.  She serves on the Advisory Board of the Future of Privacy Forum and several other cross-industry organizations. She previously served on the Board of Directors for the International Association of Privacy Professionals (IAPP). Zoe is a frequent speaker at industry conferences and events, has testified before subcommittees of the House Energy and Commerce Committee, and has been quoted in national and trade media sources, including USA Today, the New York Times, and National Public Radio.


Mike Dvilyanski is Supervisory Special Agent at the Cyber Branch at the FBI’s New York office. The Cyber Branch investigates national security and criminal computer intrusion matters and responds to cyber incidents in the New York City metropolitan area. In his role as Supervisory Special Agent, Mike leads an investigative team focused on state-sponsored computer intrusions against U.S. interests and was responsible for the development and implementation of a cyber incident response framework for the FBI’s New York office. Prior to his current position, Mike served as Supervisory Special Agent in the Cyber Division at FBI Headquarters in Washington, D.C., where he oversaw investigations of state-sponsored cyber threats. In 2017, Mike returned to FBI Headquarters in Washington, D.C., where he led the FBI’s efforts to combat election interference and foreign influence operations. Mike graduated from the FBI Academy in 2005 and was assigned to the New York Field Office of the FBI, where he investigated Counterintelligence and Cyber matters.


Abigail Lyle regularly defends financial institutions in litigation involving lending practices and federal and state consumer financial services laws, and advises clients on a variety of compliance issues, including the Equal Credit Opportunity Act, Regulation B, Fair Housing Act, Truth in Lending Act, Real Estate Settlement Procedures Act, Fair Debt Collection Practices Act and its state counterparts, Telephone Consumer Protection Act, Unfair Deceptive or Abusive Acts or Practices, Bank Secrecy Act/Anti-Money Laundering, and flood insurance issues.  She also regularly represents financial institutions, directors, and officers in regulatory enforcement actions by the Department of Justice, Consumer Financial Protection Bureau, Federal Deposit Insurance Corporation, Office of the Comptroller of the Currency, Federal Reserve, and U.S. Department of Housing and Urban Department, including responding to “15 day letters,” notices of violation, and administrative proceedings on issues relating to lending practices and debt instruments.

Abigail served as a judicial clerk for the Honorable William P. Dimitrouleas of the U.S. District Court for the Southern District of Florida from 2009-2011, and is admitted to practice in Texas and Florida.

Relevant Experience

  • Represented national mortgage servicer in Telephone Consumer Protection Act, Fair Credit Reporting Act, and Fair Debt Collection Practices Act litigation.
  • Defended national chain stores in class action litigation involving text marketing programs and the Telephone Consumer Protection Act.
  • Defended financial institutions, including credit card issuers, Fintech companies, mortgage lenders, and auto lenders in litigation involving the Fair Debt Collection Practices Act, Fair Credit Reporting Act, Truth in Lending Act, force-placed insurance, and securities fraud.
  • Advised mortgage servicers, mortgage originators, auto lenders, and credit card issuing financial institutions on compliance with the Bankruptcy Code, Fair Debt Collection Practices Act, Fair Credit Reporting Act, Truth in Lending Act, Real Estate Settlement Procedures Act, Telephone Consumer Protection Act, and other consumer compliance statutes.
  • Prepared text marketing programs for national chain stores for compliance with Telephone Consumer Protection Act.
  • Assisted multiple banks and mortgage companies in preparing for regulatory examinations by performing audits of their origination and servicing practices, policies, and procedures.

Education

JD, University of Miami School of Law, summa cum laude, Order of the Coif, Writing & Research Editor for the University of Miami Law Review, Miami Scholar, 2007

BA, Political Science, Furman University, magna cum laude, Phi Beta Kappa, 2003


Bojana Bellamy is the President of Hunton Andrews Kurth LLP's Centre for Information Policy Leadership, a preeminent global information policy think tank located in Washington, DC and London. Bojana brings more than 20 years of experience and deep knowledge of global data privacy and cybersecurity law, compliance and policy. She has a proven industry record in designing strategy, and building and managing data privacy compliance programs. Bojana was recently elected to participate in a new transatlantic initiative, the “Privacy Bridge Project,” that seeks to develop practical solutions to bridge the gap between European and US privacy regimes. She joins a distinguished group of approximately 20 privacy experts from the EU and US.


Chandra McMahon is senior vice president and Chief Information Security Officer for Verizon. She is responsible for setting information security strategy, policy, standards, architecture and processes. McMahon and her team work with and across Verizon’s business units to protect its customers and its leading networks.

Prior to joining Verizon, McMahon held leadership positions of increasing responsibility at Lockheed Martin including serving as the company’s Chief Information Security Officer and most recently as vice president of commercial markets. In that role she was responsible for developing and delivering a portfolio of cybersecurity and information technology solutions and services for Fortune 500 companies in critical infrastructure industries such as financial, utility and technology companies.

McMahon has briefed White House and Congressional staff, and various U.S. Government leaders on cyber security matters. A sought-after speaker, she has been active in promoting cybersecurity information-sharing partnerships between the U.S. Government and industry. She currently is a member of the Aspen Institute Cyber Strategy Group, a cross-sector public-private forum aimed at translating pressing cybersecurity conversations into action.

McMahon holds a Bachelor of Science degree in Industrial Engineering and Operations Research from Virginia Tech as well as a Master’s degree in Engineering Science from Penn State University.  She currently holds the following certifications: Certified Information Security Manager (CISM), Certified Secure Software Lifecycle Professional (CSSLP), and Certified Cloud Security Professional (CCSP).


Chris Nims is the Senior Vice President, Chief Information Security Officer (CISO) and ‘Paranoid in Chief’ at Oath. The Paranoids are responsible for protecting Oath’s more than one billion users around the world, as well as the company’s employees and systems. Chris and his team work closely and collaboratively at all levels across Oath’s dynamic media and technology brands to strive for the highest level of security and safety amid evolving online threats.

Prior to joining Oath, Chris was the CISO at AOL after being promoted rapidly through a series of leadership positions that focused on developing information security strategies in technically demanding global environments. He has nearly 20 years of experience in balancing business needs of Fortune 500 companies and startups with risks and costs of controls. He aso has a history of building and enforcing comprehensive security and compliance programs.

Prior to AOL, Chris was Manager of Internet Security at MyCFO and Manager of IS Security at Netscape Communications. He holds a BS in Computer Science from Northwestern University and a CISO certificate from the Carnegie Mellon Heinz College. Chris also completed the Next Security 50 executive development program.

A resident of Reston, VA, Chris is married with three children.


Darlene Cedres is Senior Legal Counsel and Chief Privacy Officer at Samsung Electronics America. She is a seasoned privacy & security practitioner with a well-rounded background rooted in a strong technology foundation. She also has demonstrable experience in the design of internal controls for measuring/managing risk/compliance, as well as project management and process development.


Joanna Fine is a member of the Privacy and Data Management group. She advises clients on a wide range of privacy-compliance initiatives, including conducting privacy and security reviews and audits; drafting privacy policies, practices and procedures; managing privacy/security breaches; assisting with investigations by privacy regulatory authorities; and drafting outsourcing and other service-provider agreements involving transfers (including transborder flows) of personal information.

Joanna also provides privacy and consumer protection advice with respect to e-commerce and marketing initiatives (including online and mobile marketing), and compliance with Canada’s anti-spam legislation. In addition, she advises clients on employee privacy matters and privacy issues in mergers and acquisitions.


Maneesha Mithal is the Associate Director of the Federal Trade Commission’s Division of Privacy and Identity Protection, which focuses on consumer privacy, data security, and credit reporting issues.  In this capacity, she has managed significant initiatives, including reports on Big Data, the data broker industry, the Internet of Things, consumer privacy, facial recognition, and mobile privacy disclosures.  She has testified before Congress on data security, connected cars, facial recognition, and identity theft.  She has also supervised Commission investigations that resulted in consent orders, including against companies such as Wyndham, Google, Facebook, Twitter, Lifelock, HTC, Snapchat, Uber, and Lenovo.  She has held numerous positions at the Commission, including Chief of Staff of the Bureau of Consumer Protection, and Assistant Director of the International Division of Consumer Protection.  Prior to joining the Commission in 1999, Ms. Mithal was an attorney at the Washington law firm of Covington & Burling.  Ms. Mithal earned her law degree from the Georgetown University Law Center and her undergraduate degree from Georgetown University.


Margaret Keane is a Partner in the employment group at the international firm of DLA Piper LLP.  She is based in San Francisco and works with clients to address the challenges of today’s workplace, including workplace privacy, employee mobility issues, mobile devices, wage and hour compliance, and related workplace issues.  


Matt Lawless is an attorney in The Procter & Gamble Company’s Global Privacy, Cybersecurity, and Information Technology Law group. He advises clients with respect to consumer data projects and information security, negotiates privacy contracts, and leads P&G’s privacy compliance and training programs.

Matt also serves as an adjunct professor of law at the Northern Kentucky University Chase College of Law, the University of Dayton School of Law, and the University of Cincinnati College of Law, where he teaches courses in information privacy. Matt frequently speaks and writes on law and technology topics, and has presented most recently on privacy in the internet of things, standing in data breach litigation, and privacy issues in electronic discovery at the ANA/BAA Marketing Law Conference, the CincyBrand conference, the OSBA Annual Midwest Labor and Employment Law Seminar, and the Northern Kentucky University Cybersecurity Symposium.

Prior to joining P&G, Matt worked in private practice and was a law clerk for judges on the United States District Court for the Western District of Kentucky and the United States Court of Appeals for the Sixth Circuit. He is a graduate of the Cincinnati Academy of Leadership for Lawyers and has been recognized as an Ohio Super Lawyers “Rising Star.” Matt holds the CIPP/E, CIPM, CIPP/US, and FIP credentials from the International Association of Privacy Professionals, and is a 2016-2018 co-chair of the IAPP’s Cincinnati KnowledgeNet.

Matt received his B.A. from Michigan State University, M.A. from Texas Tech University, and J.D. from the Indiana University Maurer School of Law - Bloomington.


Mihir Kshirsagar is an Assistant Attorney General in the Bureau of Internet & Technology for the New York State Office of Attorney General. He received his law degree from the University of Pennsylvania Law School and received an A.B. degree from Harvard. Mihir is a litigator with broad experience in consumer protection, securities and antitrust laws. He practiced at Cravath, Swaine & Moore LLP and Cahill Gordon & Reindel LLP before joining the Attorney General’s office in 2016.