Data Privacy Day

Advisory Committee

Dan Caprio Dan Caprio (Chair) 
Co-Founder and Chairman
The Providence Group
Martin Abrams Martin E. Abrams
Executive Director and Chief Strategist
Information Accountability Foundation
DPD Annie Antón
Professor and Chair
School of Interactive Computing at Georgia Institute of Technology  
Fred H. Cate Fred H. Cate
Indiana University Center for Applied Cybersecurity Research 
and Center for Law, Ethics and Applied Research in Health Information 
Janet F. Chapman Janet F. Chapman
Former Senior Vice President
Union Bank 
Mary Culnan Mary Culnan
Professor Emeritus
Bentley University 
DPD Jolynn Dellinger
Senior Adviser, Data Privacy Day
Former Program Manager Data Privacy Day (2007-12)
Elena Elkina Elena V. Elkina
Cofounder/Vice Chair, Women in Security and Privacy (WISP) 
Sandra Hughes Sandra R. Hughes
President & CEO, Sandra Hughes, LLC.; former Global Privacy Executive, Procter & Gamble  
Mary Madden Mary Madden
Researcher, Data & Society Research Institute
Nuala O'Connor Nuala O'Connor
President & CEO
Center for Democracy & Technology
Richard Purcell Richard Purcell
CEO, Corporate Privacy Group; formerly first Corporate Privacy Officer, Microsoft
Andrew Serwin Andrew Serwin
Partner, Global Privacy and Data Security Practice
Morrison & Foerster LLP

NCSA Board Representatives 
Chris Boyer Chris Boyer
Assistant Vice President, Public Policy
David Hoffman David Hoffman
Associate General Counsel and Global Privacy Officer

Dan Caprio, Committee Chair  

Co-Founder and Chairman, The Providence Group

Dan Caprio is an internationally recognized expert on privacy and cybersecurity. He has served as the chief privacy officer and deputy assistant secretary at the Commerce Department, a transatlantic subject matter expert for the European Commission's Internet of Things formal expert group, a chief of staff for a Federal Trade Commission (FTC) Commissioner and a member of the Data Privacy and Integrity Advisory Committee. In 2002, Dan was a representative for the United States delegation revising the OECD Security Guidelines that formed the basis for the first White House Strategy to Secure Cyberspace.

Advisory Members
Martin E. Abrams
Executive Director and Chief Strategist, Information Accountability Foundation

Martin Abrams, Executive Director and Chief Strategist for the Foundation, has 35 years of experience as an information and consumer policy innovator. Multistakeholder collaboration has been a key for Abrams in developing practical solutions to dilemmas in information policy. His most recent work has been on big data governance and privacy compliance driven by demonstrable data stewardship. For the past five years he has led the Global Accountability Project, which has refined the accountability principle that is part of various data protection laws and guidance documents.

Abrams also has provided leadership in other policy areas. He worked on multi-layered privacy notices that changed the way policy makers and organizations thought about privacy transparency. His work is generally reflected in new laws and regulatory guidance in jurisdictions from Asia, across Europe and in the Americas. He has led educational seminars on almost every continent, and has been a key advisor to four International Conference of Data Protection and Privacy Commissioners. He has been deeply involved in the development of the APEC Cross Border Privacy Rules and has also been involved with the OECD Working Party on Information Security and Privacy. He is an advisor to numerous bench-mark corporate privacy programs. 

Annie Antón
Professor and Chair, School of Interactive Computing at Georgia Institute of Technology

Annie Antón is Professor and Chair of the School of Interactive Computing at Georgia Tech. Previously she served as a Professor in the Computer Science Department of the College of Engineering at North Carolina State University, where she was Director of the CSC Policy and Compliance Initiative and a member of the NCSU Cyber Defense Lab. In 2010 she chaired the NC State University Reappointment, Promotion and Tenure Committee. In 2008, she chaired the NC State Public Policy Task Force.

Antón's research focuses on methods and tools to support the specification of complete, correct behavior of software systems used in environments that pose risks of loss as a consequence of failures and misuse. This includes Web-based and healthcare systems in which the security of personal and private information is particularly vulnerable. Current extensions to this work, include the analysis of security and privacy policies, regulations and compliance practices.

Antón is the founder and director of, a research group of students and faculty at NCSU, and Purdue University. She is leading this group in the development of technology to assist practitioners and policy makers in meeting the challenge of eliciting and expressing policies and regulations (a form of requirements). These tools help ensure that software systems are aligned with the privacy polices and regulations that govern these systems.

Fred Cate
Co-Director, Center for Law, Ethics and Applied Research in Health Information at Indiana University

Fred H. Cate, named in the three most recent Computerworld listings of the world's "Best Privacy Advisers," is a Distinguished Professor and C. Ben Dutton Professor of Law at the Indiana University Maurer School of Law and director of the Indiana University Center for Applied Cybersecurity Research and Center for Law, Ethics and Applied Research in Health Information. He specializes in privacy, security, and other information law issues, and appears regularly before Congress, government agencies, and professional and industry groups on these matters.

Professor Cate is a senior policy advisor to the Center for Information Policy Leadership at Hunton & Williams LLP and a member of Microsoft's Trustworthy Computing Academic Advisory Board, the Department of Homeland Security Data Privacy and Integrity Committee Cybersecurity Subcommittee, the Department of Defense Advanced Research Projects Agency Privacy Oversight Board, the Board of Directors of The Privacy Projects, the Board of Directors of the International Foundation for Online Responsibility, and the Board of Directors of the Kinsey Institute for Research in Sex, Gender and Reproduction.

Previously, Professor Cate served as a member of the National Academy of Sciences Committee on Technical and Privacy Dimensions of Information for Terrorism Prevention and Other National Goals, counsel to the Department of Defense Technology and Privacy Advisory Committee, reporter for the third report of the Markle Foundation Task Force on National Security in the Information Age, reporter for the American Law Institute's project on Principles of the Law on Government Access to and Use of Personal Digital Information, and a member of the Federal Trade Commission's Advisory Committee on Online Access and Security. He directed the Electronic Information Privacy and Commerce Study for the Brookings Institution and chaired the International Telecommunication Union's High-Level Experts on Electronic Signatures and Certification Authorities.

He is the author of many articles and books, and appears regularly in the popular press. He served as the Privacy Editor for the Institute of Electrical and Electronic Engineers' Security & Privacy and is one of the founding editors of the Oxford University Press journal, International Data Privacy Law. A senator, fellow, and president of the Phi Beta Kappa Society and an elected member of the American Law Institute, Professor Cate received his J.D. and his A.B. with Honors and Distinction from Stanford University.

Janet F. Chapman
Former Senior Vice President, Chief Privacy Officer, Union Bank

Janet F. Chapman, until her retirement in July 2014, served as Senior Vice President, Chief Privacy Officer (CPO) for Union Bank in San Francisco. Union Bank is among the top 25 largest banks in the United States, with more than 13,000 employees and $105 billion in assets. At Union Bank, Ms. Chapman was responsible for overall enterprise privacy strategy and she oversaw all privacy-related activities as well as information security compliance. She chaired the enterprise-wide Privacy Council, co-chaired the Information Security Steering Committee and was a key member of the Bank’s Cyber Response Taskforce.

She served as Chair of the Privacy Working Committee of the Financial Services Roundtable (FSR), and as a member of the FSR BITS Regulatory Steering Committee and Privacy Committees for the Consumer Banking Association (CBA) and the American Banking Association (ABA). Ms. Chapman is a founding member of the advisory board of the Ponemon Institute’s Responsible Information Management Council. In March 2014, Ms. Chapman was named a Privacy By Design Ambassador by the Information and Privacy Commissioner of Ontario Canada. She was also a contributor to “The Privacy Engineer’s Manifesto,” published in 2014 by Apress Open. Ms. Chapman is a Certified Information Privacy Professional (CIPP).

Ms. Chapman is the former Chief Privacy Officer for The Charles Schwab Corporation. During her tenure as CPO, Schwab ranked in the top 10 in the Ponemon Institute-Trust-e survey of the Top Most Trusted Companies for Privacy from 2006 –2008.

Ms. Chapman also served as a Member of the Board of Directors of the International Association of Privacy Professionals (IAPP), and Chair of the Privacy Committee of the Securities Industry and Financial Markets Association (SIFMA). She currently serves on several non-profit boards and is active in numerous community activities.

She holds a BA degree from the University of Massachusetts and an MBA in General Management and Business Policy from Boston University; with honors.

Mary Culnan
Professor Emeritus, Bentley University 

Dr. Mary J. Culnan is Professor Emeritus at Bentley University. She also serves as a Senior Research Fellow in the Center for IT and the Global Economy (CITGE) at the Kogod School of Business, American University.

Mary has testified before Congress, the Massachusetts Senate, and other government agencies on a range of privacy issues. In 1993, she served on a White House Task Force on Presidential Correspondence. From 1997-98, she served as a Commissioner on the President’s Commission on Critical Infrastructure Protection. In 2000 she was a member of the FTC’s Advisory Committee on Access and Security. Since 2001, Mary has been a member of the Government Accountability Office’s Executive Committee on Information Management and Technology (ECIMT). Business Week’s e-biz Web site profiled Mary as a “Mover & Shaker” in 1999

Mary’s primary research interest is governance of privacy and security; her paper on public policy approaches to promoting accountability for privacy was one of six papers selected for inclusion in FPF’s 2011 Privacy Papers for Policy Makers.. She has also conducted research on how organizations can gain value from social media. Mary’s work has been published in a range of academic journals as well as the New York Times, the Washington Post and the Wall Street Journal. She is the author of the 1999 Georgetown Internet Privacy Policy Survey, which the Federal Trade Commission used to make recommendations to Congress, and the 2006
Bentley-Watchfire Survey of Online Privacy Practices in Higher Education. She also co-authored FPF’s 2010 “icon” research report related to online behavioral advertising. Details about her publications is available here.

Mary was employed for seven years as a systems analyst by the Burroughs Corporation prior to earning her Ph.D. in management from UCLA. Before joining the faculty at Bentley in fall 2000, she held faculty positions at the University of Virginia, University of California, Berkeley, the American University and Georgetown University.

Jolynn Dellinger
Senior Adviser, Data Privacy Day, Former Program Manager Data Privacy Day (2007-12)

Jolynn Dellinger served as the Program Manager for Data Privacy Day from 2008 through 2012 with Intel Corporation (2008-09), The Privacy Projects (2010-11) and the National Cyber Security Alliance (2012), and is currently a member of the Data Privacy Day Advisory Committee. Jolynn also serves on the Board of Directors for Ipas and Book Harvest.  

Prior to working for Intel, Jolynn worked as a staff attorney for Judge W. Earl Britt in the U.S. District Court for the Eastern District of North Carolina (1998-2007), as a Fellow in the Solicitor General’s Office in the U.S. Department of Justice (1994-95), and as a clerk for Judge Francis D. Murnaghan, Jr. in the U.S. Court of Appeals for the Fourth Circuit (1993-94). She has also practiced at law firms in Washington, D.C. and North Carolina, taught Family Law at Duke Law School and Legal Writing at UNC School of Law.  Jolynn received her B.A. in English from Columbia University in 1989, and her J.D. and M.A. in Women’s Studies from Duke Law School and Duke University in 1993.

Elena V. Elkina
Cofounder/Vice Chair, Women in Security and Privacy (WISP)

Elena Elkina is a cofounder and partner at Aleada Consulting, where she advises clients on privacy, data protection and information security issues. She is known for her entrepreneurial approach to driving business while protecting information and serving as a trusted adviser for her clients. During her 20-year legal career, she has worked with financial and healthcare institutions, software and internet companies, major law firms and the government sector on both international and domestic levels.

Over the past decade, Elena has focused on creating enterprise-level global privacy and data protection programs, including developing and implementing data protection policies, maturity models and long-term roadmaps; designing and implementing de-identification and data handling strategies and processes; and building privacy and security training and awareness programs. She has worked closely with development and business teams to build cloud, web and mobile consumer and business products across the globe.  

Elena is a cofounder and vice chair of WISP, a nonprofit organization that aims to advance women in the privacy and security fienlds. She also serves on the board member of Leading Women in Technology (LWT), a nonprofit organization dedicated to unlocking the potential of female professionals who advise technology businesses. 

Elena received her law degree from the University of Russian Academy of Education in Moscow, Russia. She received her LL.M. degree from Berkeley Law School, where she studied privacy, technology transactions and international law. Elena is a certified information privacy professional (CIPP/US, CIPP/IT, CIPM). 

Sandra R. Hughes
President/CEO, Sandra Hughes, LLC., retired Global Privacy Executive, Procter & Gamble

Sandy retired after more than 25 years with Procter & Gamble, the world's largest consumer products company, leaving as Global Privacy Executive, in addition to leading the Global Ethics & Compliance practice. She has been recognized by the International Association of Privacy Professionals with the Vanguard Award for Best Corporate Practitioner and by the Executive Women’s Forum for Risk Management, Information Security and Privacy with the Woman of Influence, Lifetime Achievement Award. Since her ‘reWirement’, Sandy is a business and executive coach specializing in areas of risk management. In addition, she serves on nonprofit boards, including the Future of Privacy Forum, and is Chairman of Social Venture Partners, Cincinnati.

Mary Madden
Senior Researcher, Pew Research Center's Internet & American Life Project 

Mary Madden is a Senior Researcher for the Pew Research Center’s Internet & American Life Project and an affiliate at the Berkman Center for Internet and Society at Harvard University. She is a nationally recognized expert on trends in social media use, online privacy management, and the impact of digital media on teens and parents. Mary is currently leading a year-long effort at the Center to explore Americans’ concepts of privacy, their awareness and expectations about how their information is handled and their contexts for making decisions about disclosure in their daily lives. Her previous work for Pew has examined artists’ use of the internet, older adults’ adoption of technology and the role of digital communications in romantic relationships. The Pew Research Center is a nonpartisan source of data and analysis. It does not take advocacy positions.

Mary has been part of an ongoing collaboration with the Berkman Center’s Youth and Media Project that combines quantitative and qualitative research methods to study adolescents’ technology use and privacy management on social media. She is also a member of the Research Advisory Committee for the Future of Music Coalition’s Artist Revenue Streams Project.

Prior to joining the Pew Research Center, Mary worked as a Research Assistant at Georgetown University. She holds an MA with distinction from Georgetown University’s Communication, Culture and Technology program and graduated summa cum laude from the University of Florida with a BA in English. She has been with Pew Internet since 2002, and has authored over forty reports during her tenure. Madden is a frequent public speaker and has been interviewed by The New York Times, The Washington Post, The Wall Street Journal, and National Public Radio, among others, regarding her research.

Nuala O'Connor

President & CEO, Center for Democracy & Technology 

 O’Connor is the President & CEO of the Center for Democracy and Technology. She is an internationally recognized expert in Internet and technology policy, particularly in the areas of privacy and information governance. Nuala is passionate about the ways technology and the Internet can be instruments of global free expression and individual freedom, and is committed to finding policy solutions that affect real people.

Nuala has experience in both the public and private sectors, having most recently worked at as Vice President of Compliance & Consumer Trust and Associate General Counsel for Data & Privacy Protection. Prior to Amazon, Nuala was the Global Privacy Leader at General Electric, where she was responsible for privacy policy and practices across GE’s numerous divisions.

Nuala became the first statutorily appointed Chief Privacy Officer in federal service when she was named as the first Chief Privacy Officer at the Department of Homeland Security. At DHS she was responsible for groundbreaking policy creation and implementation on the use of personal information in national security and law enforcement. Under her leadership, the DHS Privacy Office issued a seminal report criticizing the use of private-sector data in national security efforts. Prior to DHS, Nualaserved as Deputy Director of the Office of Policy & Strategic Planning, Chief Privacy Officer and as the Chief Counsel for Technology at the US Department of Commerce, where she worked on global technology policy, including Internet governance and industry best practices.

Nuala’s time in the technology sector began at DoubleClick, where she was part of a team of professionals brought in to address public outcry over the advertising giant’s proposal to merge on- and offline data sets. She managed numerous class actions, a multistate settlement with state attorneys general, and an FTC investigation, before going on to help found the privacy compliance department, which served as an influential model for companies in the technology sector and beyond.

Nuala holds an AB from Princeton, an M.Ed. from Harvard, and a JD from Georgetown University Law Center. She serves on numerous nonprofit boards, and is the recipient of the International Association of Privacy Professionals (IAPP) Vanguard Award, the Executive Women’s Forum’s Woman of Influence award, and was named to the Federal 100, and “Geek of the Week” by the Minority Media & Telecom Council in May 2013. She also served as the Chairman of the Board of IAPP.

Nuala was born in Belfast, Northern Ireland and grew up in and around New York City.

Richard Purcell
CEO, Corporate Privacy Group; formerly first Corporate Privacy Officer, Microsoft

Richard Purcell has been a leading voice in addressing consumer privacy and data protection challenges since the late 1990s. He leads Corporate Privacy Group (CPG), an independent consulting firm focusing on establishing sustainable and effective information security and privacy programs. CPG supports multinational corporations, Internet start-ups and government agencies in planning, developing, and implementing enterprise-wide programs designed to respect and protect personal information. Utilizing its proprietary management model, 3PT™, CPG works from a basis of assuring that the right people develop and communicate the right policies supported by the right processes and technologies. CPG also offers award-winning Web-based education and training courseware for security and privacy awareness, knowledge and skills development.

As Microsoft’s original privacy officer, Richard designed, developed, implemented and oversaw one of the world’s largest and most advanced privacy programs spanning Internet properties, software products, end-user support and information systems. In 2002, Microsoft’s Trustworthy Computing initiative included the global privacy program as a key enterprise pillar. Throughout this period, Richard worked closely with regulators and legislators in the United States, Canada, Europe and Australia to create global accountability and compliance standards and maintains those relationships today.

Recently, Richard also served as Chairman of the Data Privacy and Integrity Advisory Committee to the Department of Homeland Security and as the Executive Director of the non-profit research agency, the Privacy Projects. Previously, he served on the Federal Trade Commission’s Online Access & Security Advisory Committee and as Chairman of TRUSTe, the pioneering online privacy certification agency.  He sits on several corporate advisory boards and regularly addresses issues of information privacy and data protection domestically and globally. 

Andrew Serwin
Partner, Global Privacy and Data Security Practice, Morrison & Foerster LLP

Andrew B. Serwin is a partner in the Global Privacy and Data Security Practice Group at Morrison & Foerster LLP's San Diego and Washington, D.C. offices. Mr. Serwin has handled a number of high-profile privacy and consumer protection matters, including multiple privacy enforcement matters before the Federal Trade Commission, and is internationally recognized as one of the leading consumer protection and privacy lawyers. 

Mr. Serwin ranked second in the 2010 Computerworld survey of top global privacy advisors and is recognized by Chambers USA as one of the top privacy and data security attorneys nationwide (2009–2013). 

Mr. Serwin advises a number of Fortune 500 and emerging companies regarding global privacy compliance and technology transactions, with particular emphasis on: international compliance; health care; mobile; behavioral advertising; ECPA and wiretap issues; electronic marketing concerns; security incidents; social media; and compliance with FTC requirements. Mr. Serwin also has extensive litigation and enforcement experience, having served as lead counsel in a number of FTC matters, matters before the Office of Civil Rights, and consumer protection and privacy litigation matters based upon the alleged misuse of personal information, including class actions and enforcement matters brought by state attorneys general.

Mr. Serwin has written a number of books, including the leading treatise on privacy, "Information Security and Privacy: A Guide to Federal and State Law and Compliance," and "Information Security and Privacy: A Guide to International Law and Compliance," (West 2005-2013), which has been called "the best privacy sourcebook," "an indispensable resource for privacy professionals at all levels," and "a book that everybody in the information privacy field should have on their desk." He has written more than 190 articles and presented more than 200 times on litigation and privacy topics. He is also a co-author of Health Care Privacy and Security(West 2013), West's Corporate Counsel's Primer on International Privacy and Security and Internet Marketing and Consumer Protection (West 2005-2012).

NCSA Board Representatives

Chris Boyer
Assistant Vice President, Public Policy, AT&T

Chris Boyer serves as Assistant Vice President - Public Policy at AT&T Services Inc. Mr. Boyer's responsibilities include the development and coordination of AT&T's strategic policy initiatives at the Federal and state levels impacting emerging services and technology including a recent focus on cyber security. In this capacity Mr. Boyer serves as AT&T's representative on the board of the National Cyber Security Alliance a public private partnership dedicated to promoting cyber security awareness for home users, small and medium size businesses, and primary and secondary education.

Prior to this assignment Mr. Boyer was AT&T's dedicated public policy resource embedded with AT&T's functional business units responsible for coordinating the company's nationwide efforts to expand fiber optics into neighborhoods to deliver Internet Protocol (IP)-based television, faster high-speed Internet access and voice services under the AT&T U-verseSM brand. In this role Mr. Boyer has represented AT&T before numerous external audiences and policymakers as a subject matter expert on AT&T's U-verse initiative.

Mr. Boyer joined AT&T in 1993 and has held various positions in AT&T’s corporate public policy, network planning and engineering, wholesale marketing and network services departments including extensive experience working on AT&T's broadband, VoIP and IPTV initiatives.

David Hoffman
Director of Security Policy and Global Privacy Officer, Intel

David A. Hoffman is director of security policy and global privacy officer at Intel Corporation. David joined Intel in 1998 as Intel’s eBusiness attorney. In 1999, he founded Intel’s privacy team and in 2000 was appointed group counsel of eBusiness and director of privacy. In 2005, David moved to Munich, Germany, as group counsel in the Intel European legal department while leading Intel’s worldwide privacy and security policy team.

David was a founding member of the BBBOnLine Steering Committee. He served on the TRUSTe board of directors from 2000 to 2006. David is also on the board of directors for the International Association of Privacy Professionals, for which he is treasurer. He holds the Certified Information Privacy Professional Certification and has lectured at law schools in the U.S., Europe and China.

David has a J.D. from the Duke University School of Law, where he was an editor on the Duke Law Review. He also received an A.B. from Hamilton College.