-
Laurie-Anne Ancenys
Partner, Head of the Paris Tech & Data Practice, A&O Shearman, France
Laurie-Anne is head of the Tech & Data practice in Paris. She is specialized in the fields of information technology and data protection law.
She assists French and international blue chip clients with the digitalization of their activities, including in relation to strategic partnerships, cybersecurity issues, data monetization and the launch of online tech products and services in a broad range of sectors.
She has developed an expertise in the drafting and negotiation of complex IT agreements, including in relation to M&A transactions. Laurie-Anne also advises companies on data protection compliance issues - including data breaches and IT/data contentious matters.
Laurie-Anne speaks at international conferences, conducts quarterly round table discussions on data protection in Paris and regularly publishes expert articles in French and international publications. In addition, Laurie-Anne contributes to the HEC Paris Tech Law courses.
Laurie-Anne was nominated Young Leader of the France-China Foundation, class 2021.
-
Dr Claire Bessant
Socio-legal Scholar and Associate Professor, Northumbria University, UK
Dr Claire Bessant is an Associate Professor at Northumbria University Law School. She is also a fellow of the civil society organisation Connected by Data. Claire’s research explores the impact of technology upon children’s privacy. Drawing upon expertise in family law, privacy and data protection, she is particularly interested in exploring how parents exercise their privacy stewardship role and how children can best be supported to understand and express views on how their data is used. Claire has written extensively on the sharing of children’s images on social media, by parents and schools.
-
Dr Oliver Butler
Assistant Professor in Law, University of Nottingham, UK
Dr Oliver Butler joined the School of Law as an Assistant Professor in Law in September 2021. He read law at the University of Cambridge, graduating in 2010. He received a Distinction on the BCL at the University of Oxford in 2011, where he was the Supperstone Law Scholar and received the Faculty Prize in Constitutional Theory. He graduated from the LLM at Harvard Law School in 2012, which he attended on a Herchel Smith Scholarship. He received the Princess Royal Scholarship from Inner Temple and was called to the Bar of England and Wales in 2013. Oliver then worked at the Law Commission of England and Wales as a research assistant on the Data Sharing between Public Bodies project, which published its report in 2014. Oliver returned to the University of Cambridge for his PhD funded by the AHRC, on the development of information law in the UK and Europe, which he completed in 2018. From 2017 to 2021, he was a fixed-term Fellow at Wadham College, University of Oxford, jointly with a research fellowship at the Bonavero Institute of Human Rights. During that time, he taught constitutional, administrative and human rights law on the BA and BCL and researched emerging digital rights.
-
Beatrice Cavicchioli
Senior Privacy & Product Counsel, k-ID, UK
Beatrice is a dual qualified lawyer specialised in data protection and children's online safety.
With past experiences ranging from SMEs to tech giants and European supervisory authorities, she uses her regulatory, policy, and in-house legal experience to advise digital businesses on their data protection challenges and building privacy programmes that scale.
-
Ellie Colegate
PhD Researcher, Online Safety in the UK, ICT Law, University of Nottingham and EPSRC Horizon Centre for Doctoral Training, UK
Ellie is a final-year PhD researcher at the University of Nottingham’s School of Law and the EPSRC Horizon Centre for Doctoral Training. She conducts multidisciplinary research that integrates methods and insights from both law and computer science to explore how laws governing technology affect end users. Her expertise encompasses the broad field of online safety laws and regulations, particularly in user-generated content moderation. Her current project evaluates the appropriateness of the UK’s Online Safety Act 2023, considering the lived experiences of young people with legal but harmful content online.
-
Colette Collins-Walsh
Head of UK Affairs, 5Rights, UK
Colette Collins-Walsh is Head of UK Affairs at 5Rights which advocates for the consideration of children’s rights and needs in the design and deployment of digital products and services. 5Rights work is informed by the UN General Comment No. 25 on children’s rights in the digital environment, for which it chaired the Steering Committee, and its activities span across advocacy, compliance, youth engagement and research. In the UK, 5Rights developed and made the case for the Age Appropriate Design Code which has driven the biggest design changes in tech since GDPR and successfully campaigned for ground breaking protections for children in the Online Safety Act. Colette has extensive political and government experience, having worked in the Department for Education, House of Commons, as well as for the strategic advisory firm Hanbury Strategy.
-
Julie Dawson
Chief Policy & Regulatory Officer, Yoti, UK
Julie Dawson, Yoti’s Chief Policy and Regulatory Officer, is an internationally recognised authority in digital identity ethics and regulation. She leads Yoti's regulatory and government relations at Yoti, outlining Yoti’s approaches to responsible and secure identity verification, whilst developing the latest policy approaches for age-appropriate access and fraud prevention, setting industry benchmarks for transparency.
Her expertise positions her as a trusted voice at the forefront of global digital identity transformation, exemplified by her influential roles in organisations such as the World Economic Forum Global Coalition on Digital Safety, WeProtect Global Alliance, techUK Growth Council & Digital Identity working group, and the UK Government's Digital Identity & Attributes Oversight Board.
-
Jonathan Dunne
Jonathan Dunne, Director, Regulatory Affairs, Google, UK
Jonathan Dunne is a Director at Google and leads a team of specialist lawyers handling cross border GDPR and national ePrivacy inquiries across EMEA. He also engages with regulatory authorities & industry bodies to drive responsible data innovation, help create valuable products and services for users globally across Google’s extensive range of products and technology, and evolve Google’s Privacy Programme & governance processes to align with international laws and regulatory feedback. Prior to Google, he worked both in-house and at leading technology practices advising both private and public clients on a range of technology projects. He is dual qualification in Ireland and England & Wales.
-
Jane Finlayson-Brown
Partner and Global Co-Head of Digital, Data, IP and Technology, A&O Shearman, UK
Jane regularly advises companies on innovative and frontier technologies that rely on the process of biometric data. These projects often involve grey zone areas where there is a heightened privacy risk, where Jane helps companies make strategic decisions. She also advises on the use of data in the provision of consumer and business products, including on issues relating to repurposing of data, profiling, AI, ad-tech and direct marketing and on a wide range of other data protection issues such as data subject requests, data security breaches, data protection investigations, cross border data transfers, transfers of data to overseas regulators, customer relationship management, employee monitoring, data protection policies and procedures and website compliance issues.
-
Anna Gamvros
Anna Gamvros, Partner and Head of Asia Pacific Privacy and Cyber, A&O Shearman, Hong Kong/Australia
Anna is Head of Asia Pacific Privacy and Cyber.
Anna focuses on privacy and data protection; cybersecurity and breach response; technology agreements; cloud and digital transformation projects; and technology regulatory issues.
Anna is one of the leading data protection lawyers in Asia-Pacific and has worked on some of the largest and most high-profile cybersecurity breaches in the region involving a variety of threats and threat actors. She has experience in dealing with regulators across multiple jurisdictions in terms of both making data breach notifications and handling investigations with respect to data breaches and non-compliance with privacy laws.
Anna had more than 20 years of experience in Hong Kong, and is admitted as a solicitor in Hong Kong as well as being admitted in Australia. She has a wealth of experience in advising clients on multi-jurisdictional projects involving data management and transfer, with particular experience advising on Hong Kong and China based projects.
-
Hannah Heilbuth
PhD Researcher, University of Nottingham and EPSRC Horizon Centre for Doctoral Training, UK
Hannah is a third year PhD researcher in the University of Nottingham’s School of Law and the EPSRC Horizon Centre for Doctoral Training. Her work explores experiences of consumer harm in video games caused by game design and the extent to which existing UK consumer law protects gamers from this harm. This research is currently focused on understanding instances where gamers play a video game more than they meant to and whether this is an issue in need of a legal solution. She is using an interdisciplinary methodology that combines doctrinal legal analysis with empirical, qualitative, Human-computer interaction (HCI) methods.
Hannah is also interested in how information is presented to consumers and how products can be designed to help consumers make more informed choices. -
John Kavanagh
Privacy and Security, Public Policy Europe, TikTok, UK
John is the data protection and security expert within TikTok’s European Government Relations and Public Policy Unit since 2023. He covers data protection across a number of key areas such as user transparency, data sovereignty and cross-border data transfers, trade, digital advertising, privacy enhancing technologies, and cybersecurity. He is active across Europe, covering both EU-level data developments and national-level initiatives.
John was previously a director at the Information Commissioner’s Office (ICO), where he spent 10 years across a number of policy areas – including central government liaison on major data-centric projects, the drafting of the DPA2018 and the later ongoing reforms.
John has been an active international participant in regulatory forums, including representing the ICO at the Global Privacy Assembly throughout its chairmanship of the assembly.
-
Patricia Kosseim
Information and Privacy Commissioner, Information and Privacy Commissioner of Ontario, Canada
Patricia Kosseim brings to her role as Commissioner significant experience and a wealth of knowledge in the areas of privacy and access law, having worked in public, private and health sectors, and across various jurisdictions.
Previously, Patricia was counsel in Osler's Privacy and Data Management Group and served for more than a decade as senior general counsel and director general at the Office of the Privacy Commissioner of Canada.
She has held executive positions at Genome Canada and the Canadian Institutes of Health Research, and has taught part-time at the University of Ottawa, Faculty of Law.
Patricia obtained her business and law degrees from McGill University, and a Master’s Degree in Medical Law and Ethics from King’s College, University of London, UK.Patricia is a member of the Law Society of Ontario and the Barreau du Quebec, and is fluently bilingual in English and French.
-
Andy Lulham
Chief Operating Officer, Verifymy, UK
Andy Lulham has 20 years' experience in age-restricted and heavily regulated sectors, with leadership roles across regulatory affairs and policy, marketing, commercial and international operations.
Now COO at leading safety tech provider Verifymy, Andy has led the company's collaboration with media and data protection regulators globally.
Verifymy's vision is to safeguard children and society online, utilising a suite of frictionless, trustworthy solutions for online platforms to maintain their integrity, protect their reputation and safeguard their users.
Founded in 2019, Verifymy's solutions span age verification and estimation, identity authentication, content moderation and consent management.
The company partners with global brands across social media, eCommerce, online video gaming and adult entertainment to ensure compliance against a fast-changing regulatory environment, including various pieces of US state legislation, the EU’s Digital Services Act and the UK’s Online Safety Act.
-
Shanna Pearce
Managing Counsel, Ecosystem Safety, Epic Games, USA
Shanna Pearce is Managing Counsel of Ecosystem Safety at Epic Games. Her team advises on online safety, children's privacy, age-appropriate design, family features, social features, and ecosystem protection such as fraud and cheat detection. Prior to joining Epic Games, Shanna worked in private practice as a privacy and security advisor and consumer class action litigator.
-
Jen Persson
Director, Defend Digital Me, UK
As founder of the not-for-profit organisation, Defend Digital Me, Jen campaigns for children’s privacy and digital rights in the state education system in England and beyond. Defend Digital Me reports and research are available at defenddigitalme.org/research including on AI, Biometrics, EdTech, and Data Protection law. Jen is a current contributor to the Council of Europe digital citizenship working group on AI and Education, and supported the Committee of Convention 108 in the drafting of Council of Europe Guidelines for Data Protection in Education Settings, adopted in 2020.
-
Ross Phillipson
Partner, A&O Shearman, Australia
Ross is an experienced data protection and privacy, cybersecurity and information governance lawyer. His experience spans data protection and privacy, cybersecurity governance and incident management, artificial intelligence, and operational resilience. This unique and highly specialised skillset was developed in Europe initially, while working for Procter & Gamble, a leading multinational Fortune 10 FMCG company, and more recently in law firms in the Asia Pacific region. Ross advises clients across all sectors on matters relating to technology regulation, including online safety, digital advertising, privacy and data management. Ross is based in Australia at a top tier law firm and advises clients throughout the Asia Pacific region.
-
Siobhan Pointer
Director of Children’s Strategy, Information Commissioner's Office, UK
Siobhan Pointer, Director Children’s strategy, leads the ICO’s programme of work to deliver the Children’s code strategy. Launched in April 2024, the strategy is focused on driving improvements in how social media and video sharing platforms protect children’s personal information. It is a key part of the ICO’s work to ensure that the internet is privacy-friendly and safe for children and young people. Prior to the ICO, Siobhan has had an extensive career in consumer, competition and regulatory policy issues, including at Ofcom where she led projects across a range of fixed and mobile communications, broadcasting and digital markets issues.
-
Erin Stephens
Data Protection Officer, BBC, UK
Erin is the BBC’s global Data Protection Officer with responsibility for data protection risk management and compliance across 60 jurisdictions.
A dually qualified solicitor with significant in-house expertise in commercial, administrative, data protection, and information law, as well as major projects.
Erin has a background in developing and implementing data protection strategies and compliance frameworks, managing data breaches, and ensuring compliance with the GDPR and other international data protection laws. She has also been key in facilitating the implementation of wider data strategies, ensuring integration with organisational objectives, data governance initiatives and data privacy regulatory requirements.
Erin is also the current Chair of the European Broadcasting Union (EBU) DPO Group, and actively contributes to the advancement of data protection practices within the public service broadcast sector in the UK and EU.
-
Steve Wood
Special Advisor on Data Protection, A&O Shearman, UK
Steve joined A&O Shearman in 2022 as special adviser on data protection.
Prior to this, Steve spent 15 years at the UK ICO and took up his role as Deputy Information Commissioner in 2017. As Deputy, Steve was responsible for ICO policy development and regulatory strategy.
During his time at the ICO, Steve also held the position of Head of International Strategy and Intelligence, responsible for overseeing the ICO’s international strategy, the ICO’s intelligence hub and management of high profile cases; and the roles of Head of Policy Delivery and Assistant Commissioner for FOI Policy.
Steve was instrumental in shaping the UK position on the General Data Protection Regulation during its negotiation and then on guidance for its implementation. He also has extensive experience of international institutions such as the EU EDPB and OECD, including chairing an OECD Working Party. Steve oversaw the development of the ICO’s policy approach to the Freedom of Information Act in the formative stages of its introduction. This included guidance and position at Information Tribunal appeals. He led the ICO’s approach to major cases such the Iraq Cabinet Minutes, MPs’ expenses, Hillsborough and ClimateGate.
-
Stewart Dresner
Chief Executive, Privacy Laws & Business
Stewart graduated from the University of Lancaster in Politics and Marketing. In 1975 Stewart initiated research on Open Government at the UK Consumers’ Association. He then made an independent trip to the USA and Canada, meeting consumer advocates, politicians and journalists researching Freedom of Information (FoI) and privacy legislation. He had articles published in The Geographical Magazine, in 1977 on the use of the FoI Act by the Navajo Tribe of Arizona, and The Times in 1978 on the use of the FoI Act to improve car safety. In May 1980, the Outer Circle Policy Unit published his Open Government: Lessons from America. His career included consumer research and working for The Economist as a business journalist where he wrote occasionally on privacy laws and honed his skills as an investigator and writer.
He launched the Privacy Laws & Business Newsletter in February 1987. In October 1988 he organised PL&B’s first international conference. Stewart co-founded and chaired the UK’s Data Protection Forum, and has spoken at conferences around the world. He lives and works in Pinner, has a beautiful wife, who wrote this, and 3 adult sons.