Programme Advisory Committee

Peter Hustinx

Peter Hustinx was the first European Data Protection Supervisor from January 2004 until December 2014.

From 1991 until 2004, he was president of the Dutch Data Protection Authority, and from 1996 until 2000, he was also chairman of the EU’s Article 29 Working Party.

He has been closely involved in the development of data protection law from the start, both at national and various international levels.

He received law degrees in Nijmegen, the Netherlands, and in Ann Arbor, Michigan, USA.

In July 2015 he received an honorary doctorate from the University of Edinburgh for his work in the field of information privacy and data protection.

Early 2015 he was appointed Member of the Board of Directors of the International Association of Privacy Professionals (IAPP).

Since December 2017 he has also been a Member of the Board of Directors of the Center for Democracy & Technology (CDT) in Washington DC.

In January 2019 he was appointed Non-Executive Director of the UK Information Commissioner’s Office.

Besnik Dervishi

Besnik was appointed Information and Data Protection Commissioner in 2014. Prior to this appointment, he occupied the positions of Prefect of Vlora District and earlier of Tirana District, Member of Parliament, Minister of Territorial Adjustment and Tourism, Deputy Minister, Secretary-General, as well as director and lawyer in various departments. He is a graduate of the Law Faculty of Tirana University and a licensed advocate. In his career, Besnik has also served as judge in the Tirana District Court, as legal adviser and national security adviser in the PM’s Cabinet, and as advisory board member of the Institute for Public Administration Training.

He has attended many training programmes at various institutions, and contributed in the frame of the constitutional and electoral reforms, drafting of legal acts in the domain of public administration, human rights, property, territorial adjustment, infrastructure and tourism. He has published numerous articles and research papers in the domains of legislation, public administration, European integration, etc.

Finally, he lectures at the School of Magistrates, the Albanian School of Public Administration and a few Albanian Universities.

Dr. Francisco Javier Acuña Llamas

He has a Degree in Law from the Regiomontana University and a Doctorate in Political Science and Sociology from the Complutense University in Madrid. He was a Professor at the graduate program on Information Law at the National Autonomous University of Mexico (UNAM).

He has authored several books and publications on matters related to Human Rights and Discrimination; Electoral Transparency; Right to Information; Transparency and Corruption; Personal Data and Access to Information, among others. He is currently a columnist for the Mexican newspapers “Excélsior” and “El Financiero”.

He was the Coordinator for Information, Documentation and Transparency at the Electoral Tribunal at the Judicial Power of the Federation from 2011 to 2014. On May 14th, 2014, he became a Commissioner of the then Federal Institute for Access to Information and Data Protection (IFAI). On May 12th, 2017, the National Institute for Transparency, Access to Information and Personal Data Protection´s (INAI) Plenary elected Francisco Javier Acuña Llamas as President Commissioner for the 2017-2020 period.

Isabel Davara F. de Marcos

• Attorney at law in Mexico and Spain.
• Partner and Founder of the Law Firm Davara Abogados, specialized Legal Boutique in Information and Communication Technologies.
• Privacy professional certified in Management, Europe, USA, and Fellow in Privacy (CIPP/E, CIPP/US, CIPM & FIP) by the International Association of Privacy Professionals (IAPP).
• Professor of Law, at ITAM in Mexico City and Invited Professor to several Universities (in Mexico and abroad).
• Lecturer in more than 300 specialized forum in Mexico and abroad.
• Author and co-author of more than fifteen books and more than 100 specialized papers and essays.
• Member of the Illustrious Mexican School of Lawyers (INCAM), the Mexican Bar Associations (BMA), Spanish Bar Association (INCAM-Madrid), American Bar Association, International Association of Privacy Professionals (IAPP), The Information Accountability Foundation (IAF), The National Association of Corporate Lawyers (ANADE), The American Chamber of Commerce of Mexico and the National Association of Doctors of Laws Legal and VP of the Mexican Internet Association (AIMX),.

Mr. Noboru (Nobi) Yamaji

Mr. Noboru (Nobi) Yamaji was appointed to Commissioner for International Cooperation of the Personal Information Protection Commission, Japan, in April 2019 and leads the enhancement of international cooperation with his global business experience.

He has had management experience at the global corporations. Prior to his appointment to the Commissioner for International Cooperation, he had been working on a global scale at Mitsubishi Corporation, one of the largest trading companies in Japan, and its subsidiaries including in Australia, the UK and New Caledonia. After that, in 2010, he was appointed as President and Representative Director of Rio Tinto Japan Limited. Since 2016, he has been also serving as the Chairman and Representative Director of Dampier Salt. He is the Vice Chair of Australian and New Zealand Chamber of Commerce in Japan. He graduated from Keio University, London School of Business Strategic Leader Program and China Europe International Business School SL Forum. He is fluent in English, French and now taking up Chinese.

Omer Tene

Omer Tene is Vice President and Chief Knowledge Officer at the IAPP. He is an Affiliate Scholar at the Stanford Center for Internet and Society; and Senior Fellow at the Future of Privacy Forum. He was appointed to the Arbitration Panel under the U.S.-EU Privacy Shield Agreement, and served as Rapporteur for the 30-year review of the OECD Privacy Guidelines.

Together with Jules Polonetsky and Evan Selinger, he co-edited the Cambridge University Press book Consumer Privacy. He has authored articles on privacy and data protection appearing in law and technology reviews of Yale, Stanford, Northwestern, Vanderbilt, George Mason, University of North Carolina, Fordham, Ohio State and more.

Chawki Gaddèss

Publicist Lawyer, University Lecturer at the University of Carthage since 1988, specializing in information technology law, data protection and the right of access to information.

Secretary-General of the Tunisian Association of Constitutional Law from 1991 to 2017, has ensured the follow-up of the drafting of the constitution of 2014.

Member of the Investigation body on the Facts of the Revolution, Coordinator of the International Electoral Expert Missions, Member of the Cabinet of the President of the Higher Independent Electoral Body in 2011.

Editor of the draft electoral law for local authorities and member of the drafting team of the decentralization code.

President of the national authority for the protection of personal data (INPDP) since May 2015 and renewed for a second term in May 2018.

He worked for the Tunisian state to adopt the Council of Europe Convention 108. Tunisia has been a member since November 2017. He pushed for Tunisia to sign the 108+ Convention on 24 of May 2019.

Drafter of the new law on the protection of personal data integrating the standards of the RGPDP. The project was adopted by the Council of Ministers on 8 March 2018, currently pending before the parliamentary commission.

President of the French Association of Personal Data Protectors (AFAPDP) since February 2019.

Steve Wood

Steve took up the position of Deputy Commissioner in June 2017. A member of the Executive Team, he is responsible for leading the work of the Policy Directorate, ensuring delivery of ICO strategic goals through stakeholder liaison, guidance, research and international activity.

Prior to this appointment, Steve was Head of International Strategy and Intelligence, responsible for overseeing the ICO’s international strategy, the ICO’s intelligence hub and management of high profile cases. At the ICO he has also held the roles of Head of Policy Delivery and Assistant Commissioner for FOI Policy.

Before joining the ICO Steve was a Senior Lecturer in Information Management at Liverpool John Moores University.

Sophie Kwasny

Sophie Kwasny is the Head of the Data Protection Unit of the Council of Europe (France). She drunk the data protection potion eight years ago, and hasn’t been able since to do anything else than think about personal data, fair processing, transborder flows, purpose specification or accountability. She takes her daily prescription of Privacin+ and is responsible for standard-setting (notably the modernisation exercise of the global data protection Convention) and policy on data protection and privacy.

Sophie relentlessly promotes Convention 108+ and its principles in all corners of the planet and actively provides PETs (privacy enhancing technical support) to countries seeking support in their legislative process or implementation capacities. She is a graduate of the Strasbourg Law University and has been working for the Council of Europe for over 20 years on a variety of topics such as prisons’ reforms, medical insurance, independence of the judiciary or nationality law.

Marc Rotenberg

Marc Rotenberg is President of the Electronic Privacy Information Center (EPIC) in Washington, DC, an independent, non-profit organization, established in 1994, to focus public attention on emerging privacy and civil liberties issues. Mr. Rotenberg also teaches at Georgetown Law. He is the co-author (with Anita Allen) of the textbook Privacy Law and Society (West Academic 2016).

Marty Abrams

Marty Abrams is an information policy theorist. For the past 30 years he has originated and implemented policy concepts intended to reduce the friction between innovation and persons’ expectations for obscurity, control and fair processing. Abrams founded the Information Accountability Foundation in 2013 which he leads. The IAF is a non-profit research and education think tank that was the incorporation of the Global Accountability Dialogue. Based on accountability the IAF has pioneered work on ethics based AI, assessment processes to assure fair processing in advanced analytics, and means for freeing date for knowledge creation in a trustworthy manner. Formerly he founded and led the Centre for Information Policy Leadership. He has conducted projects in North and South America, Europe, Asia and Australia. Abrams was also Vice President Information Policy at Experian and Community Affairs Officer Federal Reserve bank of Cleveland. Abrams has served on the ICDPPC open session program advisory committee on eight occasions.

Gabriela Zanfir

Gabriela Zanfir-Fortuna is Senior Counsel for the Future of Privacy Forum, a think-tank based in Washington DC, where she leads the work on European privacy law and policy and its impact on all focus areas of the FPF, including de-identification, AI, mobility, adtech and education. She is also independently consulting different types of organizations, from universities to multinationals, on their privacy compliance programs.

Gabriela is a project scientist for the Institute for Software Research of Carnegie Mellon University, supporting the IoT Privacy Infrastructure project with data protection law counsel.

Before moving to the US in 2016, she worked for the European Data Protection Supervisor in Brussels, both in policy and enforcement, and she participated to the work of the Article 29 Working Party. Gabriela obtained her PhD in law in 2013, from the University of Craiova, Romania, with a thesis on the rights of the data subject and their adjudication in civil law.

Graham Greenleaf

Graham Greenleaf AM is Professor of Law & Information Systems at UNSW Australia where he has researched and taught the relationships between information technology and law since 1983. He has degrees in Arts and Law, and is a Fellow of the Australian Computer Society. In 2010, he was made a member of the Order of Australia (AM) for his contributions to advancing free access to legal information, and to the protection of privacy, and in 2017, was elected as a Member of the Australian Academy of Laws.

Graham has been involved in privacy issues since the mid-1970s. Asian Data Privacy Laws: Trade and Human Rights Perspectives (OUP, 2014; paperback 2017) is a study of privacy and data protection in all 28 countries in Asia. He is Asia-Pacific Editor for Privacy Laws & Business International Report, which in 2019, published his 6th Global Survey of Data Privacy Laws and DPAs, covering 134 countries. He is co-editor of the new Oxford Data Protection & Privacy Law Series (OUP, 2019).

He is the founder of the Asian Privacy Scholars Network, a board member of the Australian Privacy Foundation, and the editor of WorldLII’s International Privacy Law Library. He has completed six consultancy projects for the European Commission, advising on the level of privacy protection provided in various Asia-Pacific countries. He has over 100 articles about data privacy on the free access SSRN service.
Details of his other research on public rights in copyright, ‘AI and law’, and free Internet access to legal information, are on his website at