Review 2023

Dr. Stefanie Beckmann is Director of Digital Media Ecosystem at Seven.One Entertainment Group GmbH, a wholly-owned subsidiary of ProSiebenSat.1 Media SE. Since October 2020, the platform-independent entertainment company combines all the channel brands of the group, as well as the content, digital, distribution, and marketing business under one roof. Seven.One Entertainment Group is considered an innovation driver in the AdTech field and stands for strong content brands that DACH talks about – on all platforms. Beckmann joined ProSiebenSat.1´s entertainment segment in 2017, orchestrating ad integration and media sales for ProSiebenSat.1´s streaming platform Joyn, spearheading the development and scaling of data-driven ad products and leading strategic privacy projects, among others. Prior to Seven.One Entertainment Group, she was CPO/COO/CFO of several start-ups, held senior roles in a consulting firm and a publishing group and served as personal assistant to Dr. Otto Graf Lambsdorff, former German Minister of Economics and Labor. 

Since April 2022, she is (reelected) member of the IAB Europe Board of Directors and active in Data/Privacy-related committees of IAB Europe and BVDW.

Kirsten Bock studied law in Kiel and in Guildford/UK with a focus on legal philosophy and legal logic. She works as a data protection officer at the Stiftung Datenschutz (Data Protection Foundation) and has many years of experience from the supervisory authority sector and from working groups of the European Data Protection Committee (EDSA). Since 2022, she has been an advisory board member of the Federal Government's Science and Innovation Advisory Board on Register Modernisation. She conducts research on fundamental ethical and societal issues of data protection and digitisation, the Standard Data Protection Model (SDM), data protection impact assessments and regularly publishes technical papers and at @privacyDE@legal.social.

Dr. Martin Braun is a partner of the international law firm WilmerHale, and a Certified Information Privacy Professional/Europe (CIPP/E). He advises national and international clients on a broad range of issues of data protection and information technology law, including international data transfers, outsourcing, social media, software licensing and artificial intelligence. He has also been part of the WilmerHale team which has litigated a significant number of data protection cases before the Court of Justice of the European Union, including Schecke, Wirtschaftsakademie Schleswig-Holstein, Fashion ID, Land Hessen, Google (Territorial scope of de-referencing), and SRB v EDPS. 

Dr. Martin Braun is a frequent speaker at major conferences, and the author of numerous articles and commentaries, including contributions in Ehmann/Selmayr, DSGVO, Taeger/Gabel, DSGVO, and Koreng/Lachenmann, Formularhandbuch Datenschutzrecht.

Elizabeth Cole's practice encompasses data privacy, cybersecurity, compliance, employment and general corporate and commercial issues. She has practiced in Australia, China, Hong Kong, Indonesia and Singapore and has diverse experience representing multinationals throughout the Asia-Pacific region including advising and assisting a variety of clients on compliance with data privacy regulations, e-commerce contracts, and related dispute resolution and regulatory responses.

Holm Diening is Chief Security Officer at gematik and has worked for the company since 2012. Here he was initially responsible for setting up the cross-provider information security management system (ISMS) of the telematics infrastructure. Since 2015, he has headed the Data Protection and Information Security department, and since 2020, the Security division. 

Born in Potsdam, he has been at home in the field of information security since 1999. While still studying electrical engineering, Mr Diening began working as a consultant for information security, first independently and later as an employed senior consultant at a Berlin-based consulting firm. Here he mainly supervised the development of information security and business continuity management systems, most recently mainly in companies in the energy supply industry.

Rachael is a Privacy Policy Manager EMEA in Meta where she works on youth privacy issues and manages external stakeholder relationships in the EMEA region. Previously, Rachael worked in Deloitte Ireland’s Data Privacy Team where she worked on GDPR implementation programmes for large multi-national companies. Prior to this Rachael was a Senior Policy Officer with the UK data protection authority, the Information Commissioner’s Office (ICO) where she was responsible for advising organisations on compliance with data protection law, identifying systematic practices that failed to deliver positive information rights outcomes for individuals and helping to propose solutions.

Natascha Gerlach holds the position of Director of Privacy Policy for the Center of information Policy Leadership (CIPL) in Brussels. Her work is focused on a range of privacy and data related topics including cross-border data flows, AI, data ethics and data governance. Before joining CIPL, Natascha was a Senior Attorney with Cleary Gottlieb in their Brussels office, where she headed Cleary’s European eDiscovery group leveraging her experience in US eDiscovery by implementing new technologies and operationalizing the team. Natascha was also a senior member of Cleary’s Data Privacy group and advised clients on a wide array of data privacy issues, with a special focus on the cross section of international discovery and data protection. Natascha is Chair Emerita of The Sedona Conference Working Group 6 on International Electronic Information Management, Discovery and Disclosure (WG6) Steering Committee. She is on the advisory board for the Georgetown Law AEDI and has been on the ABA CBI Steering Committee since its inception in 2017. Natascha publishes regularly on data protection topics and is a frequent speaker at relevant conferences.

As Managing Director, Heiko Gossen is responsible for the consulting fields of data protection and management systems with 20 consultants and auditors within migosens. 

He gained his practical experience in data protection both as an internal data protection officer (Telefónica Deutschland) and data protection auditor (Telefónica O2) and later as an external data protection officer (including Postbank Systems and Amprion). 

Since 2012, he has also audited many companies as a lead auditor on behalf of TÜV Rheinland in the ISO 27001 and ISO 27018 standards, among others. Heiko Gossen also hosts the podcast "Der Datenschutz Talk" and is chairman of the data protection working group at Bitkom e.V.

Alex Greenstein has been Director, Data Privacy Framework at U.S. Department of Commerce since July 2023.  Prior to that, he was Director of the EU-U.S. Privacy Shield program. In this role, he was responsible for management and administration of the Privacy Shield program, as well as policy regarding transatlantic data privacy, data flows, and digital trade issues. Prior to joining the Commerce Department, Alex served as Senior Advisor in the Office of the Coordinator for Communications and Internet Policy at the U.S. Department of State. In that role, he was responsible for global data privacy issues, surveillance, law enforcement access to data, civil liberties, data flows, digital trade, as well as digital economy policy in Europe. Previously, from 2016 to 2017, Alex served at the White House as Senior Policy Advisor for Economic and Technology Policy at the National Economic Council. His responsibilities included EU-U.S. Privacy Shield implementation, EU Digital Single Market engagement, G-20 digital economy outcome negotiations, China digital economy and cybersecurity issues, APEC Cross-Border Privacy Rules expansion, and a range of other matters at the intersection of technology and foreign policy. From 2015 to 2016, Alex served as Director for the European Union, Southern Europe, and European Economic Affairs at the National Security Council, and oversaw negotiation of the EU-U.S. Privacy Shield. Alex was a career Foreign Service Officer with the U.S. Department of State for 18 years. Alex holds a B.A. in International Economics and Russian Studies from George Washington University.

David Higgins is Sr. Director, Field Technology Office PAM & Identity Security at CyberArk. Since joining CyberArk in 2010, David has worked to help the world’s leading – and most complex – organizations secure and protect their privileged access. Today David works with clients to advise on threats associated with privileged escalation, lateral movement and credential theft as well as discussing best practices and driving innovation around privileged management processes. David is a frequent speaker at events as well as with media. He holds a BSc. in Computer Systems and Information Systems.

Charlotte is Head of Government Relations - Europe, Middle East and Africa for Zoom Video Communications. 

Charlotte is also a Board Member of TechUK. She is a former political adviser and has previously worked at the RSA, techUK and The Work Foundation. She has served on the Smart London Board for the Mayor of London and a former policy fellow at the Centre of Science and Policy at the University of Cambridge.

Dr. Christian Jaksch, LL.M. works as Compliance & Legal Lead at CARIAD SE in the department of Integrity, Compliance & Data Protection and currently advises the cross-brand bundling of the software development activities in the in the Volkswagen Group. He is particularly concerned with issues related to vehicle data processing and the implementation of data protection in the context of software development. Before joining CARIAD SE, Dr. Christian Jaksch worked for the Group Data Protection Officer of Volkswagen AG. Dr. Christian Jaksch studied law with a focus on International Law, followed by PhD studies (University of Vienna, Leibniz University Hannover) with a PhD at the University of Vienna. In addition, he completed a postgraduate master's degree (LL.M.) in information and media law. He regularly publishes on data protection law topics in German and Austrian journals.

With over 5 years of experience in data protection, Fabian Jendrejewski is dedicated to helping companies operate in a data protection compliant manner and process their data securely. His expertise spans across different industries and allows him to develop specialised and customised solutions that meet the business needs of our clients. Furthermore, his experience as a speaker allows him to train specialists and managers in the area of data protection.

Prof. Dr Tobias Keber has been the State Commissioner for Data Protection and Freedom of Information of Baden-Württemberg since 1 July 2023. 

Tobias Keber was Professor for Media Law and Media Policy in the Digital Society, Stuttgart Media University (HdM), lecturer for Internet Law in the Master's programme Media Law at the Mainzer Medieninstitut at the Johannes Gutenberg University Mainz as well as in the steering committee of the Institute for Digital Ethics (IDE) at the Stuttgart Media University. Before his academic career, he was a lawyer. Keber is chairman of the scientific advisory board of the Gesellschaft für Datenschutz und Datensicherheit (GDD) (Society for Data Protection and Data Security), editor of the trade journal Recht der Datenverarbeitung (RDV) (Data Processing Law) and author of numerous specialist publications on national and international media, IT and data protection law.

10 years experience in the digital industry, both at IBM and Google. Various functions across consulting, sales, marketing and go-to market.

Corinna Klaes is Solution Specialist for Customer Intelligence 360 at SAS and involved in acquiring and advising customers to ensure a successful implementation of the software into their MarTech stack. With more than 10 years of experience in marketing and sales it is her passion to guide customers on their road to digital transformation, ensuring enablement and education in organizations. Therefore she sees herself not as a saleswoman but as a superwoman for digital success, in order to prepare the market regarding CX topics and to point out opportunities. She is also involved in the development of use cases, marketing activities and content creation to ensure practical relevance and to address current trends in the relevant industries.

Thoralf Knuth is a lawyer for compliance and data protection and heads data protection and information security at Bosch. He is the Corporate Privacy Officer for Bosch.

Volker Lehnert, Senior Director Data Protection Cloud ERP: Joined the SAP Group in 2000, initially as a consultant focusing on authorization management, later more generally in Governance Risk & Compliance. Since 2011 in today's SAP SE in the area of data protection in the products, 2012 assumption of product ownership for data protection in SAP Business Suite, 2018 for SAP S/4HANA. Corresponding author of various publications in the areas of authorization management and data protection compliance.

As Managing Director of SCOPE Europe, Gabriela oversees developing, implementing, and disseminating self and co-regulatory tools in the digital industry, such as the EU Cloud Code of Conduct, a market standard for GDPR compliance in the cloud sector. Together with SCOPE Europe’s growing team, Gabriela is actively working on fostering trust in the digital economy by advancing effective solutions for today’s regulatory challenges. She is an economist and a certified data protection officer who has studied and worked in different countries and is fluent in Portuguese, French, English, and Spanish.

Michael Neuber is Government Affairs and Public Policy Senior Manager at Google. As Head of Data, Privacy and Security, he is responsible for the areas of Ads Privacy and Google Cloud, among others. Previously, as a lawyer and general counsel, he advised the Bundesverband Digitale Wirtschaft (BVDW) e.V. and its members on legal issues in the areas of data protection, IT, copyright and media law. He previously worked as a lawyer in a law firm specialising in IT and media law in Berlin. Neuber was, among other things, an expert in the legal committee of the Bundestag and has been a lecturer at the Berlin School of Economics and Law (HWR) since 2009. Neuber is a deputy board member at Selbstregulierung Informationswirtschaft e.V. (SRiW) and was an advisory board member at Freiwillige Selbstkontrolle Multimedia-Diensteanbieter e.V. (FSM).

Alexandra Nicklas, CIPP/E, CIPM, DPO(TÜV Cert), leads the global privacy governance and excellence function at food and grocery delivery industry leader Delivery Hero. 

Her practice is dedicated to the continuous enhancement of privacy practices, encompassing the design and implementation of a privacy assessment frameworks and implementation of management action plans. At Delivery Hero, she works closely with tech and product teams, focusing on process refinements, implementation and rollout of innovative privacy solutions in a global organization with operations in more than 70 countries.

A graduate of Telecom ParisTech and Sciences Po Paris, and a Mines engineer, Bertrand Pailhès worked at ARCEP and CNIL in the technology expertise department before joining the office of Fleur Pellerin, Minister for the Digital Economy, in 2013. 

In 2015, he was appointed chief of staff to Axelle Lemaire, Secretary of State for Digital Affairs, where he worked on the Digital Republic Act adopted in October 2016. 

Since July 2018, Bertrand Pailhès has been national coordinator of the strategy for artificial intelligence at the Interministerial Directorate for the Digital Economy. 

He joined the CNIL in November 2019 as director of technology and innovation.

Jelena Pap-Wippler is a data protection consultant at Bitkom Consult. She advises start-ups and small and medium-sized enterprises on data protection. As a speaker at the Bitkom Academy, she trains specialists and managers on data protection issues. Jelena Pap-Wippler graduated in law from the Leibniz University of Hanover and holds a Master of Laws (LL.M.) in business law. As an external data protection officer and certified data protection auditor, she has several years of consulting experience in data protection law.

Attorney-at-law Dr Carlo Piltz is a partner of Piltz Legal, a Certified Data Protection Officer (TÜV®) as well as a Certified Information Privacy Professional/Europe (CIPP/E).
He advises national and international clients on issues of data protection, IT security and IT law, both in day-to-day business and in complex cases and contract negotiations. In addition, he is himself active as an external data protection officer. Dr. Carlo Piltz was invited to serve as an expert in the respective parliaments for both the new version of the Federal Data Protection Act and the Berlin State Data Protection Act. He is part of the editorial board of the journal "Privacy in Germany" (PinG) and since the end of 2019 editor-in-chief of the journal "Datenschutz-Berater". In addition, he runs the internet blog "De Lege Data" on data protection law issues and developments (www.delegedata.de) and can point to numerous publications.

Immo Regener is Senior Manager in PwC Germany's Cloud Provider Risk, Regulatory & Assurance practice in our office in Munich. He gained multi-year experience with Cloud compliance audits as well as consulting projects and has delivered numerous engagements for national and international, large and mid-sized Cloud providers according to various compliance standards, such as BSI C5, ISAE 3402 or SOC 2. Immo was PwC’s project lead when we supported the German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik, BSI) with updating C5 in 2019.

Frederick Richter has been director of the Data Protection Foundation since it was founded in 2013. Previously, he worked as an advisor for network policy in the German Bundestag and as data protection officer for a trade association. 

Frederick studied law at the University of Hamburg and earned a master‘s degree in IT law at the Universities of Vienna and Hanover. 

He is a member of the focus group on data protection of the German government‘s Digital Summit and a member of the advisory board of the research projects AUDITOR – European Cloud Service Data Protection Certification and PANDIA – Platform for the Analysis of Data Usage Conditions of Interactive Assistance Systems. He is a member of the AXA Group‘s Data Protection and Ethics Panel and a regular contributor to the journal Privacy in Germany (PinG).

Owen Rowland is the Deputy Director, Head of Data Protection Policy in DSIT. His key responsibilities include: passage and implementation of the Data Protection and Digital Information Bill; further development of the UK's data protection regime; and sponsorship of the Information Commissioner's Office (ICO). Previously, in the Strategic Centre for Organised Crime in the Home Office, he was responsible for Economic (fraud, bribery and corruption, money laundering, asset recovery) and Cyber Crime. 

Owen’s other roles over 30 years within Whitehall and the European Commission were comprised of a range of crime, policing and security posts, including: 

• Led Design of the National Crime Agency; 
• Head of Drug Strategy; 
• Secretary to the Chilcot Review of Use of Intercept Material as Evidence; 
• Established the first UK civil Counter-Terrorism Science and Innovation Programme; 
• and Lea European Commission accession negotiations on Justice and Home Affairs with Estonia, Latvia and Lithuania.

Started as independent security researcher, went through variety of roles in his professional carrier. Currently in the position of Head of Security in Future Processing. Combining his professional work with the constant search for new knowledge, he received a PhD in computer science. Author or coauthor of more than 20 scientific and popular science articles. Holder of various certifications, e.g. CISSP, OSCP. Constantly finding new challenges.

Dr Frank Schemmel, CIPP/E, CIPP/US, CIPM, CIPT, supports DataGuard since 2018 in various management positions and is currently responsible for the company-wide content and strategic design as well as optimization of the DataGuard service lines "Privacy" and "Compliance", a hybrid model of first-class consulting and support through self-developed, scalable software solutions. As a certified Data Protection Officer (TÜV) and Compliance Officer (Univ.), he advises on all topics of data protection, IT security and general compliance. Before joining DataGuard, he worked for Allen & Overy LLP for five years in the area of data protection and employment law as a consultant and legal project manager. He regularly publishes in relevant media and shares his experience in presentations at universities, conferences and webinars.

Corinna Schulze is Senior Director, EU Government Affairs at SAP since 2014. In her current position, Corinna is responsible for public policy matters related to the Digital Economy, Artificial Intelligence, Data Protection, and Export Control. She followed closely the negotiation and adoption of the General Data Protection Regulation and is now involved in the practical implementation within the company. Corinna chairs the European and External Affairs committee of the SPD Wirtschaftsforum e.V, serves on the Advisory Board of the Future of Privacy Forum (FPF) and is a member of the Digital Economy Advisory Board of the University of Vaasa, Finland. Corinna holds a law degree from the University of Münster, Germany and her bachelor law degree with the district court of Düsseldorf.

Armin Schweinfurth is Business Development Manager at alfaview gmbh. 

As a speaker, he regularly holds talks for the company on the topics of new work, digital leadership and digital communication. 

He also teaches Digital Sales and Digital Business Models as a freelance lecturer at the Cooperative State University Karlsruhe. Furthermore, he is currently completing an MBA program at the ESB Business School in Reutlingen. For the alfa-group, he is responsible for two EU projects: Horizon2020 & Erasmus+. The alfaview videoconferencing software acts as a basis for these research projects in the fields of natural language processing, machine learning and machine translation.

Benedikt is the group data protection officer of the global Delivery Hero group, based in Berlin, Germany. He is also an Of Counsel at the Berlin law firm HYAZINTH, focusing on clients from the tech and online services industry. In addition to data protection and privacy, his practice is focused on payment services and the regulatory aspects of the tech industry as well as consumer protection laws.

Dr Andrea Simándi, LL.M is a senior privacy attorney in Microsoft’s EMEA Legal Central team, heading a group of subject matter experts who support commercial customers’ digital transformation and AI adoption. Prior to this, she has been the head of legal of Microsoft Hungary for five years. She specializes in data protection and the GDPR, cloud computing, AI, intellectual property law and IT law. Andrea was previously heading Bird & Bird’s Hungarian office, and the IPTC group of Linklaters in Hungary.

Barbara Thiel was the State Commissioner for Data Protection of Lower Saxony from 1 January 2015 to 30 June 2023. Prior to that, she held various positions at both the state and municipal level, including at the Lower Saxony Ministry of the Interior, the Lower Saxony State Audit Office and as a department head at the Hannover Region. Barbara Thiel has a teaching position at the University of Göttingen and is the author of numerous publications, expert lectures and commentaries on the GDPR and the BDSG. She is also a member of the editorial board of the ZD.

With about two decades of professional experience, Undine von Diemar advises clients across all industry sectors on their most critical data protection matters, including incident response, internal investigations, international data transfers, and global compliance projects. She defends clients in proceedings before authorities and courts and has a strong track record advising clients on data protection issues in M&A transactions. Drawing on her long-standing data protection and IT experience, she works closely with clients to successfully structure and execute technology transactions related to cloud computing, big data, artificial intelligence (AI), and e-health applications. She also leads Jones Day's European and German Cybersecurity, Privacy & Data Protection Practice. 

Undine has counseled well-known international companies on responding effectively to cyber attacks and data breaches, including engaging with law enforcement authorities and handling notification obligations. 

She advises the Internet Corporation for Assigned Names and Numbers (ICANN) in Europe and globally on all data protection requirements relevant to ICANN. Other representative clients include: SAP, IBM, Experian, BlackBerry and WiseTech. 

Undine is recognized as a leading practitioner by all relevant legal directories (including Chambers, Legal 500, Best Lawyers, Juve, Who's Who Legal, Acritas "Star Lawyer", Wirtschaftswoche). She is co-chair of the Munich KnowledgeNet Chapter of the International Association of Privacy Professionals (IAPP). Undine frequently speaks and publishes on data protection and cybersecurity issues (see for an overview http://www.jonesday.com/uvondiemar/, Speaking Engagements and Publications tabs).

Prof Dr Max von Grafenstein, LL.M. is a professor for "Digital Self-Determination" at the Berlin University of the Arts as part of the Einstein Center Digital Future (ECDF). At the Alexander von Humboldt Institute for Internet and Society (HIIG), he is also co-head of the research programme "Governance of Data-Driven Innovation and Cybersecurity". His research focuses on the regulation of data-driven innovation with an emphasis on "Data Protection by Design". Since October, he has also been the founder and managing director of the academic spin-off Law & Innovation, with which he develops Data Protection by Design solutions, including a consent assistant.

Michael Will was appointed President of the State Office for Data Protection Supervision on 1 February 2020 for a period of five years. 

After studying law in Würzburg and completing his legal traineeship in Bamberg, he began his professional career as an administrative lawyer in the services of the Free State of Bavaria at the government of Upper Franconia in Bayreuth in 1995. After moving to the Supreme Building Authority in the Bavarian State Ministry of the Interior in 1997 and to the Bavarian State Chancellery in 2000, Michael Will became head of the Department of Public Safety and Order in the Landshut District Office in 2002. At the same time, he was Managing Director of the Zweckverband für Rettungsdienst und Feuerwehralarmierung Landshut. In 2006, he returned to the Supreme Building Authority in the Bavarian State Ministry of the Interior as an advisor in the subject area of road law. 

In 2009, Michael Will was appointed Head of the Data Protection Department at the Bavarian State Ministry of the Interior for Sport and Integration. He also held the office of the official data protection commissioner there and was a member of the Data Protection Commission of the Bavarian State Parliament. 

On behalf of the Bundesrat, he accompanied the entire deliberations of the Council Working Party on Data Protection and Exchange of Information (DAPIX) on the EU General Data Protection Regulation (GDPR) from 2012 to 2015 and also performed the tasks of the country observer in the committee pursuant to Art. 93 of the GDPR, which is involved, for example, in the adoption of adequacy decisions by the European Commission.

Jörn Wittmann is Senior Director Public Policy & Legislative Strategy at Volkswagen AG. In his role, among other topics, he is responsible for regulatory aspects related to data protection and the implementation of modern regulatory tools such as privacy Codes of Conduct. Jörn Wittmann is a jurist and certified data protection officer. Before joining Volkswagen AG, he was the Managing Director of SCOPE Europe, a Brussels-based monitoring body for Codes of Conduct, and the Managing Director of its holding SRIW (Self-Regulation Information Economy), a German non-profit organization. He started his career at the University of Göttingen, Germany, in the Department of Civil Law, Commercial and Economic Law, Comparative Law, Multimedia- and Telecommunication Law.

Sven Zehl is Group Security Compliance Officer & Head of Security Compliance at Doctolib. In this important function, he oversees all security-related topics globally and sets new security standards. Previously, he was Information Security Officer in Germany. 

After studying Computer Engineering at TU Berlin, he worked for several years as a researcher for wireless protocol security and security architectures. During this time, he published several scientific papers at leading IT security conferences such as IEEE, ACM or IFIP. 

After his research work, he was head of IoT and Artificial Intelligence at the digital association Bitkom. From 2017 to 2018, he was a member of the advisory board of the German Standardisation Council for Industry 4.0, a member of the expert group "Secure IoT Platforms" of the Digital Summit of the German Federal Government and a member of the German IPv6 Advisory Board. 

From 2019 to 2020, he also worked for Robert Bosch GmbH as a system architect in the Security Governance department, where he was responsible, among other things, for managing Bosch's globally valid Secure Development Lifecycle Processes. For Bosch, he was also appointed as an expert member of ETSI TC Cyber, ISO SC27, CEN/CLC JTC13 and ECSO.