Speakers

John Edwards began his role as UK Information Commissioner on 4 January, 2022.

Mr. Edwards, who joins on a five year term, spent eight years as New Zealand Privacy Commissioner from 2014-2021.

Mr. Edwards was educated in New Plymouth, New Zealand and achieved a Bachelor of Laws and Masters in Public Policy at the University of Wellington.

He worked as a solicitor and barrister in public law and policy for more than 20 years, including time as a policy adviser to the New Zealand Prime Minister and Cabinet around Freedom of Information.

Sapna Arora is a Regulatory Enforcement Solicitor at the ICO. She joined the ICO in 2017. She manages a caseload of Tribunal appeals against the Commissioner’s Decision Notices. Sapna also conducts other civil litigation and provides advice to other departments. Sapna is a Mental Health First Aider and a member of the out of hours personal data breach team. She qualified as a Solicitor in 2014 and has a personal injury and regulatory background.

Freddie Baker is a Senior Policy Officer in the Regulatory Policy Projects team and has been with the ICO since January 2018. He has significant experience of public sector issues and specialises in health and social care policy.

Emma Bate is a Legal Director at the Information Commissioner’s Office, overseeing the Data Privacy Advice and Contracts and Compliance legal teams.

She joined the ICO in 2017 from private practice where she had practiced as a data protection lawyer for 20 years. Emma often complains that her work is always interesting, important, and urgent! She supported the development of the ICO Sandbox, leads the ICO’s legal work on international transfers, and advised on ICO’s approach to controllers, processors and joint controllers for AI, cloud and other complex technology solutions.

Roger Cawthorne is a Senior Case Officer at the ICO. He joined the ICO in 2017 and has handled well over 1,000 FOIA and EIR complaints. His current primary focus is on complaints to organisations in the health, education and transport sectors. Roger is making his DPPC debut.

Deborah Clark has worked in freedom of information since its implementation. She spent 9 years as a Senior Case Officer in ICO before moving onto management roles which have included the Casework team dealing with complaints about the police and justice sector, the Insight and Compliance Team and the FOI Policy team. Deborah Clark is currently managing the ICO’s FOI Upstream Regulation team – a team designed to provide more support for public authorities dealing with FOI requests and to promote good practice.

Aiden Clarkson joined the ICO in 2015. Starting on the helpline, he’s held various roles, including working in the ICO’s own Information Access team, handling FOI and SAR requests. Now he works in the FOI & Transparency Directorate’s Upstream Regulation team, which devises and develops resources to support compliance and good practice.

Clara ClarkNevola leads the AI Compliance group within the ICO’s Technology Department, which provides AI technical and policy expertise to the ICO’s stakeholder engagement and supervision activities. Clara’s recent work at the ICO includes the generative AI call for evidence series, co-producing guidance on privacy enhancing technologies and on anonymisation and leading on the G7 DPAs' Emerging Technologies Working Group case study on synthetic data.

Sarah Coggrave is a Senior Information Access Officer and a member of the ICO’s Information Access Team. She specialises in handling information requests made by current and former ICO employees, but also deals with requests made by the public.

Rob Cole has been with the ICO since 2002. In this time he has worked mostly within our customer facing, advice giving teams as well as our investigation and regulatory action departments.

Steve Connolly is Group Manager for the Network and Information Systems (NIS) Audit Team focusing on cyber security controls and processes in digital service providers. Steve joined the ICO in 2016 and has worked in Customer Contact, the Personal Data Breach Service and GDPR Assurance teams.

Catherine Evans O’Brien is the Head of Communities at the ICO. She is provides strategic direction, coordination and oversight for the ICO’s work with communities, with a particular focus on those who may be in a vulnerable situation, or with unmet needs.

Catherine has extensive experience across both policy and engagement. Before coming to the ICO, Catherine worked within health and social care policy, with a particular interest in older people, people living with dementia, and the introduction of new health technologies.

Alison Fletcher is a Senior Policy Officer and a member of the Public Advice and Data Protection Complaints department. She focusses on updating and creating new guidance for the ‘For the Public part of the ICO website, as well as continuous improvement within the department.

Alice Gradwell began her career at the ICO six years ago, as a Case Officer in Public Advice and Data Protection Complaints Services where she dealt with complaints about the Ministry of Justice. She moved to the FOI complaints department four years ago, where she specialises in complaints about the health and education sector and is part of the training network. This is her second year speaking at the DPPC.

Debbie Heaton is a Senior Policy Officer in Public Affairs. She has a particular interest in data sharing to tackle debt and fraud, including use of the powers under the Digital Economy Act. Debbie is also a network trainer, providing data protection training to new members of ICO staff.

Will Johnson joined the ICO in April 2020 as a Senior Policy Officer. He works in the Regulatory Policy Projects directorate supporting the ICO's regulatory activity with policy development, and has experience in financial services, education, and health & social care.

Sarah Laws is the Data Protection Manager at London Borough of Camden where she is the FOI and data protection lead. Her team won FOI Team of the Year 2023 and Camden are well known for their innovative approach to FOI and transparency. Sarah is a popular speaker on FOI and data protection, and is an advocate for a pragmatic customer focussed approach to information rights.

Kimberly Mai is a Principal Technology Adviser in AI Compliance at the Information Commissioner’s Office She joined in March 2024. She is also a PhD researcher at University College London. Her PhD research on how humans cannot reliably detect speech deepfakes was featured in international news outlets including the BBC, New Scientist, and The Guardian. Kimberly holds a bachelor’s degree in mathematics and economics from the London School of Economics and a master’s degree in data science and machine learning from University College London. Her research interests include anomaly detection, data protection, and AI governance.

David Meller is a Lead Case Officer in the Personal Data Breach Service and has been with the team since May 2023. The Personal Data Breach team’s predominant work is assessing personal data breach reports and providing advice to organisations. David has a background in education, politics and local government.

Laura Middleton became Group Manager for the Personal Data Breach Service in 2017. Laura was previously a Team Manager in Investigations – she now has over 10 years’ experience in dealing with personal data breaches. Laura joined the ICO in 2005.

Daniel Morgan has recently started a new position on the BCRs and International Transfers team, providing assurance on international transfers of personal data. Before this, he worked as a Lead Auditor and carried out data protection and Freedom of Information audits of a wide range of organisations. Daniel started out at the ICO in Business Services, advising organisations from across the economy on their data protection obligations.

Daniel Newbury is a Lead Policy Officer in the Public Affairs Team and joined the ICO in January 2018. Daniel has experience engaging with government departments and agencies, providing advice on matters relating to data protection and privacy, including advising on projects/programmes that involve significant sharing of personal data.

Ribia Nisa joined the ICO in 2018 and worked in Business Advice Services as a Case Officer and then as a Lead Fees Officer.

Currently, working as a Team Manager in Public Advice and Data Protection Complaints department. Ribia’s current areas of focus includes local government, housing, and the gambling sector.

Sharon Nuttall joined the ICO in 2021 and is a Senior Policy Officer in the Regulatory Policy Projects team. Sharon has policy experience across a range of sectors including in the health sector.

Harry Powell became a Senior Engagement and Policy Officer within Business Services in September 2022, a role which looks to maintain and increase the knowledge and understanding of the organisations which contact the ICOs Business Advice department.
Prior to this, Harry was a Lead Case Officer in the Personal Data Breach Service. Harry joined the ICO in 2018.

After being a team manager for many years, Rob took up the role of Senior Engagement and Policy Officer within Business Services in September 2022, This role looks to maintain and increase the knowledge and understanding of the organisations which contact the ICOs Business Advice department.

Kitty Rosser is a Principal Lawyer at the Information Commissioner’s Office, working within the Data Privacy Advice team.

Kitty joined the ICO in 2023, having spent 15 years advising on data protection matters as a lawyer in private practice. Since joining the ICO, the focus of her work has been on international transfers under the UK GDPR and Part 3.

Dominic Smith is a Group Manager in the public advice and data protection complaints department. He has worked at the ICO since 2014 and has experience of covering most sectors, currently with a focus on the policing sector and retail. Dom is also a key lead in driving one of the ICO25 shifts of approach; empathising with customers.

Alex Sykes is a Senior Auditor in the Assurance Department and is responsible for carrying out some of our more complex or high priority audits. He has completed engagements with a wide range of data controllers in both public and private sectors.

Helen Thomas joined the ICO’s team in Wales in 2013, where she is a Senior Policy Officer. Her main areas of interest include the health, education and central government sectors. Prior to that Helen was a civil servant for 17 years in Westminster and the Welsh Government, working mainly in health and sustainable development.

Heather Toomey recently joined the ICO as Principal Cyber Specialist in the Regulatory Cyber Directorate. As a cyber security professional with 18 years’ experience, mostly in local or central government, her focus is on empowering organisations to improve their cyber resilience and developing strategy in relation to cyber data and cyber regulatory activities.

Terna Waya has been involved in freedom of information regulation at various levels for over 15 years. He is passionate about supporting public authorities with their FOI practice.

Tom Wilkinson  is a Principal Cyber Specialist in the Cyber Investigations Team. He joined the ICO in July 2023 and has been working on a number of high-profile incidents, working with a team of expert colleagues examining UKGDPR and Data Protection Act 2018 infringements.

Emma Wright is a Group Manager in the public advice and data protection complaints department. She has worked in the ICO for six years, previously having worked in the Civil Service for over 10 years. Emma has worked in the same department throughout her ICO career and has knowledge of issues relating to several sectors although her group’s current areas of focus are the local government, housing, and gambling sectors.