Our experts

Cosimo Monda

Cosimo Monda is the Director of the Maastricht European Centre on Privacy and Cybersecurity (ECPC), which has been established in 2016 at the Law Faculty, Maastricht University.

At ECPC his work has a strong European and international outlook in the field of privacy and cybersecurity, steering an interdisciplinary group of researchers, academics and professionals active in areas of fundamental rights, data privacy, transparency and confidentiality, IT, data security, and more. Cosimo Monda has a longstanding experience in designing executive education, certification courses and online learning modules for professionals who are required to deal with new regulations and on-going developments in the privacy and cybersecurity market. Before joining Maastricht University, he was working at the European Institute of Public Administration, as Senior Lecturer and Head of Information, Publications, and Marketing services. He holds a Law Degree obtained at the University of Bologna.

His fields of expertise include Data Protection and Cyber security, EU Information Management; Transparency and access to documents; EU Agencies; EU decision-making procedures and Institutions and EU law. 

Paul Breitbarth

Paul Breitbarth is Nymity’s Director for EU Certification Research and Senior Solutions advisor and Visiting Fellow at Maastricht University Eurpean Centre on Privacy and Cybersecurity (ECPC)

He works from The Hague, the Netherlands. In addition to working with Nymity’s clients and prospects throughout the European Union, Paul is involved in two research projects aimed at GDPR process certification and demonstrating compliance to DPAs. Before joining Nymity, Paul served as Senior International Officer at the Dutch Data Protection Authority, where he was involved in a large number of international data protection related projects, including the EU data protection reform and the Privacy Shield. In 2015, he organised the International Privacy Conference in Amsterdam.

Paul Breitbarth is actively involved as a trainer and as member of the examination committee of ECPC's Data Protection Officer Certification course as well as other executive training courses.


Paolo Balboni is Extraordinary Professor of Privacy, Cybersecurity, and IT Contract Law at Maastricht University, and Founding Partner of ICT Legal Consulting (ICTLC).

ICT Legal Consulting is a law firm with offices in Milan, Bologna, Rome, an International Desk in Amsterdam, and multiple Partner Law Firms around the world. Together with his team, he provides legal counsel across Europe to multinational companies specializing in the fields of Personal Data Protection, Data Security, ICT, and Intellectual Property Law. Dr. Balboni is the President of the European Privacy Association based in Brussels, the Cloud Computing Sector Director and Responsible for Foreign Affairs at the Italian Institute for Privacy in Rome, Italy. Balboni is actively involved in European Commission studies on new technologies and is a regularly invited expert in the revision of the EU Commission proposal for a General Data Protection Regulation. He co-chairs the Privacy Level Agreement (PLA) Working Group of Cloud Security Alliance and has acted as the legal counsel for the European Network and Information Security Agency (ENISA) projects on ‘Cloud Computing Risk Assessment’, ‘Security and Resilience in Governmental Clouds’, and ‘Procure Secure: A guide to monitoring of security service levels in cloud contracts’. He is Lecturer at the Master in Digital Media Management at the European Institute of Design and Research Associate at Tilburg University. He obtained his Law Degree with distinction from the University of Bologna in 2002 and a Ph.D. in Comparative ICT Law from Tilburg University in 2008. In 2018 he was appointed as extraordinary professor at the Faculty of Law, Maastricht University.

Martin Abrams

Martin Abrams, Executive Director at The Information Accountability Foundation, Texas (USA)

Martin Abrams, Executive Director and Chief Strategist for the Foundation, has 35 years of experience as an information and consumer policy innovator. Multi-stakeholder collaboration has been a key for Abrams in developing practical solutions to dilemmas in information policy. His most recent work has been on big data governance and privacy compliance driven by demonstrable data stewardship. For the past five years, he has led the Global Accountability Project, which has refined the accountability principle that is part of various data protection laws and guidance documents.
Abrams has also provided leadership in other policy areas. He worked on multi-layered privacy notices, which changed the way policy makers and organisations thought about privacy transparency. His work is generally reflected in new laws and regulatory guidance in jurisdictions from Asia, across Europe and in the Americas. He has led educational seminars on almost every continent and has been a key advisor to four International Conference of Data Protection and Privacy Commissioners. He has been deeply involved in the development of the APEC Cross Border Privacy Rules and has also been involved with the OECD Working Party on Information Security and Privacy. He is an advisor to numerous benchmark corporate privacy programmes.
Abrams was the co-founder and President of the Centre for Information Policy Leadership at Hunton & Williams LLP, which he led for 13 years. Prior to that, he was Vice President of Information Policy at Experian and Director of Information Policy at TRW Information Systems where he designed one of the early privacy impact assessment tools. He also chaired their Consumer Advisory Council. Abrams began his consumer policy work at the Federal Reserve Bank of Cleveland where he was Assistant Vice President and Community Affairs Officer. At the Federal Reserve Bank he drove collaboration by helping banks and the communities they serve find their intersection of self-interest.

Christopher Docksey

Christopher Docksey, Honorary Director General of the European data protection Supervisor (EDPS)

He has been responsible for the coordination and implementation of policies and activities since 2010. He is a member of the English Bar and a law graduate of the Universities of Cambridge and Virginia. He has taught law at the Universities of Exeter and Washington and at the Marshall-Wythe School of Law. He was the Legal Adviser on data protection to the European Commission from 2001 to 2010. During this period he represented the Commission in the data protection cases before the European Court of Justice and advised on draft legislation and international negotiations on matters such as Safe Harbor, PNR and TFTP. Most recently he represented the EDPS in the Schrems proceedings before the Court.

Philippe Renaudière

Philippe Renaudière, Former Data Protection Officer of the European Commission

Philippe Renaudière has been since May 2006 the Data Protection Officer of the European Commission. The previous positions of Mr Renaudière in the Commission were successively held with DG Justice Liberty Security where he was Head of the Data Protection Unit from 2005 to 2006, DG MARKT, where he was Head of the International Relations Unit from 1996 to 2001 and Head of the International Relations from 2001 to 2005, member of the cabinet of Commissioner K Van Miert from 1992 to 1996 in the fields of transport and competition and DG Environment, in the subjects of legal affairs from 1987to1990 and global environment issues from 1990 to 1992.


Leena Kuusniemi, Legal Advisor at Leegal Oy and Former Senior Legal Counsel, Rovio Entertainment

Leena supported Rovio’s technology R&D, cloud services, patent initiatives and technology co-operation initiatives, and is responsible for all privacy and regulatory matters globally. Before joining Rovio in 2012, Leena was with Nokia for ten years, mainly supporting Nokia’s device R&D, online services, data security and privacy. Prior to Nokia, she was a legal counsel at Remedy and started her career as an attorney and litigator. Leena has participated into numerous legal working groups and lectured widely in various seminars and universities.

Christopher Kuner

Christopher Kuner is professor of law at the Vrije Universiteit Brussel (VUB) in Brussels, Belgium, and co-director of the Brussels Privacy Hub, a legal research centre at the VUB. He is also an affiliated lecturer at the University of Cambridge, and a Visiting Professor at the London School of Economics and Political Science.

The author of numerous books and articles, Dr. Kuner is editor-in-chief of the law journal International Data Privacy Law published by Oxford University Press. He has participated in the work of numerous international organizations, and has taught courses at the summer session of the Hague Academy of International Law and at the summer school of the Academy of European Law in Florence.


Brian Honan, is an independent security consultant based in Dublin, Ireland, and is also the founder and head of IRISSCERT, Ireland’s first CERT. He is a Special Advisor to Europol’s Cybercrime Centre (EC3), an adjunct lecturer on Information Security in University College Dublin, and sits on the advisory board for a number of innovative security companies.

Brian is recognised internationally as an expert in the field of information security and has worked with numerous companies in the private sector and with government departments, in Ireland, Europe and throughout the United Kingdom. Brian has also provided advice to the European Commission on matters relating to information security. He is on the advisory board for a number of innovative information security companies. Brian is the author of the book “ISO 27001 in a Windows Environment” and co-author of books “The CSA Guide to Cloud Computing” and “The Cloud Security Rules”. He is a regular speaker at major industry conferences and regular contributes to industry publications. In 2013 Brian was awarded “SC Magazine Information Security Person of the Year” for his contribution to the computer security industry. Brian Honan was also inducted into the 2016 Infosecurity Europe Hall of Fame.

Aurélie Pols

Aurélie Pols, Privacy Engineer, owner of consultancy Competing on Privacy, Member of the EDPS Ethics Advisory Group

Aurélie Pols designs data privacy best practices: documenting data flows, minimising risk related to data uses, solving for data quality. She spent 18 years optimising digital data-based decision-making processes. She co-founded and sold her start-up to Digitas LBi (Publicis). Used to following the money to optimise data trails, she follows data to minimise risks, touching upon security practices and ethical data uses. 
She leads her own consultancy, Competing on Privacy, serves as DPO for NY based CDP mParticle and is part of the EDPS’ EAG. She has been teaching Privacy & Ethics at IE Business School in Madrid for 5 years, supports DPO training courses for Maastricht University, is part of their ECPC board and supports IEEE’s P7002 (Data Privacy Process).


Mika Lauhde, Vice-President Cyber Security & Privacy, Global Public Affairs, Huawei Technologies

Since early 2018, Mika Lauhde is working for Huawei Technologies as Vice-President Cyber Security & Privacy. Before he was working at 65Security; an expert house in Cyber security services for authorities, Law-enforcement, courts, law firms and companies needing advanced Security services. Prior joining 65Security he worked in SSH Communications Security as VP, Government Relations and Business Development. Engaging governments, industry partners, and product- and service users on important security and privacy issues such as critical infrastructure protection, compliancy, software assurance, risk and identity management. In Nokia Corporation, Mika Lauhde headed Business Security and Continuity, where he was accountable of Government Relations in Cyber Security area, Criminal compliancy and forensic, Nokia wide crisis management as well terminal and manufacturing related security tool manufacturing.
Mika has an extensive experience with cyber security related topics and governmental institutions both in Europe and USA. Currently he is a Member of ENISA (European Network and Information Security Agency) Permanent Stakeholder Group and Europol Cyber security and privacy adviser as well Visiting lecturer, Maastricht University, Centre of Data protection and Cyber Security (2017-); Member of ENISA (European Network and Information Security Agency) PSG (2009 – ); Europol Cyber Security Advisor (2016 – ) Europol Privacy Expert (2015 -); Visiting lecturer, Maastricht University, Centre of Data protection and Cyber Security (2017-); Member of Loueven University European Crypto Task Force (2014 – ); Founding Member and Board Member of TDL (Trust in Digital Life) (2010 – 2013 ) (Part of the European Cyber Security Strategy plan 2013); Member of EU government security advisory board RISEPTIS, reporting to Commissar Redding),  (2007-2009); Member of Finnish government ICT security advisory board (2007 – 2010); Member of UK government critical infrastructure protection group CPNI (2005 – 2009)

Massimo Marelli

Massimo Marelli LL.B. (QMUL), LL.M (Cantab) is the Head of Data Protection Office at the International Committee of the Red Cross (ICRC)

Before taking this role at the ICRC headquarters in Geneva, Massimo held several positions as a Delegate in the field and legal adviser at the ICRC. Prior to joining the ICRC, Massimo worked as lawyer at the UK Office of Fair Trading, Referendaire at the EU General Court, and as Solicitor in private practice. Massimo is a member of the Brussels Privacy Hub Advisory Board, and with Dr. Christopher Kuner leads the Brussels Privacy Hub/ICRC “Data Protection and Humanitarian Action” working series.


Ben Hayes has more than 20 years’ experience working on international security and human rights issues with NGOs, international organisations and research institutes, much of it focussed on the rights to privacy and data protection. He worked as a Data Protection Legal Advisor to the UN Refugee Agency and the International Committee of the Red Cross before establishing his own consultancy. He has produced large-scale data protection impact assessments in a range of complex and challenging environments including the Syria refugee crisis, community health surveillance post-Ebola and international biometric identification databases.


Giovanni Comandé (LLM Harvard Law School, Ph.D. Scuola Superiore Sant’Anna) is Full Professor of Private comparative law at Scuola Superiore Sant’Anna where he also studied as ordinary student. Since 1995 he has been a lawyer, included in the special roll for university teachers in Pisa and Attorney at law (New York Bar, since 1997). A mediator at Organismo Conciliazione Pisa and mediation trainer, he taught in and visited numerous universities (Washington and Lee School of Law; Université Laval; Fordham School of Law; Université Panthéon Assas Paris II, Faculté de Droit ; Hebrew Univeristy, Jérusalem; Wake Forrest University School of Law; University of South Carolina School of Law). He is an elected member and advisor for various projects to the American Law Institute (for ex. concerning Information Privacy Principles) member of the European Law Institute (ELI), of the European Group on Tort Law and of the European Centre of Tort and Insurance Law, Vienna. He works in Italian, English, Spanish and French. He directs the Interdisciplinary and Comparative Research lab where he leads, among else, the "Rights, Information, Governance, Health, Technology, Sciences in the Classifying society" project. He teaches "Legal issues in Data Science" at UNIPI.

His areas of competence includes: comparative law, data protection law, law and technology, algorithm regulation, civil law in general, tort law, personal injury, European private law, health law, private law of public administration, product liability, A.D.R. (Alternative Dispute Resolution), American law, insurance law and technology regulation. He is also the founder and President of Smartlex, a Scuola Superiore Sant' Anna.


Herke Kranenborg is a member of the European Commission’s Legal Service specialising in the field of privacy and data protection. In addition to advising client directorates-general in these areas, he represents the Commission in litigation before the EU Courts.

Previously, he worked at the Office of the European Data Protection Supervisor (EDPS). Herke is visiting fellow at the ECPC and, since 2010, affiliated senior researcher at the Institute for European Law of the K.U. Leuven. He has numerous national and international academic publications on EU law, in particular on data protection, privacy and fundamental rights in general. His PhD thesis, on the subject of EU data protection and public access to documents, was awarded by the Europa Institute of the University of Leiden (2007). In August 2018, together with prof. Luc Verhey, Herke published a monograph on the General Data Protection Regulation (GDPR): De Algemene Verordening Gegevensbescherming in Europees en Nederlands perspectief.