Patron & Committee

Dame Marie Shroff CVO, DNZM


Dame Marie Shroff, DNZM, CVO was the inaugural Chair of Privacy Foundation New Zealand from its inception in 2017 until 2019. She is currently Chair of the Electoral Commission, is a member of the Consumer New Zealand Board, and a Member of the New Zealand Media Council. Marie was New Zealand’s Privacy Commissioner from late 2003 until early 2014, a period of great technological and social change. Her responsibilities included providing independent commentary on significant information privacy issues, providing opinions on privacy complaints made against the government and businesses, monitoring government data matching and promoting good personal information handling practices in New Zealand.

She also played a key role in bringing privacy regulators from the region together to address the challenges they face. From 1987 to 2003 Marie was Secretary of the Cabinet and Clerk of the Executive Council where she undertook and implemented major reforms of policy and practices. She continues to be involved with privacy-focused associations and was the first appointment to the IAPP ANZ Privacy Hall of Fame.

Marie was awarded a CVO in 1995 and a CNZM in January 2004. In 2022, Marie was made a Dame Companion of the New Zealand Order of Merit, for services to the State and the community.

Marcin Betkier


Marcin Betkier is a Lecturer at the Faculty of Law of Victoria University of Wellington. He joined the Faculty after completing doctoral studies there. Apart from having a PhD from Victoria University, he has a Master’s degree in Law from Koźmiński University in Warsaw, a Master’s degree in Computer Science from Warsaw University of Technology and postgraduate MBA studies from Koźmiński University. Teaches Data Privacy, Information Technology Law and Tort Law.

His research and publications examine the problems of regulating online services, data privacy and data protection, computer security, and regulation of modern technologies such as Artificial Intelligence or Facial Recognition Technology.

Marcin worked for 15 years in the ICT sector in different roles–technical, commercial, and legal. He also advised New Zealand companies on the implementation of the General Data Protection Regulation. He has been a member of the Foundation since its inception. Convenor of the Foundation’s Privacy in Digital Economy Working Group and member of a few others.

Additional information is available on his LinkedIn profile:

Louisa Joblin


Louisa Joblin is a Senior Associate at Duncan Cotterill in Wellington, specialising in privacy law. Louisa has worked as a commercial lawyer both in-house and in private practice.

She has considerable experience advising clients on all their privacy concerns, including Privacy Act compliance, dealing with data incidents and privacy breaches (including urgent advice as and when a breach is happening), access and correction requests, notification requirements, compliance training, and privacy policy and procedure.

Louisa regularly writes and speaks about privacy law, including as a media commentator on topical privacy issues. She is currently the convenor of the Legislation and Regulatory Reform Working Group of the Privacy Foundation.

Polly Ralph


Polly leads PwC Legal New Zealand’s privacy and data protection law practice. She has specialised exclusively in data privacy matters for over 17 years, in both New Zealand and the United Kingdom.

She advises clients on the full range of data protection issues including cyber/privacy breach response, GDPR / Privacy Act compliance projects, cross border data transfers, e-privacy/marketing, outsourcing, contracting and data issues in the context of business reorganisation. She spent six years working in PwC UK (Jan 2016 – Jan 2022) advising some of the world’s largest brands on data privacy matters, including Spotify, Visa, bp and Ikea.

Prior to PwC, her privacy career has largely been in-house, working as Group DPO at Domestic & General (a UK-headquartered insurance company) (June 2013 – Dec 2015), Senior Privacy Counsel at the BBC (Sept 2009 – June 2013), Privacy Legal Adviser at the New Zealand Police (Nov 2006 – Aug 2007) and Investigations Team Lead at the New Zealand Privacy Commission (Nov 2004 – Nov 2006, and Aug 2007 – July 2009).

Polly holds the International Association of Privacy Professionals’ CIPP/E and CIPM certifications. She is a regular speaker at data privacy events and conferences.

Alida van Klink


Alida van Klink is a chartered accountant and works at Chartered Accountants Australia and New Zealand (CA ANZ) as a curriculum lead in the CA program. She has previously worked as an accountant at Walker Wayland Auckland Ltd, as well as a Tax Consultant at KPMG.

In 2010/2011 she was a Summer Research Scholar at the University of Auckland Business School, researching litigation under the Privacy Act 1993. This research was subsequently published in the paper she co-authored with Gehan Gunasekara in 2011: “Out of the Blue? Is Litigation Under the Privacy Act 1993 Addressed Only at Privacy Grievances?” Canterbury Law Review Volume 17, 229-250.

Annette Mills

Committee Member

Annette is particularly excited about research on the potentials, challenges, and impacts of new and emerging technologies on people and society, in particular the privacy concerns raised through pervasive data collection, digital monitoring and surveillance, profiling and automated decision-making. Technologies include wearables, AI-enabled applications, and biometrics.

Her work seeks insights into how individuals adapt (or not) to and use new technologies, and are impacted by IT (both positive and negative), with a view to providing insights into the concerns raised and how these may be redressed.

Annette has also collaborated on projects in knowledge management, IT use in SMEs, and deception detection.

Barbara Robson MNZM

Committee Member

Barbara Robson MNZM has been involved in the health sector as a health professional, health consumer and community advocate and governor.

In her capacity as a health consumer representative she has served on local, regional and national advisory committees. She became involved in issues related to personal health information in the mid-2000s when she was invited to be a member of the Steering Committee tasked with upgrading the National Health Index (NHI) system. Since then she has been involved with further upgrades of the NHI, the Health Information Standards Organisation (HISO), reviews of the Health Information Privacy Code (HIPC), including the ‘Use and disclosure of information derived from Newborn Blood Spot Samples’, and draft Approved Information Sharing Agreements. Barbara was also a member of the National Health IT Board’s Consumer Panel (since disbanded) and served as an elected member of Mid-Central DHB Board for 18 years.

She is convenor of the Privacy Foundation’s Hauora Health Privacy Working Group which continues to focus most of its attention on the digital transformation associated with the health system reforms.

Gehan Gunasekara

Committee Member

Gehan was, together with Marie Shroff, instrumental in launching Privacy Foundation New Zealand, serving as its inaugural Secretary and Deputy-chair and then chair from 2019 until 2022.

He is an Associate Professor and deputy head of the Department of Commercial Law at the University of Auckland Business School, where he specialises in the areas of franchising law and privacy law.

He has published extensively on information privacy in New Zealand and overseas and is a regular commentator in national media. He was a member of the academic reference committee for the Review of Privacy by the New Zealand Law Commission completed in 2011 and has subsequently been involved in advising the Government on the legislation to replace the Privacy Act 1993 which occurred in 2020.

His research on cross-border personal information flows has been cited by both the New Zealand and Australian Law Commissions as well as by the Canadian Privacy Commissioner.

Natasha Mazey

Committee Member

Natasha Mazey has a PhD in Information Systems, specialising in technology beliefs and how these evolve with technology maturity.

She has been a member of the Privacy Foundation since 2019 and has supported multiple Working Groups over this time. Natasha is an information risk and privacy professional currently working in the global medical device industry at Fisher & Paykel Healthcare.

Her experience largely involves work within the private sector, including privacy, data protection, information and cyber risk advisory, and business risk analysis.

Nathan Akhavan-Moossavi

Committee Member

Nathan Akhavan-Moossavi is a Senior Compliance & Assurance Manager, Privacy & Data Protection at ANZ based in Te Whanganui-a-Tara Wellington. Nathan has specialised in privacy for over 8 years in both the UK and Aotearoa New Zealand, and in a variety of client-facing and in-house roles.

Prior to ANZ, Nathan worked as a Senior Privacy Advisor at Vodafone (now One NZ). Originally from London, Nathan began his privacy career at Baker McKenzie, a law firm advising clients on a variety of projects, largely getting ready for GDPR. He became a Certified Information Privacy Professional, Europe (CIPP/E) in 2016. Deciding privacy was definitely the career path for him, Nathan moved to KPMG where he focused on operationalising privacy. It was here he gained his Certified Information Privacy Manager (CIPM) designation in 2018. For his first in-house move, Nathan worked at ITV, a lot of that time spent in the UK lockdown. In February 2020 Nathan earned the Fellow of Information Privacy designation from the International Association of Privacy Professionals (IAPP). Since arriving on our shores in April 2021, Nathan has been a member of the Privacy Officers Roundtable network, is an IAPP Wellington KnowledgeNet Chair and sits on the IAPP Australia & New Zealand Advisory Board.

Rebecca Hawkins

Committee Member

Rebecca Hawkins is a privacy professional currently working as a Privacy Advisor in the health sector. She has a law degree, and in 2021 attained the International Association of Privacy Professionals Certified Privacy Technologist accreditation. She has previous experience in the regulatory and compliance environment, working in the UK in Complaints Investigator Roles for accountancy and telecommunications regulatory bodies.

Rebecca heads up the Southern Privacy Network, providing opportunities for Privacy Officers and Professionals to network and hear presentations from experts in the field of privacy and security.

Previous Privacy Officer work has led her to have a keen interest in children’s privacy issues, and more recently to focus on health technologies and privacy.