Anna Johnston, our Principal, is one of Australia’s most respected experts in privacy law and practice.
With her qualifications in law, public policy and management, and 26 years’ experience in legal, policy and research roles, Anna brings a breadth of perspectives and a wealth of experience to dealing with privacy and data governance issues.
Since establishing Salinger Privacy in 2004, Anna has conducted numerous Privacy Impact Assessments and privacy compliance reviews for our clients. Anna also authors most of our range of guidance publications, and writes regularly for the Salinger Privacy blog and publications ranging from tendaily and Huffington Post to the Law Society Journal and Privacy Laws & Business.
As the former Deputy Privacy Commissioner for NSW, Anna also knows the regulator’s perspective. Since establishing Salinger Privacy, she has also been commissioned to write privacy guidance publications, and deliver presentations and training, on behalf of other regulators including the Australian, NSW and Victorian Privacy Commissioners.
Anna has been called upon to provide expert testimony before various Parliamentary inquiries and the Productivity Commission, spoken at numerous conferences, and is regularly asked to comment on privacy issues in the media. She is a lifetime member of the Australian Privacy Foundation, a member of the International Association of Privacy Professionals (IAPP) since 2008, and in 2019 was recognised as an industry veteran by the IAPP with the designation of Fellow of Information Privacy (FIP).
Anna’s pro bono advisory, advocacy, academic and editorial positions have included:
- Visiting Scholar at the Research Group on Law, Science, Technology and Society of the Faculty of Law and Criminology of the Vrije Universiteit Brussel (VUB), 2018
- Advisory Board Member for the EU’s STAR project, to develop training on behalf of European Data Protection Authorities, 2017 to date
- Member of the Asian Privacy Scholars Network (APSN), 2017 to date
- Editorial Board Member, Privacy Law Bulletin, 2010-16
- Advisory Committee Member, the Australian Law Reform Commission’s Inquiry into the Invasion of Privacy, 2013-14
- Board member, the International Association of Privacy Professionals, Australia & New Zealand, 2010-11
- Advisory Committee Member, the Australian Law Reform Commission’s expert advisory group on health privacy for the Review of the Privacy Act, 2006-08
- Project Team Member, University of New South Wales’ Interpreting Privacy Principles project, 2006-09
- Campaign Director, NoIDCard, the successful campaign against the proposed Access Card, 2006-07
- Chair of the Australian Privacy Foundation, 2005-06; Member of the International Committee 2018 to date
- Consumer Representative Member, National E-Health Transition Authority’s Consumer & Clinician Forum, 2005-06
- Primary Author, Australian country reports for Privacy International’s Privacy and Human Rights, 2005-06
- Editorial Board Member, Privacy Law & Policy Reporter, 2004-06
Anna holds a first class honours degree in Law, a Masters of Public Policy with honours, a Graduate Certificate in Management, a Graduate Diploma of Legal Practice, and a Bachelor of Arts. She is a Certified Information Privacy Professional, Europe (CIPP/E) and a Certified Information Privacy Manager (CIPM). She was admitted as a Solicitor of the Supreme Court of NSW in 1996. However since she no longer practices as a solicitor, she won’t mind your lawyer jokes at all.
Andrea Calleia, our Director of Learning, has extensive experience in the learning and development field, and has specialised in privacy training since 2003 when she managed the privacy education program for the NSW Privacy Commissioner’s Office. Since joining Salinger Privacy in 2008 Andrea has managed our e-learning privacy training program, and delivers most of our face to face training. She has developed and delivered customised privacy training on behalf of clients including QANTAS, Sage Software, the Office of the Australian Information Commissioner, and PRAXIS Australia.
Andrea is consistently rated “5 out of 5” by our training participants and has been described as “excellent and engaging”, “enthusiastic, clear and effective”. She developed our Privacy Management in Practice workshop program, which has been described by participants as “top notch”, “practical and informative” and “effective for all participants coming from varied organisations”. Andrea also delivers our CIPM training on behalf of the International Association of Privacy Professionals (IAPP).
Andrea holds a Bachelor of Arts majoring in Education and Human Resources, and a Certificate IV in Training and Assessment. As an alumni of the University of New South Wales, she is a Mentor for students specialising in the fields of Human Resources and Learning and Development. Andrea is a Certified Information Privacy Manager (CIPM), a Certified Practitioner of Human Resources with the Australian Human Resources Institute, a member of the IAPP, and a member of the Australian Privacy Foundation.
Melanie Casley, our Senior Privacy Consultant, has deep experience in the application of privacy laws, having worked in the field since 2002, across both regulatory and advisory capacities.
At Salinger Privacy Melanie has led Privacy Impact Assessments into complex, multi-jurisdictional projects, such as a project to develop a real-time national information-sharing system for child protection, and data linkage and analytics projects in the health and disability sector. Melanie has served as Manager of the Information and Privacy Unit in the Victorian Department of Justice and Regulation, overseeing the compliance of both the Department, and statutory agencies within the Justice portfolio, in relation to privacy and related laws. Melanie has also managed the secretariat functions for the Justice Human Research Ethics Committee, and coordinated a Whole of Victorian Government approach to privacy governance and policy. Prior to her role with the Victorian Department of Justice and Regulation, Melanie performed a number of policy, training and compliance roles with the Office of the Victorian Privacy Commissioner.
Melanie holds a Bachelor of Laws, a Bachelor of Arts, and a Graduate Diploma of Educational Psychology. She is also an accredited mediator, and a member of the IAPP.
Kobby Agyei, our Privacy Specialist, provides pragmatic privacy compliance advice to businesses and our government clients alike. He has worked as a privacy specialist since 2014, advising clients across a range of organisations and sectors.
Having worked across both in-house and consulting roles, Kobby knows how to provide practical and high-quality advice which balances business objectives with compliance requirements. At Salinger Privacy Kobby has advised clients from large Commonwealth government agencies to smaller public sector agencies, and from mid-tier companies to not-for-profit organisations, on issues including GDPR compliance, adopting privacy design strategies in system design, managing privacy risks in social media engagement, implementing a CRM system, and preparing a data breach response plan. He has also conducted privacy audits and PIAs, and prepared privacy management resources, for clients in the education, property, hospitality, government and human services sectors.
Previously at Equifax Australia, Kobby performed numerous PIAs and provided expert advice and recommendations, covering a wide range of businesses and solutions operating in spaces including credit reporting, debt collection, direct marketing, tenancy data and more. With Equifax being an information services conglomerate, his PIAs focussed particularly around end-to-end data flows and data sharing. Kobby was also integral in embedding a compliance culture within Equifax Australia, in a time of rapid business expansion, as well as the introduction of positive credit reporting laws. He frequently liaised with external regulators such as the Australian Financial Complaints Authority (AFCA) and the Office of the Australian Information Commissioner (OAIC), on privacy complaints, conciliations and other regulatory matters.
As a Governance, Risk and Compliance consultant at CompliSpace, Kobby held the role of Privacy Law content specialist for a team that worked across a number of compliance domains, servicing clients across the education and financial sectors. His experience included facilitating the development of risk frameworks at Board and senior executive levels.
Kobby holds a Bachelor of Laws, a Bachelor of Commerce, a Graduate Diploma in Legal Practice and an Advanced Diploma of Financial Planning. He has written articles on privacy compliance for the Risk Management Institute of Australasia, as well as for the Salinger Privacy blog, and has prepared resources for our Privacy Law Compliance Kits.
Depending on the nature of any given engagement, we may also bring on board Stephen Wilson of Lockstep Consulting. Stephen is a leading international authority on digital identity and cyber security. His career spans more than 28 years in IT, software engineering and R&D management, in both Australia and the US, and since 1995 he has specialised in e-security. Stephen is Managing Director of ValidIDy and Lockstep Consulting, and has partnered with Salinger Privacy on several PIAs since 2005.
Stephen’s privacy experience is founded on many years working in the sensitive sectors of healthcare and government, and forged through highly original research into the complex interplay of privacy and security. He has pioneered privacy engineering and design techniques to tailor practical guidance for information architects, designers and project managers, to help build privacy controls into the formative stages of systems development. Stephen has helped organisations in government, health and finance throughout the Asia Pacific, with e-security strategy, policy, architecture, privacy, risk management, governance and technology selection.
Stephen has long been involved in public policy in privacy and security. He was a member of the ALRC’s Developing Technology Advisory Sub-committee (2007-08) and the Federal Privacy Commissioner’s PKI Reference Group (2000). He has served as Standards Australia’s Nominated Privacy Expert on the ISO Financial Services Security Technical Committee 68/SC 6. Stephen has authored numerous submissions to public inquiries into privacy, including the National Health Privacy Code (2003), the Privacy Act (2005), the Health & Welfare Access Card (2007), and Health Identifiers (2010).
Stephen holds an honours degree in Electrical Engineering, and a Bachelor of Science. He is currently undertaking a PhD at the Australian Defence Force Academy on the evolution of digital identity.
