Siska Lund

LLB (Hons), LLM, CIPP/E

Siska is a data privacy, IT and corporate and commercial counsel with an extensive background working at the intersection of business strategy, technology, law and data across a range of industries: healthcare, cloud computing, energy management, insurance, energy and infrastructure.  

Prior to joining Privacy 108, Siska was the Global Head of Data Privacy Advisory & Engagement at global med-tech company where she spearheaded strategic initiatives and provided expert counsel on privacy matters. She has had a diverse and progressive career in both Australia and overseas serving in key in-house legal counsel roles, guiding organisations through legal and global privacy and data challenges.  

Siska is also an Assistant Professor at Bond University’s School of Law where she teaches in areas such as corporate governance, commercial and corporate law, and start-up law. She is committed to nurturing the next generation of privacy professionals, shaping a brighter future for the field.  

Qualifications & certifications: 

• LLM (University of Melbourne) 
• LLB (Hons) / B Int’l Bus (Bond University) 
• Certified Information Privacy Professional EU (CIPP/E) 

Shelley Caverzan

BMS, CIPM, CIPT

Shelley brings a wealth of experience in data privacy, project management, change management, and IT service management across industries including education, banking, credit reporting and government. This rich background proves invaluable when it comes to crafting and executing privacy compliance programs or enhancing existing ones to align with evolving global and local legislative and business requirements including the commercial utilisation of data.  These skills are extensively leveraged in assessing the privacy implications of novel initiatives, as well as in the creation of data inventories and comprehensive data mapping exercises.   

Her expertise includes designing and implementing privacy programs, conducting impact assessments, interpreting global regulations, and managing privacy incidents. Shelley’s notable projects include overhauling the global privacy policies for a major bank and establishing comprehensive privacy programs for an international education organisation. With a focus on aligning with evolving legislative requirements, Shelley ensures organizations are equipped to navigate complex privacy landscapes while upholding data protection standards. 

Shelley’s proactive approach to privacy extends to providing training and awareness programs, integrating privacy considerations into every stage of the customer journey, and developing standards to govern the management of personal information. Her commitment to excellence and her ability to communicate complex concepts in simple terms make her a trusted advisor in the realm of data privacy. 

Qualifications & certifications: 

• Bachelor of Management Studies (University of Waikato)
• Certified Information Privacy Manager (CIPM) 
• Certified Information Privacy Technologist (CIPT)

Ian Commins LLM

Ian is a senior privacy consultant and lawyer with Privacy 108, advising on a range of different privacy and data protection legal issues, as well as leading the delivery of privacy impact assessments, the design and implementation of privacy maturity programs and the review of data sharing and other privacy related contracts.

He has worked for some of Australia’s leading law firms and as a senior in-house counsel in a range of contexts.

Ian offers a unique capability to provide practical, implementable advice on a wide range of technical, privacy and data management issues.

Qualifications & Certifications

• LLB (UQ)
• LLM (QUT)
• Solicitor of the Supreme Court (Queensland) and High Court of Australia
• Bar Exams (Papua New Guinea)

Michael Turner CIPP/E & CIPT

Michael is a recognised leader in privacy risk management with more than a decade of experience advising government agencies and multinational organisations on privacy governance, compliance, and data protection. His expertise has been formally acknowledged, with his guidance on Privacy Act Reform preparedness published by the Australian Communications and Media Law Journal. Over his career, Michael has held senior in-house privacy roles across both government and corporate sectors, and assisted the NSW Privacy Commissioner’s regulatory function. He has led the design and operationalisation of privacy risk management frameworks and compliance arrangements across complex, multi-jurisdictional environments, combining deep technical knowledge with strategic insight.

Michael regularly guides Boards and C-Suite executives on risk appetite, governance, and emerging privacy trends, helping organisations navigate evolving regulatory landscapes and data protection challenges. His leadership spans a wide range of projects, including the design and implementation of ISO 27701-aligned frameworks for ASX-listed organisations, privacy impact assessments for large-scale state government programs, and due diligence for multi-billion-dollar acquisitions involving multinational insurers. He has also advised on data de-identification strategies and the use of privacy-enhancing technologies in research and analytics, managed responses to high-profile compliance breaches requiring regulatory engagement with the OAIC and ACMA, drafted privacy risk appetite statements and governance documentation, and developed comprehensive remediation programs to uplift risk management frameworks across diverse sectors.

Qualifications & Certifications

Michael holds the Certified Information Privacy Professional/Europe (CIPP/E) and Certified Information Privacy Technologist (CIPT) certifications from the International Association of Privacy Professionals (IAPP).