Nicole Stephensen is Principal Consultant at Ground Up Consulting, a boutique firm she established in 2011. There, she provides capacity building and privacy by design services across government, private and not for profit sectors. Nicole is also the Executive Director for Privacy and Data Protection at the Internet of Things Security Institute (a pro bono position). She is co-author of the IoTSI Security Framework for Smart Cities and Critical Infrastructure and hosts a bi-weekly podcast, Privacy Matters.
In her nearly 20 years in the privacy profession, Nicole notably provided comprehensive drafting instructions on the structure, content and policy imperatives for Queensland’s first privacy law, the Information Privacy Act 2009. This law replaced the State’s previous administrative privacy regime which, from 2005-2007, Nicole had responsibility for implementing at a whole-of-government level. She began her career in Canada, with roles in privacy, freedom of information and information policy.
Nicole is a member of the International Association of Privacy Professionals (IAPP), and hosts the IAPP’s KnowledgeNet Chapter for Queensland. Prior to its incorporation into the larger IAPP in 2019, Nicole was also a member of the International Association of Privacy Professionals ANZ Chapter (iappANZ) where she sat for three consecutive terms on the Board.
Nicole additionally volunteers her time to: the international peer-review panel for the Secure Controls Framework (SCF), a US-based high-level privacy- and security-by-design framework created by industry experts and offered under creative commons; and, the Advisory Board for the Joe Alhadeff Digital Policy Centre (currently being constructed on Prince Edward Island, Canada), which is focused on issues of digital policy affecting children and young people, such as cyber-bullying, image based abuse and child exploitation.