Case 3:18-cr-04683-GPC Document 368-2 Filed 03/30/22 PageID.5300 Page 1 of 4
`
`EXHIBIT B
`
`

`

`Case 3:18-cr-04683-GPC Document 368-2 Filed 03/30/22 PageID.5301 Page 2 of 4
`
`
`
`Dennis Dayman
`Rockwall, Texas
`dennis.dayman@gmail.com
`214-771-0111
`
`Summary
`I have more than 25 years of security and privacy executive experience in combating spam,
`security/privacy issues, data governance issues, and improving email delivery through industry policy,
`industry relations and technical solutions. I am a longstanding member of several security and data
`governance boards and advisory committees and am actively involved in creating current Internet and
`digital communication regulations, privacy/security policies and anti-spam legislation laws for state and
`federal governments. I’ve also testified numerous times in front of the U.S. Congress, Federal Trade
`Commission, Canadian Radio-television and Telecommunications (CRTC), Royal Canadian Mounted
`Police (RCMP), Canadian and European Parliament on things such as the Electronic Privacy EU Directive
`and General Data Protection Regulation (GDPR) reforms, self-regulatory best practices, Internet crimes
`and anti-spam regulations. I am also a longstanding member of several boards and advisory committees
`within the messaging industry and also sit on several advisory boards for Internet. Appointed by
`Department of Homeland Security (DHS) Secretary Nielsen to the Data Privacy and Integrity Advisory
`Committee (DPIAC) that provides input to DHS on programmatic, policy, operational, administrative and
`technical issues that relate to personal identifiable information, as well as data integrity and other privacy-
`related matters. Also appointed as a U.S. Delegate for the U.S. Technical Advisory Group (TAG) within
`International Organization for Standardization (ISO) and American National Standards Institute (ANSI)
`supporting work on ISO/PC 317: Consumer protection: privacy by design for consumer goods and services.
`I also sit on several advisory boards for Internet companies and is also a partner, mentor, and frequent
`investor in start-ups.
`
`Work Experience
`Maropost - 01/ 2021 – 03/2022
`Chief Privacy and Security Officer
`
`Maropost email marketing automation platform converts your prospects into clients through the delivery of
`targeted messages to the right contacts at the right time. Maropost provides industry-leading inbox
`deliverability, advance reporting, sophisticated segmentation, list management, template management, A/B
`testing and email automations.
`
`Responsibilities
`• Represents the company’s informational security and privacy interests with external parties (state
`or local government bodies) who undertake to adopt or amend legislation, regulation, or standards.
`Served as information leader to the companies for all departments and appropriate entities.
`• Liaise with regulatory and accrediting bodies on security and privacy issues.
`• Work with external affairs to develop relationships with regulators and other government officials
`responsible for privacy and data security issues
`• Maintaining a comprehensive and current knowledge of both corporate operations, security, and
`privacy laws, as well as communicating details of the company policies to staff and customers
`alike.
`• Works collaboratively with engineering and product management teams to ensure security and
`privacy by design, and satisfaction of regulatory obligations in new products and product features.
`• Conduct data policy compliance analysis overlay by relevant jurisdiction.
`• Provides development guidance and assists in the identification, implementation, and maintenance
`
`

`

`Case 3:18-cr-04683-GPC Document 368-2 Filed 03/30/22 PageID.5302 Page 3 of 4
`
`of the company’s security and privacy policies and procedures in coordination with management,
`the heading the Privacy and Security Working Groups.
`• Performs initial and periodic information privacy risk assessments and conducts related ongoing
`compliance monitoring activities in coordination with a company’s other compliance, product and
`operational teams
`• Works with legal counsel and management, key departments, and committees to ensure the
`organization has and maintains appropriate privacy and confidentiality consent, authorization, and
`information notices and materials reflecting current organization and legal practices and
`requirements.
`• Participates in the development, implementation, and ongoing compliance monitoring of all
`partner and business agreements, to ensure all privacy concerns, requirements, and responsibilities
`are addressed.
`• Establishes and administers a process for receiving, documenting, investigating and responding to
`complaints and/or allegations of violations of the company’s policies and procedures.
`• Ensures compliance with privacy practices and consistent application of sanctions for failure to
`comply with privacy policies for all individuals in the organization’s workforce, extended
`workforce, and for all business associates, in cooperation with the HR team, the information
`security officer, administration, and legal counsel as applicable.
`• Maintains current knowledge of applicable federal and state privacy laws, accreditation standards,
`and best practices and monitors innovations in information privacy technologies to ensure the
`companies adaptation and compliance.
`• Routinely evaluate security needs and implementing comprehensive monitoring techniques.
`• Responsible for developing, implementing and managing the organization's corporate security
`vision, strategy, and programs.
`• Set risk assessment standards and reviewed regular reports assessing risk.
`• Developed and implemented emergency procedures to deal with security threats.
`• Ensured that all computer systems and servers were properly protected.
`• Created, implemented, and supervised physical security for multiple domestic and international
`office locals including data centre’s and cloud providers.
`• Created, implemented, and supervised global security policies and guidelines.
`Investigated possible security breaches and worked to restore any lost data.
`•
`• Ensured that all security equipment was properly maintained.
`• Developed risk management assessments.
`• Monitored incident response planning and corresponded with outside security audit consultants.
`• Maintained effective relationships with appropriate local, state, federal, and country law
`enforcement and data governance agencies.
`• Maintained workplace security procedures and policies
`• Manage day to day any current IP lawsuit(s) against the company.
`Sabbatical - 6/2019 - 12/31/20
`Scheduled to take a year off after last acquisition to travel with spouse. Pandemic impacted that and as such
`I decided to take a bit more time off to spend with her at home.
`Return Path - 04 / 2014 – 6 / 2019 (Acquired by Validity)
`Chief Privacy and Security Officer
`
`Return Path provides consumer intelligence that keeps brands connected to their audiences. We analyzed
`the world’s largest collection of email data to show senders how to strengthen their customer engagement
`and protect their brands from fraud. Mailbox providers around the world use our technology to build trust
`in email by ensuring that wanted messages reach the inbox while spam and abuse don’t. As Return Path’s
`chief privacy and security officer, I leverage my experience and key relationships to provide best practices
`to Return Path, its customers, and ensures the compliance of their communications data flows. I was also
`responsible for coordinating and managing Return Path’s international electronic commerce, privacy,
`
`

`

`Case 3:18-cr-04683-GPC Document 368-2 Filed 03/30/22 PageID.5303 Page 4 of 4
`
`security, and Internet related policy and technologies.
`Eloqua – 03//2008 - 04/2014 (Acquired by Oracle)
`Chief Privacy and Security Officer
`
`Eloqua is a marketing automation SaaS company which develops automated marketing and demand
`generation software and services for 1,100 client’s worldwide business-to-business marketers. Eloqua went
`public in August of 2012 and I was on the team that took park in the development of their S1 and processes
`to going public on the NASDAQ. Then on 20 December 2012, Eloqua announced that it signed a definitive
`agreement to be acquired by Oracle Corporation for $871M and is now the centerpiece of Oracle's
`marketing cloud. As Eloqua’s Chief Privacy and Security Officer, I leverage my experience and key
`relationships to provide best practices to Eloqua, its customers, and ensures the compliance of their
`communications data flows. I was also responsible for coordinating and managing Eloqua’s international
`electronic commerce, privacy and Internet related policy issues.
`Education
`Stephen F. Austin State University - 1994 - 1997
`• Bachelor of Science (B.S.) Criminal Justice/Police Science
`
`Current Federal Appointments
`• Department of Homeland Security (DHS) Data Privacy and Integrity Advisory Committee
`(DPIAC)
`• Chairperson of the Policy sub-committee
`
`Certifications
`
`IAPP - International Association of Privacy Professionals
`o CIPP/US, CIPT, and CIPP/E
`
`•
`
`o Fellow of Information Privacy (FIP)
`Coalitions and Associations
`
`• Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG)
`o Founding member and Board member emeritus
`o Vice-Chairperson Emeritus
`o Program Chair
`o Public Policy Chair
`o Growth and Development Chair
`• Email Sender and Provider Coalition (ESPC)
`o Chairperson Emeritus
`• The Email Experience Council (EEC) - (DMA/ANA)
`o Chairperson Emeritus
`• Data & Marketing Association (DMA/ANA)
`o Ethics, Policy, and Compliance Board member
`
`• Ponemon Institute
`Ponemon Fellow
`
`• Southern Methodist University and Dallas Baptist University
`o Digital Accelerator
`o Big Data Advisory and Security Advisory Boards
`
`
`
`
`
`
`
`