Skip to Content

Who we are


Who we are

Data Rights' Genesis

The inception of Data Rights is rooted in the hasty French intelligence law passed in 2015, following the Charlie Hebdo attacks in Paris. 

At that time Hugo and Lori belonged to the Exegetes, a small group of passionate volunteers bringing together privacy specialists and technologists. Together we litigated against human rights flaws of laws regulating the French internet ecosystem.

The Exegetes beavered away to digest the legalese produced by the French Parliament with a balanced analysis of the intelligence reform, from a human rights’ case law perspective. We gained unprecedented insights into France’s intelligence and the fragility of many of its checks and balances. 

For instance, the reform itself was supposed to put an end to secrecy of intelligence activities by publicly regulating them. Hereby moving towards public scrutiny and accountability. Yet the reform left a legacy clause with obscure technical wording creating an enormous loophole - no regulation would apply to wirelessly transmitted data! Just to name a few wireless technologies, this covers wifi, via bluetooth, all phone/antenna communications and all data transmitted via your 4g/5g. In short, most communications.

In addition, the Exegetes' got a landmark ruling by the European Court of Justice. With our 2020 Quadrature du Net et al. ruling all EU Member States must provide for the notification of individuals after they have been subject to surveillance and are no longer a threat. 

Another improvement brought by the ruling is that Member States are now required to give more power to intelligence oversight bodies, whose opinion must now be binding onto governments. This crucial improvement to surveillance safeguards had been demanded by civil society for years and is a central safeguard in case a country’s government was to become authoritarian.

Nonetheless, only relying on volunteers to protect fundamental liberties is not enough. Volunteers burn out, move on, struggle to pay their rent. Citizens, NGOs, administrations and private businesses deserve and need their data rights to be protected by stable robust NGOs.

Which is why with Gaëtan, Polina, Hugo, Lori, Romain and Jan we set up an organisation: Data Rights

Our scope of activity is Europe. The main organs of Data Rights are its Board, its cohort of Advisors and its Director.

  • The Board is responsible for the management of the organisation. Its members are elected for three years renewable once only, at the exception of the Chair whose mandate is renewable twice. All appointments to the Board are made by its members, unanimously.

  • The Executive Team is lead by the Executive Director, who reports to the Board.

  • Advisors are professionals consulted by Board Members and the executive team on matters relevant to their expertise.

Our team

Gaëtan Goldberg

Former Board Member, Gaëtan advises Data Rights with regards to programmes, organisational development and governance. 

Gaëtan has experience working with Noyb, with the French Défenseur des Droits and now advises the President and General Secretaries of the French Data Protection Authority.

Andreas Tsamados

Finalising a PhD on Artificial Intelligence and cybersecurity at Oxford, Andreas is passionate about libre software, user empowerment and human rights. 

Andreas is the co-founder of Fileverse and former co-founder of Alethea AI.

Romain Fluttaz

Former Ubuntu contributor, Romain is a Senior DevOps and Architect specialised in free/libre software cybersecurity. 

Romain previously worked to deploy hybrid cloud solutions with high security requirements, to support Saas solutions guaranteeing data sovereignty and compliance.


Eva Blum-Dumontet

Eva is Head of Policy and Movement Building at Chayn, an organisation working on tech and gender-based violence. Prior to joining Chayn, Eva has worked as a Senior Policy Adviser at the UK's Royal Society where she covered the use of AI and its impact on scientific research.


She previously worked for eight years as a Senior Researcher at Privacy International, where she focused on the intersection of gender, privacy, and technology.

Hugo Roy

Hugo advises Data Rights' strategic litigation. Formerly working at Backer McKenzie, Hugo has litigated successfully in the highest courts of France and the EU. He co-authored the User Data Manifesto and co-founded Terms of Service; Didn’t Read. Hugo now works at Apple.

Anna Fielder

Anna heads the Secretariat of the Transatlantic Consumer Dialogue (TACD), covering all aspects of consumer policy from regulations to digital rights.

Anna used to be the Chair of Privacy International (now designated as Chair Emeritus for her contribution), and is EDRi's former President. 

Jef Ausloos

Jef is a post-doc researcher at the University of Amsterdam’s Institute for Information law (IViR), where he works on data rights, transparency and data-driven power asymmetries.

Jan C. Borchardt

Jan is an open source designer, community manager, and feminist. He leads Data Rights’ visual identity and designs. 

He is also the co-founder and design lead of Nextcloud, and co-founder of Terms of Service; Didn’t Read.

Lori Roussey

Executive Director

Lori oversees the operational and strategic workstreams of Data Rights. Before working full time for Data Rights Lori was the Data Protection officer of Oxfam Great Britain and Oxfam International, while specialising in Internet Policy at the Oxford Internet Institute. 

Lori was previously involved with La Quadrature du Net and ClientEarth.

Polina Malaja

Chair of the Board

Polina is a policy expert, specialising in the intersection of human rights and technology, digital infrastructure and Internet Governance. She is also Policy Director at CENTR, focusing on content liability, cybersecurity, and data protection. Previously she lead the Public Money Public Code campaign at the Free Software Foundation Europe (FSFE).

Alexandra Godoï

Board Member

Alexandra is specialised in Governance, Risk Management, and Compliance (GRC) in the realm of cybersecurity and data protection. Alexandra has experience supporting audit processes and currently focuses on the humanitarian sector. 

Alexandra is a keen cyberfeminist with an eye for intersectional approaches in cybersecurity.

We are currently growing the board!

More soon.

We are extremely grateful to have shared a part of this colorful journey with our past advisor. 

Data Rights would not be the same today!

Estelle Massé

Estelle focuses on data protection, privacy, surveillance and telecoms policies.

Previously Senior Policy Analyst and Global Data Protection Lead at Access Now. Estelle now works at the European Commission's DG Justice.

Estelle left Data Rights in August 2023.

Etienne Maury

Etienne has experience working in the European Parliament, the UNHCR, supporting the French Data Protection authority and now the Council of the EU.

We have been close with Etienne as early as 2016 when working on the Intelligence Law of France.

Etienne left Data Rights in April 2023.

To be successful your content needs to be useful to your readers.

Start with the customer – find out what they want and give it to them.


Data Rights is a non-profit in France and a foundation in the Netherlands.

Data Rights France is an association loi 1901 registered in 2022 under n°W732010735.
Stichting Data Rights is registered at the Amsterdam Chamber of Commerce (Kamer van Koophandel) under n°76158799 and RSIN 860528601.

Guardian Angels


A heartfelt thank you to all who have helped us when we needed it, advised or offered to help: Nani Jansen Raventlow, Matthias Spielkamp, Max Schrems, Ilia Siatitsa, Mary Nunn, NLnet, Romain Lanneau, Joe McNamee, Pratigya Bhattarai, Lighthouse Reports, Arthur Guillôme and Stefano Rossetti.

An especially warm thank you to the DFF team, who included us in the beating heart of Europe's civil society, way before we became an organisation. Your kindness, joy and generosity helped shape who we are now!