Home M3AAWG Expert Advisors

M3AAWG Expert Advisors are highly respected experts chosen for their skills and industry proficiency.  They assist the committees in their work and often provide new ideas and perspectives at M3AAWG meetings.


Frank Ackermann, Attorney-at-Law, Ackermann Legal


A practicing attorney in Bonn, Germany specializing in European IT law, data protection and data privacy since 2003, Frank Ackermann provides expert analysis of the online policies developing throughout the European Union focusing on how they will affect anti-abuse work. He is an active participant in the EU online security community, having served as a director and vice president of INHOPE (International Organization of Internet Hotlines), senior legal counsel and director at eco-Association of the Internet Industry, in Germany, and as an advisory board member of the German Awareness Node “Saferinternet.de.  He also provides information technology law training for online emerging countries with the Internet Society and has been a M3AAWG Public Policy Advisor since 2011.  Mr. Ackermann is co-chair of the M3AAWG Public Policy Committee.


Richard Clayton, Ph.D., Security Researcher, University of Cambridge


Richard Clayton led the team that developed Turnpike, one of the earliest integrated Internet access packages for Windows, giving access to email and Usenet over dialup links. In 1995 his software house was sold to Demon Internet, then the United Kingdom's largest ISP. He worked for Demon in various troubleshooting and regulatory roles until 2000, when he returned to the University of Cambridge to study for a PhD. His thesis was completed in 2005, and he has stayed on as an academic "because it is more fun than working."

Dr. Clayton edited many of LINX's BCP (Best Current Practices) documents, which include some of the earliest formal statements of the terms and conditions that internet service providers must impose to ensure they can deal with abuse of email systems.  In 2007 he became the second recipient of LINX's "Conspicuous Contribution" award.

He currently runs the Cambridge Cybercrime Centre, a five-year initiative to collate datasets about cybercrime and make them available to other academics. The aim is to drive a step change in the number of academic papers that use real world data as the basis for their insights into cybercrime topics. 


Matthew Dunn, Ph.D., Founder and Chief Explainer at Campaign Genius; Co-Founder of Social Signal

Matthew Dunn, Ph.D., is Founder and Chief Explainer at Campaign Genius, and Co-Founder of Social Signal.  Dr. Dunn is a serial entrepreneur and executive with wide-ranging experience.  He has been a startup CEO, Fortune 1000 Senior Vice-President and CIO, Microsoft veteran, consultant, technology standards organization Executive Director and university professor.  A frequent keynote speaker, Matthew is also an award-winning writer, director, designer, and an inventor, holding over a dozen patents in diverse fields.

As a keynoter, speaker and panel moderator, Matthew is known for making complex subjects clear and simple. He has had repeat engagements as emcee and “conference summarizer”, improvising the wrap-up of full day conferences on the spot. 

Matthew holds the first Ph.D. in Digital Media, which he designed and completed at the University of Washington before the Web was invented.  He also holds a Master of Fine Arts from the University of Texas. He brings a unique mix of technical, business, scholarships and arts experience to understanding the changing business and technology landscape.

Stephen Farrell, Ph.D., Trinity College Dublin


Dr. Stephen Farrell is a research fellow in the School of Computer Science and Statistics at Trinity College Dublin (https://scss.tcd.ie), where he teaches and researches on security and delay/disruption-tolerant networking (DTN). In 2006 he co-authored the first book on the latter topic. Dr. Farrell has been involved in internet standards for more than a decade and was IETF security area director from 2011-2017. He currently co-chairs the IETF home networking working group (homenet) and is co-founder of Tolerant Networks Limited, a TCD campus company.


Barry Leiba, Futurewei Technologies

Barry Leiba has worked on email and related technology since the early 1980s, and currently focuses on the "Internet of Things", messaging and collaboration on mobile platforms, security and privacy of Internet applications, and Internet standards development and deployment. Barry has been active in the Internet Engineering Task Force since the mid 1990s and currently serves as Applications and Real-Time (ART) Area Director and as the IETF liaison to M3AAWG. He is an author of a number of proposed standards, has chaired many working groups in the Applications and Security Areas, and has been a member of the Internet Architecture Board (IAB). He is a member of the Security and Stability Advisory Committee (SSAC) in ICANN and is Associate Editor-in-Chief of IEEE Internet Computing magazine, in charge of departments and columns. Barry has been a Director of Standards at Futurewei Technologies since 2009. Before that he was a Senior Technical Staff Member at IBM's Research Division.


John R. Levine, Ph.D., Taughannock Networks, Founder


John R. Levine is a long-term participant in mail standards and mail anti-abuse efforts. He is a member of the board of the Internet Society, of the ICANN Stability and Security Advisory Committee (SSAC) and is president of the Coalition Against Unsolicited Commercial E-mail (CAUCE North America). He has written many books including the popular Internet for Dummies, Fighting Spam for Dummies, Linkers and Loaders, and qmail.

Dr. Levine has been active in the design and testing of widely used anti-spam and authentication technologies including: DKIM, ARC, CSV, and ARF. He was a co-founder and director of the Domain Assurance Council, an industry consortium creating open standards for domain certification. Dr. Levine has a B.A. and Ph.D. in Computer Science from Yale University. His other computing interests include compilers; he co-authored the classic lex & yacc and has moderated comp.compilers, the usenet group which is the world's most popular forum on the topic, since 1986.


April Lorenzen, Dissect Cyber Inc.


April Lorenzen is an internet security researcher specializing in the preemptive discovery of miscreant and crimeware resources in the domain name system. In her work as Chief Data Scientist at Zetalytics, she oversees one of the world's most geographically diverse passive DNS systems. She has operated IoC (Indicators of Compromise) security feeds continuously since 2004 and is the primary architect of the free open source data visualization tool "Mal4s.”

April is also active in the white hat community as a M3AAWG Senior Technical Advisor and as a Senior Research Fellow for the Anti-Phishing Working Group (APWG). She received the Global Impact award from the Department of Homeland Security S&T Cyber Security Division in 2016 and currently serves as the Principal Investigator for a critical infrastructure supply chain cybersecurity notification research project. She also has been appointed to serve on the Cyber Rhode Island Advisory Committee by the state’s Congressional representative. In 2006, April received an award for Outstanding Support in the Ongoing Battle Against Cyber Crime from the National Cyber Forensics Training Alliance (NCFTA).  She is a frequent trainer and speaker at international ISP, law enforcement and security industry conferences.


Angelica Mandell

Angelica Mandell is a diversity, equity, and inclusion independent consultant, joining M3AAWG in early 2022 as an Expert Advisor. Angelica has a Masters of Social Work (MSW) degree from Eastern Washington University along with having an A.C.S.W (Academy of Certified Social Workers) certification. Mrs. Mandell has 25+ years of experience as a regional program director, clinical supervisor, data analyst, program manager and trainer, including focus on creating diverse and inclusive environments and cultures. Additionally, Angelica is an experienced social worker and mental health professional with extensive background in direct client services as well as clinical supervision, staff development and training, and program agency management. Angelica is working with the M3AAWG Diversity & Inclusion committee, member community, and executive leadership to understand how to help industry associations create diverse and inclusive cultures while working on common initiatives as well as incorporating and leveraging partnering organizations where appropriate.


Simon McGarr, Solicitor, Data Compliance Europe


Simon McGarr is recognized as one of Ireland’s leading experts in data protection. A practicing solicitor, he has guest lectured at Irish Universities and the Irish Law Society. His ability to convey specialized information painlessly has made him a regular contributor to media discussions of data issues. 

Simon was involved in the two landmark cases developing data protection law in the European Union, Digital Rights Ireland and Schrems. His consultancy firm, Data Compliance Europe focuses on helping organizations, from multinationals to non-profits, towards GDPR compliance. 


Rod Rasmussen, ICANN Security and Stability Advisory Committee (SSAC), 
leadership of the Anti-Phishing Working Group (APWG) and other industry organizations
Rod Rasmussen is a retired cybersecurity executive who, while investing in and advising start-ups, is spending the bulk of his work time volunteering for cybersecurity related organizations. This includes chairing ICANN’s Security and Stability Advisory Committee (SSAC), being a senior advisor to the Messaging Malware Mobile Anti-Abuse Working Group (M3AAWG), serving as a member of the leadership of the Anti-Phishing Working Group (APWG) and participating in other industry organizations. Prior to retirement, Rasmussen co-founded the cybersecurity company IID and was the company's lead technology development executive prior to its acquisition in 2016. He has been widely recognized as a leading expert on the abuse of the domain name system by criminals. Rasmussen is also an active participant in and the Forum of Incident Response and Security Teams (FIRST). He is a regular participant in DNS-OARC meetings, the worldwide organization for major DNS operators, registries and interested parties. He is also a long-standing member of the Advisory Board for the School of Engineering and Technology at the University of Washington Tacoma. Rasmussen earned an MBA from the Haas School of Business at UC-Berkeley and holds two bachelor's degrees, in Economics and Computer Science, from the University of Rochester. He has worked in both government (the Congressional Budget Office) and various computer communications and networking companies throughout his career.
Area of expertise: Cybersecurity, and is leading expert on the abuse of the domain name system (DNS) by criminals.
Pete Resnick, Episteme Technology Consulting LLC
Pete Resnick is the owner of Episteme Technology Consulting LLC, providing consulting services on engaging with and contributing to standards development organizations, as well as advising on engineering, legal, and policy issues. He also serves as an expert witness in legal cases regarding Internet messaging. Previously, Pete worked for over 24 years at Qualcomm, overseeing Internet standards activities company-wide and coordinating a team that developed and implemented open-source software and standards policies. Pete has worked with the Internet Engineering Task Force (IETF) for almost 30 years. He has served as the Applications Area Director on the Internet Engineering Steering Group (IESG) and as a member of the Internet Architecture Board (IAB), in addition to chairing numerous working groups and authoring or co-authoring many protocol standard, informational, and procedural documents. Among other roles, he is currently a member of the IETF Ombudsteam. Pete received his BA in Biological Sciences and his MA in Philosophy and Computer and Systems Sciences from Binghamton University in New York. He spent several years in the Doctoral program in Philosophy at the University of Illinois Urbana-Champaign, teaching and doing research on philosophy of mind, philosophy of language, and psycholinguistics, but left the program prior to completing his dissertation to join Qualcomm. In his spare time, Pete is an avid SCUBA diver and teaches as a certified Instructor, practices and teaches tai chi (太極拳), and does volunteer work for local civic organizations and government commissions in Urbana, Illinois.

Area of expertise: Pete provides consulting services on engaging with and contributing to standards development organizations, as well as advising on engineering, legal, and policy issues. He also serves as an expert witness in legal cases regarding Internet messaging.

Joe Salowey, Security Engineer at Salesforce,  IETF and IEEE
Joe Salowey is a Security Engineer working at Salesforce by way of the Tableau Software acquisition where he has worked since 2015. He develops innovative ways to deliver state-of-the-art secure products and services to customers. He mainly focuses in the areas of cryptography, privacy, security architecture, and secure development practices. Prior to Tableau he was employed at Cisco Systems designing network management and security solutions across a broad spectrum of products. Joe has spent over 2 decades working on open security standards within the IETF and IEEE. He has authored over 20 security and network management IETF RFCs and participated in the development of multiple secure communication standards in the IEEE 802.1 and 802.11 working groups. Currently he is co-chair for the Transport Layer Security (TLS), Extensible Authentication Protocol Method Update (EMU) and Privacy Pass working groups in the IETF.

Area of expertise: Joe mainly focuses on cryptography and privacy in standards and security architectures and has spent over 2 decades working on open security standards within the IETF and IEEE.


Joe St Sauver, Ph.D., DomainTools

jstsauver@domaintools.com (work) / joe@stsauver.com

Joe St Sauver is a Distinguished Scientist with DomainTools (DomainTools acquired Paul Vixie's company, Farsight Security, Inc. in November 2019). Before joining Farsight in November 2014, Dr. St Sauver worked for the Computing Center/Information Services at the University of Oregon for roughly 28 years, including serving (under a UO contract) as the Internet2 Nationwide Security Programs manager, and manager of the the InCommon SSL/TLS Certificate Service and InCommon's Multifactor Program.

Among other national cybersecurity-related activities, Dr. St Sauver remains a member of the Research and Education Network Information Sharing and Analysis Center Technical Advisory Group (REN-ISAC TAG) and is on the Board of the Coalition Against Unsolicited Email (CAUCE). Dr. St Sauver routinely writes and presents on a wide range of cybersecurity topics. Publicly available presentations can be found at https://www.stsauver.com/joe/ 


Jesse Sowell, Ph.D.

Jesse is currently a Postdoctoral Cybersecurity Fellow at Stanford’s Center for International Security and Cooperation. Broadly, Dr. Sowell’s research focuses on the non-stat I’m e institutions that ensures the internet stays glued together in a secure and stable manner.

This work started with studies of how operational communities share information necessary to solve operational and security incidents that often cross firm and jurisdictional boundaries. Historically, these actors have served as the stewards of the internet’s infrastructure. Increasingly, the social, political, and economic magnitude of cybersecurity incidents requires the capabilities of both operational communities and state actors. Dr. Sowell’s ongoing work explores the operational-policy interface between operational security communities and state actors, in particular law enforcement and national security.

Dr. Sowell’s other research interests include the role of private transnational security regimes in global politics, the commodification of malware value networks, credible knowledge assessment of science and technology policy, the economics of IoT security, and the growing tension between internet privacy and security efforts. At M3AAWG, Dr. Sowell serves as a Senior Advisor and vice-chair of the Growth and Development Committee, directing the organization’ outreach efforts. He also serves as the co-chair of the IoT Special Interest Group.

Dr. Sowell has a background in computer science, criminal justice, and technology and policy. He holds a PhD in Technology, Management, and Policy from MIT’s Engineering Systems Division.


Laurin Weissinger, Teacher at Fletcher School, Tufts University, Cybersecurity Fellow and an ISP Visiting Fellow at Yale Law School.
Laurin teaches at the Fletcher School, Tufts University, focusing on socio-technical cyber security. He is also the Cybersecurity Fellow and an ISP Visiting Fellow at Yale Law School.

His research and expertise include: complex systems and security, the problem of trust, trust assurance, trust architectures, security threats more generally, cooperation in international and organizational cybersecurity, risk and security management, regulation and standards, security policy, as well as cybercrime and anti-abuse. Laurin recently served as Vice-Chair for the Second Security, Stability, and Resiliency Review for ICANN.

Laurin studies and teaches cybersecurity from a holistic socio-technological perspective and utilizes multidisciplinary methods to explore the technical, social, and political aspects of complex systems and cybersecurity in practice. His research and policy work are informed by his many years working in IT as a systems administrator and architect in the healthcare industry, in technology consulting, and his work with M3AAWG and APWG.

Laurin received his DPhil (PhD) from University of Oxford, where he conducted an in-depth study of trust assurance in cybersecurity. Additionally, Laurin holds an MSc from Oxford, and an MPhil from the University of Cambridge.

Ash Wilson, Technical Director, Urbane Security

Ash Wilson is the Technical Director at Urbane Security, where his responsibilities include the development of internal systems and security research.

Mr. Wilson has a background in security research, network engineering, software development, and protocol design. He was an early contributor to the DANCE (formerly DANISH) IETF working group, which seeks to make DNS the binding namespace for client identifiers across a variety of use cases, including IoT.


Dana-Lynn Wood (she/her), Senior Advisor to the Chief Compliance and Enforcement Officer, CRTC

Dana-Lynn joined the Compliance and Enforcement Sector at the Canadian Radio-television and Telecommunications Commission (the Commission) in July 2012 to assist the team with the development of Canada’s Anti-spam Legislation’s (CASL) enforcement program.  Since joining the Commission, Dana-Lynn has also worked on enforcing the Unsolicited Telecommunications Rules and is the Senior Advisor to the Chief Compliance and Enforcement Officer (CCEO) advising on enforcement policy and compliance issues. Dana-Lynn is currently responsible for domestic and International partnership development for the Electronic Commerce and Telecommunications Enforcement divisions. Before joining the Commission, Dana-Lynn previously held a position at Innovation, Science and Economic Development Canada (previously Industry Canada) in the National Anti-Spam Coordinating Body, helping guide Bill C-28 (CASL) through the parliamentary and regulatory process.

Dana-Lynn also sits on the Executive Committee of the Unsolicited Communications Enforcement Network (UCENet), a global network of regulatory and law enforcement agencies dedicated to combatting online and telephony abuse.  In 2018-2019, Dana-Lynn was seconded to the Department of Internal Affairs (DIA) in New Zealand (NZ) to work in their Digital Safety enforcement group and help contribute to the evolution of their anti-spam program.  As a result of the events of March 15th, 2019 in Christchurch NZ, Dana-Lynn worked on the digital terrorism file, contributing to protecting New Zealanders from the effects of that online harm.