Board of Directors

Don ThibeauDon Thibeau

OIX Chairman and President

Don is President and Chairman of the Open Identity Exchange (OIX) a non-profit organization of leaders from competing sectors, including enterprise, data services, telecommunications, consulting services, SaaS, banking, retail and government. OIX has become a global center of excellence for the identity trust layer of online transactions serving as a test bed for business, legal and governance policies in the emerging identity ecosystem.

Don is also the Executive Director of the OpenID Foundation, where he directs a standards development process for Internet identity. The foundation’s membership is comprised of leaders from key industry organizations that collaborate on the development, adoption and deployment of open identity standards. He blogs at

Paul AgbabianPaul Agbabian

OIX Vice President

Symantec, Fellow, CTO Endpoint Security & Management Division

Paul is responsible for cloud-hosted infrastructures, telemetry, endpoint protection and mobility, encryption, and systems management. Previous to this role, he was CTO of Symantec’s Consumer Business Unit and the Norton product line.

He has represented Symantec in industry organizations such as the OpenGroup, Distributed Management Task Force where he was board member and chair of the User and Security working groups, and customer-industry councils. He has numerous inventions and patents in his fields of expertise.

Before joining Symantec, Paul was president of a private corporation developing software for measurement and analysis of stochastic data, catering to government agencies, global aerospace and technology firms.

Paul has a Master of Science degree in Mechanical Engineering from Caltech, and a Bachelor of Science degree from UCLA.

Kimberly Little Sutherland

OIX Secretary

LexisNexis, Senior Director of Fraud & Identity Management Strategy, Risk Solutions

Pat MangiacottiPat Mangiacotti

OIX Treasurer

Equifax, Senior Director of Business Development & Strategic Partnerships, Technology & Analytical Services Group

Pat Mangiacotti is Senior Director of Business Development and Strategic Partnerships for Equifax’s Technology and Analytical Services Group. In this position, she manages the development and execution of strategic partnerships focusing on identity and fraud solutions. Before joining Equifax, Ms. Mangiacotti served in numerous leadership roles at prominent data technology and internet media companies such as EMC, Lycos and General Information Services. She was a co-founder of Trufina and an active member of ICF. Ms. Mangiacotti earned a B.A. from the University of Massachusetts at Amherst.

Adam DawesAdam Dawes

Google, Product Manager

Adam has been a product manager at Google for over six years and currently manages the OAuth authentication and authorization infrastructure. He has worked in computer security for a decade, building email security, identity and policy controls at Postini and later for Google Apps. Previously, Adam led the product development at Autodaq (now Openlane), a B2B ecommerce site for the automotive industry. He holds an MBA from Stanford and a BA in visual arts from Harvard.

Daniel Elvester

Daniel Elvester

Experian, Senior Director, Business Development Experian Decision Analytics

Dan Elvester is the Senior Director of Business Development for Experian’s Decision Analytics business unit. In this role, he is responsible for development and execution of strategic partnerships, aligning business objectives in fraud detection and prevention, operational efficiency and compliance with new and existing products and markets. Dan has been with Experian for five years.Since joining Experian, Dan has secured strategic partnerships with a variety of companies including Early Warning Services for DDA data sources, TargusInfo® for additional phone verification, Accertify for call center support, several biometrics organizations and more. Dan’s previous experience includes three years with LexisNexis where he developed and executed a partner reseller program, and three years with HNC, focused on eCommerce. Mr. Elvester holds a Bachelor of Science in Management from California State University Northridge.

Chris FergusonChris Ferguson

Director for Digital, UK Government

Chris Ferguson is one of the original senior management team that built the UK’s Government Digital Service (GDS). Chris is the head of digital profession across the UK Government and leads the Digital Group in GDS. His portfolio includes the single government domain GOV.UK, the UK’s digital identity assurance programme (GOV.UK Verify), the Government-as-a-Platform delivery team and the UK Governments’ service design unit.

Chris has worked for several of the UK Government’s core departments and on detached duty for the United Nations. Prior to his involvement with digital transformation of public services, Chris’s career mainly focused on diplomacy and security in the UK and overseas.

Patrick HardingPatrick Harding

Ping Identity, Chief Technology Officer

In the executive role of Chief Technology Officer for Ping Identity, Patrick Harding is responsible for Ping Identity’s product and technology strategy, leading the Office of the CTO and leading Ping Labs.Patrick is also an active leader in the Internet Identity space, which includes being a Board member for the Open Identity Exchange, and heavily involved in other identity initiatives such as the OpenID Foundation, a Founding Board Member for the Information Card Foundation, a member of the Cloud Security Alliance, on many security and identity committees for OASIS. Patrick has been involved in the creation of numerous standards initiatives including SAML 2.0 and SCIM (System for Cross Domain Identity Management). Lastly, Patrick has been a regular speaker at leading industry conferences such as RSA, Digital ID World, SaaS Summit, Gartner Catalyst, Cloud Identity Summit as well as many others.

Previously, Patrick was a vice president and security architect at Fidelity Investments where I was responsible for aligning identity management and security technologies with the strategic goals of the business. As such, Patrick was integrally involved with the implementation of federated identity technologies at Fidelity — from “napkin” to production.

Sarah Munro

Barclays, Business Lead for Identity as a Service

Sarah Munro is Business Lead for Identity as a Service at Barclays, leading the team to become the first bank to be an identity provider as part of GOV.UK Verify and now developing future use cases for use internally and within the Public and Private Sector. Prior to joining Barclays, Sarah held a range of senior product marketing roles, most latterly as Director of International Marketing at Royal Mail.

Anthony NadalinAnthony Nadalin

Microsoft, Partner Architect, Standards & Policy Lead, Identity Division

Anthony’s current work encompasses technology standards engagements that play a strategic role in enterprise products, cloud services, operations management, consumer services, social networking, and mobile applications.  Supporting both browser-based and native applications is vital, as are client-to-server and server-to-server interaction patterns. Also at the forefront are the REST/JSON standards engagements which include OpenID, OAuth, Simple Web Discovery (SWD), and JSON Web Tokens (JWTs). Policy engagements are also a vital part of Anthony’s job as interactions are not just about protocols and do not occur in a policy vacuum; they are informed by business needs, public policies, and privacy expectations around the globe and thus have may engagements in the policy space throughout the world.

Anthony’s past experience includes 27 years at IBM, participation in many standards organizations (OASIS, IEEE, IETF, Open Group, W3C, ITU, ISO) aligning security strategy with standards. Anthony has co-authored many of the web services specifications, written 3 books around the scope of Java Security and 1 book on Web Services, as well as published many papers for various conferences. Anthony participated in designing, authoring, and developing various Java security standards such as, Java Authentications and Authorizations Services (JAAS), Java Crypto Extensions (JCE), Java Authorization Contract for Containers (JACC), JSR104 Java XML Signature Standard, JSR106 Java XML Encryption Standard. Anthony has also worked on the security for the following operating systems, MVS, AS400, VM/SP and OS/2. Anthony was responsible for delivering the OS/2 Security sub system drivers. He has spent many years working with various parts of the US government (on security) and spent 3+ years in Germany on assignment working on a special operating system for Atomic power plant and also spent 1 year on loan to the National Computer Security Center (NCSC) working on Orange Book evaluations for IBM operating systems.

James TimpsonJames Timpson

Timpson, Chief Executive 

James Timpson is Chief Executive of Timpson, a family retail business based in Manchester.

Through 820 shops across the UK and Ireland Timpson is the largest shoe repairer, key cutter, engraver and watch repairer. Timpson’s store portfolio was further increased by the purchase of 180 Max Spielmann photo processing stores in 2008 and an additional 121 Snappy Snap photo processing stores in 2013, boosting the Company’s turnover to £200M. Recent acquisitions have seen the total store numbers exceed 1300.

Over 3500 colleagues run the shops within an “upside down management” structure which Timpson has developed to ensure those serving customers are the most important colleagues in the business; everyone else is there to help them give amazing service. Coupled with this is a consistency on recruiting only those with amazing personalities.

James’s maverick approach to recruitment has also enabled them to successfully forge relationships with prisons across the UK, working closely together to identify ‘personalities’ within the system. Training is provided to those selected with the view that upon release they may secure employment with the Company. Colleagues who have joined the Company via this avenue are part of the ‘Timpson Foundation’, which is an internal initiative offering help and support to the individuals concerned.

Having successfully set up the Foundation, James has gone on to help and encourage other companies to recruit from prisons and currently Chairs the Employers Forum For Reducing Reoffending. These are a group of likeminded employers who are prepared to offer a second chance to an ex-offender, who wants to grasp the opportunity of employment and changing their lives for the better.

A major highlight of his career to date is being awarded the OBE, which he received in January 2011 for recognition to his ‘Services to Training and Employment for Disadvantaged People’. It’s not only a tremendous accolade for him personally, but also all the Timpson Team who work so hard to support those colleagues joining us through the Foundation, and the other community projects that falls under its umbrella.

Another milestone in recent years has been his appointment as the David Goldman Visiting Professor of Innovation for 2012/13, at the Newcastle University Business School. The appointment, for a 12 month period only, was an opportunity to help, inspire and motivate budding entrepreneurs, business leaders and students alike, along with providing a business school lecture!

The working week is always at a fast pace, but weekends are most definitely saved for his family. James lives with his wife Roisin and 3 children, Bede (16), Patrick (14) and Niamh (12) in Manley, Cheshire.

Board of Advisors

Eric SachsEric Sachs

Google, Senior Product Manager

Eric Sachs has worked in the areas of user identity and security for hosted Web applications since 1992. Since joining Google in 2003, he has worked as a Product Manager for many services, including the Google Account login system, Google Apps for Your Domain, social network, Google Health, Google Security, and Internal Systems. Eric previously worked with Google’s CIO on an effort to move Google’s internal systems to cloud-based technologies by leveraging the same developer tools that Google makes available publicly. Eric is now involved with industry efforts to increase adoption of Internet Identity standards including OAuth and OpenID as well as to evolve them. Before Google, Eric was CTO and co-founder of Interliant, which provided hosted corporate email services. While at Interliant, Eric led co-development projects with both IBM and Microsoft to build platforms for hosting consumer and enterprise Web applications. Eric graduated with a B.A. in computer science in 1993 from Rice University.

OIX Counsel

Tom SmedinghoffTom Smedinghoff

Partner in the Privacy & Data Protection practice group in the Chicago office of Locke Lord LLP. His practice focuses on the developing field of information law and electronic business activities, with an emphasis on electronic transactions, identity management, data security, privacy, and corporate information governance issues. Mr. Smedinghoff has been actively involved in developing e-business, e-signature, data security, and information legal policy both in the U.S. and globally. He currently serves as chair of the Identity Management Legal Task Force of the American Bar Association (ABA) Section of Business Law, and co-chair of its Cyber Security Committee. Previously, he was chair of the ABA Section of Science & Technology Law (1999-2000), chair of the ABA Electronic Commerce Division (1995-2003), and chair of the International Policy Committee (2008-2011). He is also a member of the U.S. Delegation to the United Nations Commission on International Trade Law (UNCITRAL), where he participates in the Working Group on Electronic Commerce and helped to negotiate the international e-commerce treaty titled the “United Nations Convention on the Use of Electronic Communications in International Contracts” and the UNCITRAL “Model Law on Electronic Signatures.” He was also the ABA Advisor to the Uniform Law Commission Committee to Implement the UN E-Commerce Convention (2008 – 2010), and served as an ABA Advisor to the Uniform Law Commission committee that drafted the Uniform Electronic Transactions Act. Mr. Smedinghoff is the author of the book titled INFORMATION SECURITY LAW: THE EMERGING STANDARD FOR CORPORATE COMPLIANCE, (IT Governance Publishing, 2008). He is also the editor and primary author of the e-commerce book titled ONLINE LAW: THE LEGAL GUIDE TO DOING BUSINESS ON THE INTERNET (Addison Wesley, 1996), as well as numerous articles on electronic transactions, identity, privacy, and data security law issues.