Jocelyn Aqua leads HWG LLP’s Data, Privacy, and Cybersecurity Practice and is a partner in the AI and Emerging Technology Practice. With over 20 years of experience in the public and private sectors, she advises clients on data privacy, cybersecurity, AI governance, and national security matters.
Jocelyn’s practice focuses on data and emerging technologies, advising clients on data governance, privacy, AI governance, cybersecurity, cross-border data transfers, national security, and related regulatory and compliance matters. She counsels organizations across diverse industries, including telecommunications, technology, healthcare, defense, financial services, and hospitality. Drawing on her cross-sector expertise, Jocelyn provides strategic, operational, and technical guidance to help clients interpret complex regulatory requirements, mitigate risk, and strengthen the maturity of their legal, compliance, incident response, due diligence, and governance programs.
Prior to joining HWG, Jocelyn was a Principal at PwC, where she served as a Data, Risk, Privacy, and AI Governance Principal. In that role, she advised clients on designing and implementing AI governance frameworks, privacy and data protection programs, incident response protocols, cross-border data transfer mechanisms, and regulatory risk assessments to enhance organizational governance maturity and compliance. Additionally, as the Data, Privacy & Ethics Leader for PwC Products & Technology, she built and led a 40-person global team responsible for data governance, privacy, accessibility, and AI governance. Jocelyn also served as interim Global Chief Privacy Officer at Citi, where she led enterprise-wide privacy and data governance initiatives and managed a global privacy and records compliance organization.
Jocelyn held senior roles in privacy, cybersecurity, and national security within the U.S. Department of Justice’s National Security and Criminal Divisions, as well as the Office of the Director of National Intelligence. In these capacities, she oversaw high-stakes matters at the intersection of privacy, cybersecurity, and national security; represented the United States in cross-border data-sharing negotiations with the European Commission; and helped shape enduring policy frameworks governing cloud computing, emerging technologies, transparency, cybersecurity, and privacy. For her contributions, Jocelyn received the Attorney General’s Award for Excellence in Furthering the Interests of U.S. National Security.
Earlier in her career, Jocelyn practiced at two leading global law firms where she counseled clients on complex regulatory, litigation, and arbitration matters.
Jocelyn is a Certified Information Privacy Professional (CIPP/G) through the International Association of Privacy Professionals. Outside of her client work, Jocelyn serves as External General Counsel to the AI Trust Foundation, a global nonprofit advancing responsible AI governance and innovation, as a Senior Fellow with the Future of Privacy Forum, a global nonprofit that serves as a catalyst for data privacy leadership and scholarship, and advisor and lecturer at the Digital Democracy Lab at William & Mary Law School. Jocelyn earned her J.D. from The George Washington University Law School, her M.A. from The George Washington University Elliott School of International Affairs, and her B.A. from Pennsylvania State University.