James Flowers

I build and run privacy engineering programs at enterprise scale. That means owning the full lifecycle: threat modeling, PII data flow analysis, formal findings, remediation consulting, and independent validation. Not advising from the sidelines. Running the program.

At Apple and a major US telecommunications company, I served as the connective tissue between technical teams and regulatory reality. I maintained findings pipelines across dozens of concurrent product initiatives, held engineering and product organizations accountable to resolution, and escalated when they stalled. When teams claimed compliance, I made them prove it.

My work spans consumer and workforce privacy, GDPR, CCPA, and AI governance under the EU AI Act. That last area is where technical privacy expertise is most critically needed right now and hardest to find.

Currently available for senior privacy engineering, AI governance, and consulting engagements.