Colleen Theresa Brown

COLLEEN THERESA BROWN focuses on privacy, cybersecurity, data protection and emerging technology issues for a diverse group of companies, including those in the financial, life sciences, telecommunications, media, retail and manufacturing sectors. She also serves on the firm’s COVID-19 Task Force. Over the past decade, she has focused her practice on global data protection compliance, litigation and regulatory enforcement actions, and data breach response, crisis management and internal investigations. Colleen is a recommended lawyer by Legal 500 USA for Cyber Law, and Legal 500 notes, “Colleen Brown demonstrates ‘confidence in making judgment calls on complex issues.’” Washingtonian magazine named Colleen among its “Top Lawyers” for Cybersecurity in 2019.

Her counseling experience includes cyber risk and data breach management, corporate data protection and privacy compliance programs, international data protection and cross-border transfer, Big Data, Internet of Things, electronic surveillance, trade secrets, social media, cloud computing and online brand protection. She also has significant experience in counseling and strategy under CAN-SPAM, CCPA, CFAA, COPPA, ECPA, ESIGN, FCRA, FOIA, GDPR, GLBA, HIPAA, the Privacy Act, TCPA, Unfair and Deceptive Trade Practices, state privacy and common law claims including defamation and privacy torts, privacy regulations and enforcement in federal agencies including the Federal Trade Commission and the Federal Communications Commission, and industry self-regulation on privacy matters, including those related to online advertising and PCI DSS compliance. Colleen is a Certified Information Privacy Professional/United States through the International Association of Privacy Professionals (IAPP).

In addition to counseling and litigation related to data protection, her work also includes counseling and negotiation of data-driven agreements, as well as privacy and cybersecurity diligence and integration planning for mergers and acquisitions.

The following representative types of matters are illustrative of the breadth of Colleen’s practice:

• Assisting corporations with preparation for and responses to sophisticated cybersecurity incidents.
• Privacy and cybersecurity litigation, regulatory investigations and compliance counseling.
• International data protection compliance programs and cross-border transfers. 
• FTC and State Attorney General investigations involving privacy, data security and unfair or deceptive business practices.
• Diligence counseling for mergers related to data and privacy risks, and post-merger integration.
• Counseling for privacy and data protection compliance and risk mitigation in Big Data analytics and emerging technologies.

At Sidley, Colleen co-founded Women in Privacy^®, a networking group for women working as in-house counsel, compliance officers and other professionals in the field of privacy. Women in Privacy^® holds regular meetings in the U.S. and the EU and is dedicated to thought leadership for women privacy professionals. She is also chief editor of the Sidley Blog Data Matters: Cybersecurity, Privacy, Data Protection, Internet Law and Policy.