Colleen Theresa Brown

The following representative types of matters are illustrative of the breadth of Colleen’s practice:

• Assisting corporations with preparation for and responses to sophisticated cybersecurity incidents.
• Privacy and cybersecurity litigation, regulatory investigations, and compliance counseling.
• International data protection compliance programs and cross-border transfers.
• FTC and State Attorney General investigations involving privacy, data security, and unfair or deceptive business practices.
• Diligence counseling for mergers related to data and privacy risks, and post-merger integration.
• Counseling for privacy and data protection compliance and risk mitigation in Big Data analytics and emerging technologies.

Regulatory

• Counseled a tech company on evolving privacy and cybersecurity laws and regulation, including for compliance with new state privacy laws and changes to European data protection and international transfer obligations in the wake of the EJF Schrems II decision. Worked closely with client on its cybersecurity preparedness, including support for a new bug bounty program and evaluations of significant changes in the industry flowing from President Biden’s 2021 Cybersecurity Executive Order.
• Advised a large international pharmaceutical company on the development and implementation of a global privacy program, including assisting the company with its data mapping activities; drafting all necessary privacy policies, notices, assessments and procedures; reviewing vendor contracts; developing template contractual provisions and minimum information security requirements for vendors; and advising on international transfers, including in the context of Schrems II.
• Counseled a Northwestern University in developing its testing and tracing policies to open the university, which required balancing privacy interests while mitigating university health risks during the COVID-19 pandemic.
• Advised a foundation in the development of a platform during the pandemic that assists in mitigating PPE supply chain issues at the local level.
• Provided strategic counseling to U.S. Digital Response, a volunteer-powered, non-partisan effort to help governments respond to the COVID-19 pandemic crisis by leveraging technology, data, communications, and other digital initiatives. This led to the development of a model data protection addendum for government use in the development of exposure alerting applications and systems published by MIT’s Computational Law Report.
• Defended a major financial institution in regulatory inquiry by the New York Department of Financial Services in connection with their review of compliance with the DFS Cybersecurity Regulations in the wake of a data security incident.
• Defended a major department store in connection with an FTC civil investigation of allegations of FCRA noncompliance. The matter was closed without enforcement action.
• Advised a major luxury retailer on new privacy law compliance, data security incident preparedness and response, and regulatory defense and litigation for privacy and cybersecurity matters, including in the wake of data security incidents.
• Advised a large regional energy company on cybersecurity incident response, as well as on privacy law compliance in light of new state law requirements and crisis preparedness, considering new executive order cybersecurity requirements for the critical infrastructure sector.

Litigation

• Represented Kroger Co. with regard to the Accellion data breach, which involved a complex supply chain data security incident and response, as well as class action claims attempting to press a novel theory of liability for downstream customers of a compromised vendor.
• Represented a large retailer in class action litigation regarding electronic communications on websites owned by the client in violation of state wiretapping and privacy laws. The plaintiff sought to represent a class consisting of more than 5,000 unique visitors. After removing the case from state court to federal court and an unanswered motion to compel arbitration, plaintiffs voluntarily dismissed the case.
• Represented a medical trade organization in a claim against a vendor for breach of contract and other claims related to a 2020 data security incident.
• Represented a leading “rich-media” internet advertising company in multi-district litigation regarding alleged circumvention of Safari browser privacy settings to enable subsequent online tracking. Also handled related congressional inquiries, as well as non-public discussions with certain regulators. Successfully briefed dismissal and then negotiated a highly favorable class action and state attorney general settlement for this client.
• Represented a meal kit delivery company in the wake of its 2020 data security incident, which has resulted in the dismissal of multiple arbitration cases.

Transactions

• Representation of Flex Ltd. (Nasdaq: FLEX) and its Fremont, California-based solar technology subsidiary, Nextracker Inc. (Nasdaq: NXT), in its upsized US$734.2 million initial public offering, making it the largest IPO of 2023.
• Represented Grove Collaborative, a leading sustainable consumer products company, in its business combination with Virgin Group Acquisition Corp. II (NASDAQ: VGII), a SPAC, with an implied pro forma enterprise value of US$1.5 billion.
• Represented Walgreens Boots Alliance in its agreement to invest US$5.2 billion in VillageMD, which will make Walgreens the first national pharmacy chain to offer full-service primary care practices with primary care physicians and pharmacists co-located at its stores at a large scale.
• Represented Prudential Financial, Inc. in the sale of a US$31 billion portion of its in-force legacy variable annuity block for US$2.2 billion to Fortitude Re, Bermuda’s largest multi-line reinsurer (pending).
• Represented OMERS, the defined benefit pension plan for municipal employees in the Province of Ontario, Canada, in its partnership with Gastro Health, a national leading U.S. platform supporting medical groups specializing in the treatment of gastrointestinal disorders, nutrition, and digestive health.
• Represented Home Partners of America, Inc. in its acquisition by Blackstone Real Estate Income Trust, Inc., an affiliate of The Blackstone Group Inc., in a transaction valued at US$6.0 billion.
• Represented ServiceTitan in its acquisition of Aspire Software, a provider of management software solutions for customers in the landscaping business.
• Represented Primerica, Inc. in its strategic acquisition of 80% of Etelequote Limited’s operating subsidiaries (collectively, e-TeleQuote), which were valued on a pre-debt enterprise basis at US$600 million.
• Represented GIC in connection with its agreement to acquire an indirect 19.9% equity interest in Duke Energy Indiana, a subsidiary of Duke Energy, for a total purchase price of US$2.05 billion.
• Represented Porch.com, Inc. in its business combination with PropTech Acquisition Corporation, a special purpose acquisition company (SPAC), to become a publicly listed company named “Porch Group, Inc.”
• Represented Biodesix, Inc., a Boulder-based biotech company, in connection with its initial public offering of US$72 million.
• Represented MetLife in its pending acquisition of Versant Health from an investor group led by Centerbridge Partners and including FFL Partners for a purchase price of approximately US$1.7 billion.
• Represented affiliates of Siris Capital Group, LLC (sellers) and Pulse Secure, LLC (target company) in the sale of Pulse Secure, LLC to Ivanti, Inc.
• Represented Provation, a provider of procedure documentation and clinical decision software solutions backed by Clearlake Capital Group., L.P. in its acquisition of ePreop, a provider of perioperative SaaS solutions designed to simplify the entire surgical encounter.
• Represented Outset Medical Inc., a private equity-backed medical technology company focused on an innovative dialysis solution, in connection with its initial public offering, which was upsized to nearly US$278 million (including green shoe).
• Represented Walgreens Boots Alliance, Inc. in its agreement to invest US$1 billion in equity and convertible debt in VillageMD, which will primarily be used to fund the opening of full-service doctor offices co-located at Walgreens stores on a large scale.
• Represented Ryan Specialty Group, LLC (RSG) in its definitive agreement to merge with All Risks, Ltd.
• Represented HMS in the acquisition of Accent, a payment accuracy and cost containment business, from Intrado Corporation for US$155 million.
• Represented OMERS Private Equity, the defined benefit pension plan for Ontario’s municipal employees, in its sale of MatrixCare Holdings Inc. to ResMed Operations Inc. for US$750 million.

Colleen advises civil rights and equality organizations through pro bono representations regarding complex constitutional and other general privacy issues. Her work contributed substantially to the firm being awarded the 2010 Thurgood Marshall  Award for Exceptional Pro Bono Service by the Muslim Advocates, a sister entity of the National Association of Muslim Lawyers, for Sidley’s efforts in litigation to protect civil liberties.

• Future of Privacy Forum (FPF), Advisory Board
• Women in Privacy^® (WIP), an international networking group for women data protection and privacy professionals
• International Association of Privacy Professionals (IAPP)
• American Bar Association (ABA), Antitrust Law Section and Privacy and Information Security Committee
• ARMA International (International Association for Information Governance Professionals)
• Electronic Privacy Information Center (EPIC), Advisory Board