COLLEEN THERESA BROWN handles privacy, cybersecurity, data protection, artificial intelligence (AI), and emerging technology issues for a diverse group of companies, including those in the financial, life sciences, tech, energy, telecommunications, media, retail, and manufacturing sectors. She has focused her practice on digital risk management. This includes compliance, digital governance, investigations, litigation and regulatory enforcement, and crisis management related to privacy, data rights, digital safety, AI, cybersecurity, and data breaches.
Colleen is widely viewed as a thought leader and go-to counsel in privacy and cybersecurity law, having developed an exceptional track record for steering her clients through their most challenging matters and achieving excellent results. She is ranked in the Privacy & Data Security category of Chambers USA (2022–2024) for both Privacy and Cybersecurity (USA – Nationwide), and she is ranked in Chambers Global (2023–2024) for Privacy & Data Security (USA). Chambers USA quotes clients who say “Colleen is a great attorney. She’s well versed in the rapidly changing legal landscape. She’s also very responsive and great at assisting with complex questions” (2023). Global Data Review named her to its “Women in Data” list in 2022, The Lawyer Network recognized her as “Cybersecurity Lawyer of the Year” in Washington, D.C. in 2021 and 2022, and Euromoney’s Women in Business Law listed her as one of the world’s leading female practitioners in Privacy and Data Protection in 2022. Washingtonian named Colleen among its “Top Lawyers” for Cybersecurity in our nation’s capital in 2018 and again in 2024, and she is a recommended lawyer by Legal 500 USA for Cyber Law, which notes, “Colleen Brown demonstrates ‘confidence in making judgment calls on complex issues.’”
Colleen is a Certified Information Privacy Professional (CIPP)/United States and a certified Artificial Intelligence Governance Professional (AIGP) through the International Association of Privacy Professionals (IAPP). She is on the Advisory Boards of the Electronic Privacy Information Center and the Future of Privacy Forum in her personal capacity, and at Sidley she serves on the Steering Committee of the firm’s AI Working Group.
Colleen's counseling experience includes cyber risk and data breach management, corporate data protection and privacy compliance programs, international data protection and cross-border transfer, applied and generative AI, Big Data, Internet of Things, electronic surveillance, trade secrets, social media, cloud computing, and online brand protection. She also has significant experience in counseling and strategy under CAN-SPAM, CCPA, CFAA, COPPA, ECPA, ESIGN, FCRA, FOIA, GDPR, GLBA, HIPAA, the Privacy Act, TCPA, Unfair and Deceptive Trade Practices, state privacy laws, and common law claims including defamation and privacy torts. As well, Colleen addresses privacy regulations and enforcement in federal agencies including the Federal Trade Commission (FTC) and the Federal Communications Commission, and she advises on industry self-regulation on privacy matters, including those related to online advertising and PCI DSS compliance.
In addition to counseling and litigation related to data protection, Colleen's work also includes counseling and negotiation of data-driven agreements, privacy and cybersecurity diligence, and integration planning for mergers and acquisitions. She is sought after nationwide for her deep experience in assessing privacy and cybersecurity risk in acquisitions.
At Sidley, Colleen co-founded Women in Privacy® (WIP), a networking group for women working as in-house counsel, compliance officers, and other professionals in the field of privacy. WIP holds regular meetings in the U.S. and the EU and is dedicated to thought leadership for women privacy professionals. She is a frequent speaker, writer, and commenter on privacy and cybersecurity legal developments affecting all industries, and the chief editor of the Sidley Blog Data Matters.