Brian Hengesbaugh

Practice Areas

Brian Hengesbaugh is Chair of the Firm's Global Data Privacy and Security Business Unit, a Member of the Firm's Global IP Tech Steering Committee, and a Member of the Firm's Financial Institutions' Group. Brian is listed in The Legal 500 Hall of Fame and was recognized as a Regulatory & Compliance Trailblazer by the National Law Journal. He is also listed as a Leading Lawyer for Cyber law (including data protection and privacy) in The Legal 500 and is listed in Chambers. Formerly Special Counsel to the General Counsel of the US Department of Commerce, Brian played a key role in the development and implementation of the US Government’s domestic and international policy in the area of privacy and electronic commerce. In particular, he served on the core team that negotiated the US-EU Safe Harbor Privacy Arrangement (Safe Harbor), and earned a Medal Award from the US Department of Commerce for this service. In addition, Brian participated on behalf of the United States in the development of a draft Council of Europe Treaty on Cyber Crime, and in the negotiation of a draft Hague Convention on Jurisdiction and the Recognition of Foreign Judgments. Brian has been quoted in the Wall Street Journal, New York Times, Forbes, CNET, Slate Magazine, Compliance Weekly, BNA Bloomberg, PCWorld and other news publications on global privacy and security issues.

Brian provides advice on global data privacy, data protection, cybersecurity, digital media, direct marketing information management, and other legal and regulatory issues. He focuses on these issues in the context of: (i) advisory matters, such as new privacy and security laws and regulations (e.g. GDPR, CCPA, HIPAA, GLBA and others), as well as technology transformations related to IoT, blockchain, mobile, cloud, data monetization, and other initiatives; (ii) transactional matters, such as mergers & acquisitions, sourcing, distributor, business partner, and other third party arrangements; and (iii) crisis matters, such as data security events, regulatory and governmental inquiries related to privacy and security issues, internal investigations, and litigation-related matters.

Brian's practice covers privacy and information management, with emphasis on regulatory and transactional issues, including data security and information technology, privacy and data protection, sourcing, digital and electronic signatures, email and telemarketing, social media, cybercrime, and jurisdiction and the enforcement of foreign judgments.

Professional Memberships

American Bar Association - International Law Section

International Association of Privacy Professionals (IAPP) - Former Advisory Board Member