Brian Hengesbaugh

Practice Areas

Brian Hengesbaugh is Chair of the Firm's Global Data Privacy and Security Business Unit, a Member of the Firm's Global IP Tech Steering Committee, and a Member of the Firm's Financial Institutions' Group. Brian is listed in The Legal 500 Hall of Fame and was recognized as a Regulatory & Compliance Trailblazer by the National Law Journal. He is also listed as a Leading Lawyer for Cyber law (including data protection and privacy) in The Legal 500 and is listed in Chambers. Formerly Special Counsel to the General Counsel of the US Department of Commerce, Brian played a key role in the development and implementation of the US Government’s domestic and international policy in the area of privacy and electronic commerce. In particular, he served on the core team that negotiated the US-EU Safe Harbor Privacy Arrangement (Safe Harbor), and earned a Medal Award from the US Department of Commerce for this service. In addition, Brian participated on behalf of the United States in the development of a draft Council of Europe Treaty on Cyber Crime, and in the negotiation of a draft Hague Convention on Jurisdiction and the Recognition of Foreign Judgments. Brian has been quoted in the Wall Street Journal, New York Times, Forbes, CNET, Slate Magazine, Compliance Weekly, BNA Bloomberg, PCWorld and other news publications on global privacy and security issues.

Brian provides advice on global data privacy, data protection, cybersecurity, digital media, direct marketing information management, and other legal and regulatory issues. He focuses on these issues in the context of: (i) advisory matters, such as new privacy and security laws and regulations (e.g. GDPR, CCPA, HIPAA, GLBA and others), as well as technology transformations related to IoT, blockchain, mobile, cloud, data monetization, and other initiatives; (ii) transactional matters, such as mergers & acquisitions, sourcing, distributor, business partner, and other third party arrangements; and (iii) crisis matters, such as data security events, regulatory and governmental inquiries related to privacy and security issues, internal investigations, and litigation-related matters.

Brian's practice covers privacy and information management, with emphasis on regulatory and transactional issues, including data security and information technology, privacy and data protection, sourcing, digital and electronic signatures, email and telemarketing, social media, cybercrime, and jurisdiction and the enforcement of foreign judgments.

Professional Memberships

American Bar Association - International Law Section

International Association of Privacy Professionals (IAPP) - Former Advisory Board Member

Publications

Connect on Tech –

• Co-author, “United States: SEC clarifies cybersecurity incident reporting under Item 1.05 on Form 8-K,” Connect on Tech, 24 May 2024

• Co-author, “NIST Publishes Draft Documents for Safer AI,” Connect on Tech, 22 May 2024

• Co-author, “From Brussels to Boulder: Colorado Enacts Comprehensive AI Law on the Heels of EU’s AI Act with Significant Obligations for Business and Employers,” Connect on Tech, 20 May 2024

• Co-author, “U.S. Prohibits Data Brokers from Making U.S. Sensitive Data Available to Foreign Adversaries,” Connect on Tech, 24 April 2024

• Co-author, “Kentucky is Off to the Races: Bluegrass state is 15th to Pass Comprehensive Privacy Law,” Connect on Tech, 10 April 2024

• Co-author, “You AI-n’t Nothing But a Hound Dog: Tennessee’s New ELVIS Act Puts AI Soundalikes in the Crosshairs,” Connect on Tech, 28 March 2024

• Co-author, “Hanging on the Telephone: FCC Deems AI Robocalls, Without Consent, Illegal under the TCPA,” Connect on Tech, 27 March 2024

• Co-author, “US Government to Restrict Sharing of US Bulk Sensitive Personal Data With Certain ‘Countries of Concern’,” Connect on Tech, 1 March 2024

• Co-author, “Living Free from the Sale of Personal Data: New Hampshire is the 14th US State to Pass Comprehensive Privacy Law,” Connect on Tech, 30 January 2024

• Co-author, “Celebrating Data Privacy Day 2024,” Connect on Tech, 29 January 2024

• Co-author, “Here, There and Everywhere: FTC Puts Location Data on the Enforcement Map for 2024,” Connect on Tech, 25 January 2024

• Co-author, “China’s Detailed Cybersecurity Reporting and Disclosure Rules,” Connect on Tech, 18 January 2024

• Co-author, “Lucky 13: the Garden State Cultivates the Privacy Landscape,” Connect on Tech, 11 January 2024

• Author, “Lions and tigers and bears, oh my! Global legal risks in cybersecurity investigations,” Connect on Tech, 5 January 2024

• Co-author, “FCC Refreshes its Data Breach Notification Rule,” Connect on Tech, 2 January 2024

• Co-author, “To Certify or Not to Certify: The EU-US Data Privacy Framework,” Connect on Tech, 29 September 2023

Insight Plus –

• Co-author, “United States: Biden's wide-ranging executive order on Artificial Intelligence sets the stage for regulation, investment, oversight, and accountability’,” Insight Plus, 9 November 2023

• Co-author, “United States: FTC recommends transparency when selling digital products and developing AI tools,” Insight Plus, 29 August 2023

• Co-author, “United States: SEC adopts final cybersecurity rules,” Insight Plus, 27 July 2023

Education

Expert in these Jurisdictions

USA

Languages Spoken

English, German