About the IAPP

Brian Hengesbaugh, CIPP/US

Baker McKenzie

Global Chair Data and Cyber

Brian Hengesbaugh is Chair of the Firm's Global Data Privacy and Security Group. His practice has been consistently recognized by the main legal directories. Brian played a key role in the development and implementation of the US Government’s domestic and international policy in the area of privacy and electronic commerce, serving on the core team that negotiated the US-EU Safe Harbor Privacy Arrangement. In addition, Brian participated on behalf of the United States in the development of a draft Council of Europe Treaty on Cyber Crime, and in the negotiation of a draft Hague Convention on Jurisdiction and the Recognition of Foreign Judgments. Brian's practice covers privacy and information management, with emphasis on regulatory and transactional issues, including data security and information technology, privacy and data protection, sourcing, digital and electronic signatures, email and telemarketing, social media, cyber-crime, and jurisdiction and the enforcement of foreign judgments.

Contributions by Brian Hengesbaugh

• A Glimpse Into the Future of Cross-border Data Regulation
  Speaker at IAPP Privacy. Security. Risk. 2025
• Future of Cross-Border Data Transfers in an Uncertain World
  Speaker at In-Person Chicago KnowledgeNet: 16 April 2025
• Lions and Tigers and Bears, oh my! Legal Risks in Cybersecurity Investigations
  Speaker at IAPP Privacy. Security. Risk. 2024
• Taming the beast: 7 tips for privacy professionals to facilitate responses to DSARs, reduce risk and build trust
  The Privacy Advisor
• Lions and tigers and bears, oh my! Global legal risks in cybersecurity investigations
  The Privacy Advisor
• Why should my company join the EU-US Data Privacy Framework?
  Privacy Perspectives
• How existing data privacy laws may already regulate data-related aspects of AI
  Privacy Perspectives
• 'Pen testing' your privacy program: Steps to test your privacy compliance before the onset of litigation or enforcement actions
  The Privacy Advisor
• CCPA/CPRA grace period for HR and B2B ends Jan. 1
  The Privacy Advisor
• Do's and Don'ts for Responding to a Global Ransomware Attack
  Speaker at IAPP Global Privacy Summit 2022
• The road ahead in an uncertain world of cross-border data transfers
  The Privacy Advisor
• Top-10 do’s and don’ts for service providers implementing the new SCCs with EU customers
  The Privacy Advisor
• Why the Biden administration should 'go big' on global data transfers solution
  Privacy Perspectives
• London, San Francisco, Silicon Valley, and Tel Aviv Celebrate Data Privacy Day - The Privacy Pro's Role in a Cybersecurity Attack
  Speaker at Virtual Transatlantic Data Privacy Day KnowledgeNet: 28 January 2021
• Applying privacy law in 3 dimensions: How to focus on solutions and maximize value
  The Privacy Advisor
• 7 predictions for the road ahead after 'Schrems II'
  Privacy Perspectives
• What Privacy Shield organizations should do in the wake of 'Schrems II'
  The Privacy Advisor