Arielle L. Brown

Arielle L. Brown

Senior Associate

Email [email protected]​

Phone +1 303 454 2410

Fax +1 303 899 7333

Practice groupGlobal Regulatory

Arielle Brown provides practical, innovative solutions to her clients navigating the everchanging environment of privacy and cybersecurity.

Advising domestically and across borders, she works with companies on an array of regulatory and compliance matters. Her experience includes advising on compliance with the California Consumer Privacy Act (CCPA), General Data Protection Regulation (GDPR), Personal Information Protection and Electronic Documents Act (PIPEDA), Telephone Consumer Protection Act (TCPA), Telemarketing Sales Rule (TSR), CAN-SPAM, Video Privacy Protection Act (VPPA), and Children's Online Privacy Protection Act (COPPA). She is designated as a Certified Information Privacy Professional (CIPP/US) by the International Association of Privacy Professionals.

Arielle served as a Westin Fellow at the International Association of Privacy Professionals. In law school, Arielle was the Editor-in-Chief of the Colorado Technology Law Journal and spent a summer working as a law clerk at the Federal Trade Commission under former commissioner Ohlhausen.

Education and admissions


J.D., University of Colorado School of Law, 2014

B.A., University of Colorado, with distinction, 2008


Member, International Association of Privacy Professionals

Bar admissions and qualifications


District of Columbia

Certified Information Privacy Professional (CIPP/US)

Representative experience

Developing and implementing CCPA and EU GDPR compliance programs, including advising on data mapping, data transfer mechanisms, and data subject request response and procedures.

Drafting and negotiating data protection/data processing agreements regarding the handling of personal data.

Drafting and negotiated privacy and data security provisions for commercial contracts, including service provider agreements.

Advising clients on preparing and implementing employee training programs, including training programs for compliance with the GDPR, CCPA, and U.S. marketing laws and regulations.

Advising on the remediation of privacy and data security deficiencies and gaps in legacy vendor contracts.

Assisting with M&A due diligence relating to data privacy, including advising on the current compliance posture of target companies and the associated risk levels.

Drafting external and internal privacy and data security policies and procedures, and assisting with creating the protocols necessary for implementation.

Loading data