Katherine E. Armstrong


Katherine E. Armstrong assists clients with compliance matters related to U.S. federal and state privacy and data security laws, and more recently the GDPR and the California Consumer Privacy Act (CCPA), and the NYDFS Cyber Regulations.

With more than 30 years of consumer protection experience with the Federal Trade Commission (FTC), she provides clients with an in-depth perspective and working knowledge of the FTC its policy making efforts and enforcement activities. Specifically, she works with clients on Fair Credit Reporting Act (FCRA) and Gramm-Leach-Bliley Act (GLB Act) issues as well as the GDPR, CCPA and NY  Cyber Regulations. Katherine also advises clients on advertising and marketing issues and other matters regulated by the FTC. Katherine is a United States Certified Information Privacy Professional (CIPP-US).

Katherine co-leads Drinker Biddle’s Information Privacy, Security and Governance initiative, which brings together lawyers and professionals from across the firm to assist clients with assessing  information privacy and security practices, developing information governance programs, responding to regulatory compliance inquiries and investigations, and handling litigation related to information  privacy and security compliance. She also serves on the Editorial Board of the DBR on Data blog, which discusses developments in privacy, cybersecurity, information governance and data analytics.

While at the FTC, Katherine led numerous FCRA law enforcement investigations that resulted in consent decrees, and oversaw a number of FCRA rulemakings. She was also engaged in policy work in connection with data brokers and big data issues. Specifically, Katherine was part of the team that drafted the FTC’s Data Broker Report and led the Big Data Workshop.

During her tenure at the FTC, Katherine also served as an attorney to former Chairman Janet Steiger and Commissioner Sheila Anthony. In those roles, she advised the Chairman/Commissioner on the full range of consumer protection issues, including those involving privacy and unfair or deceptive acts or practices.

Katherine is a frequent speaker before industry conferences and other groups on privacy, data security, big data and FTC matters. She is co-chair of the American Bar Association’s Privacy and  Information Security Committee.

She is currently teaching a course at Marymount University’s School of Business and Technology, titled “Law Policy and Ethics in the Information Age.”


Official Commendation for Distinguished Service, Awarded by the Chairwoman of the Federal Trade Commission (2014)

Awards Methodology (www.drinkerbiddle.com/content/awards)


Bar Admissions

  • District of Columbia
  • Virginia


  • Lewis & Clark Law School, J.D.
  • Pitzer College, B.A.


  • American Bar Association, Section of Antitrust Law
    • Co-chair, Privacy and Information Security Committee (2018-2021)
    • Vice Chair, Janet D. Steiger Fellowship Project (2019-2020)
  • American Bar Association, Consumer Financial Services Committee, Federal and State Trade Practices Subcommittee, Chair (2015–2016); Vice-Chair (2011–2014)
  • Episcopal Diocese of Virginia, Annual Council, Parish Delegate
  • The Madeira School, McLean, VA, Board Member (2008–2016)