Tori Downey

SAGE Innovation Attorney


Victoria ("Tori") Downey helps clients solve complex global privacy and data security compliance challenges when developing novel technologies, advancing into new markets, and evaluating privacy and security risks in corporate transactions, including mergers and acquisitions. Tori also assists clients in navigating security incidents and breach notification requirements and counsels on regulatory inquiries.

Tori advises clients on enhancing their data privacy and security profiles and building comprehensive global data protection programs. She provides guidance on issues relating to a vast array of state, federal and international privacy and cybersecurity laws, including:

  • Children’s Online Privacy Protection Act (COPPA)
  • EU General Data Protection Regulation (GDPR)
  • Section 5 of the Federal Trade Commission (FTC) Act
  • Telephone Consumer Protection Act (TCPA)
  • U.S. surveillance-related laws
  • U.S. state data breach notification laws
  • U.S. state privacy laws in California, Colorado, Connecticut, Utah and Virginia (CCPA, CPRA, CPA, CTDPA, UCPA, VCDPA)

Tori also supports clients in developing strategies to reduce the risk of security incidents, regularly advises on general consumer protection issues, and counsels on sweepstakes, marketing, and advertising matters.

Prior to joining Orrick, Tori served as an in-house data privacy and security law clerk at a pharmaceutical company in Boston, at a large nonprofit corporation in New York City, and at an international oil and gas company in Beijing. She also worked on data privacy matters in the Office of the General Counsel of Northeastern University. Having worked across diverse business sectors, including life sciences, technology and energy, Tori brings an in-house perspective to her client matters.