In the latest episode of Axio’s Executive Insight Series, CEO Scott Kannry sat down with Jena Valdetero, Co-Chair of Greenberg Traurig’s U.S. Data, Privacy and Cybersecurity Group.
Continue Reading Executive Perspectives, Episode 4, Jena Valdetero
Virginia Poised to Become Second State to Enact Comprehensive AI Legislation
Virginia’s HB 2094 regulates high-risk AI systems, focusing on consumer protection. Developers must ensure transparency and manage risks, while deployers must disclose AI use. Generative AI outputs must be identifiable. Enforcement includes penalties up to $10,000. Effective July 1, 2026.
Continue Reading Virginia Poised to Become Second State to Enact Comprehensive AI Legislation
Exploring DORA: Potential Implications for EU and UK Businesses
On Jan. 17, 2025, EU Regulation 2022/2554 on digital operational resilience for the financial sector (DORA) became applicable in the EU.
DORA focusses on risk management and resilience testing, with a strong focus on vendor risk management, incident management and reporting, and resilience testing of key systems.
DORA applies to financial institutions that are authorized
March 4 EVENT | DORA and the EU AI Act – Navigating New EU Rules
The European Union has introduced significant new regulations, including the Digital Operational Resilience Act (DORA) and the EU AI Act.
The GT London team is hosting a roundtable briefing to explore:
Privilege Under Pressure: The Shifting Data Breach Investigation Landscape
Over the past few years, the rate of notable data breaches has risen considerably, and along with that rise has come an increase in class action litigation. In a world where any company can be the next victim of a breach, business leaders and their legal counsel should consider in advance how to protect privilege
EVENT | Jena Valdetero Speaks at SINET’s 10th Annual Risk Executive Workshop
The Security Innovation Network (SINET) hosted its 10th Annual SINET Risk Executive Workshop Jan. 29-30, bringing together CISOs and risk executives for an exclusive, invitation-only event. Over the course of two days, participants engaged in thought leadership sessions that explored the evolving role of modern CISOs and risk executives.
GT Shareholder Jena Valdetero, U.S.
Reminder: Data Protection Impact Assessments May Be Required Under New State Privacy Laws
As we settle in to 2025, and five additional state privacy laws have or are about to go into effect, we wanted to put on your radar the obligation to conduct data protection impact assessments (DPIAs). In general, a DPIA should contain:
- a systematic description of potential processing operations and the purpose of the processing,
EVENT | ACC Israel: Understanding the US Legal and Regulatory Landscape Governing AI
Greenberg Traurig Data Privacy & Cybersecurity Practice Shareholder Liz Harding presented “Artificial Intelligence: Understanding the US Legal and Regulatory Landscape Governing AI” to the ACC of Israel Feb. 11. The session discussed potential legal harms from the use of artificial intelligence and how the United States has addressed those harms, including by:
- Reinterpreting consumer protection
SEC Cybersecurity Disclosure Trends: 2025 Update on Corporate Reporting Practices
Six months after the SEC’s Cybersecurity Incident Disclosure Rule (SEC Rule) came into force, an April 2024 GT Alert summarized disclosure trends. The GT Alert identified that the companies who filed a mandatory form 8-K disclosing a cybersecurity incident had erred on the side of caution, hedged on whether the materiality threshold had been met
EDPB Release Pseudonymization Guidelines to Enhance GDPR Compliance
On Jan. 16, 2025 the European Data Protection Board (EDPB) published guidelines on the pseudonymization of personal data for public consultation. The Berlin Data Protection Commissioner (BlnBDI) played a leading role in drafting these guidelines (see the German-language BlnBDI press release). The consultation is ongoing, and comments can be submitted until Feb. 28, 2025