In 2019, the International Organization for Standards joint technical committee ISO/IEC JTC1, Information technology subcommittee SC27, developed a privacy framework that was intended to build off of the existing ISO data security standards – i.e., ISO/IEC 27001:2013 (Information security management systems) and ISO/IEC 27002:2013 (Code of practice for information security controls) – by integrating into

Some privacy statutes explicitly reference “sensitive” or “special” categories of personal information. While such terms, when used, often include similar data types that are generally considered as raising greater privacy risks to data subjects if disclosed, the exact categories that fall under those rubrics differ between and among statutes. Furthermore, other privacy statutes do not

The NIST privacy framework refers to the term “current profile” to describe the current state of a company’s privacy program in relation to a specific Subcategory. So, for example, a company might include the following description in its current profile for the following subcategory:

Subcategory Current Profile
ID.IM-P1: Systems/products/services that process data are inventoried. The

On Wednesday, June 9, David A. Zetoony, U.S. co-chair of Greenberg Traurig’s Data, Privacy & Cybersecurity Practice, will present the WestLawLegal webinar “Tracking Technologies: An Update on the Current State of Law in the U.S. and Europe on Cookies, Pixels, Scripts and Other Ecosystem Changes.”

New laws, including the California Consumer Privacy

Recent major ransomware attacks against U.S. companies and infrastructure have been dominating the headlines. This 30-minute webinar led by our data security practice will provide an overview of recent threat trends related to ransomware and how companies can prepare to address this growing risk and respond effectively.

  • Newly aggressive threat actor tactics
  • A step-by-step guide

On May 28, 2021, New York City enacted privacy legislation that specifically targets owners of multifamily dwellings. The Tenant Data Privacy Act (TDPA) addresses perceived privacy issues surrounding the use of smart access systems in multi-family dwellings and is modeled, in part, after broader European and California privacy legislation.

Continue reading the full GT Alert.