In the latest episode of Axio’s Executive Insight Series, CEO Scott Kannry sat down with Jena Valdetero, Co-Chair of Greenberg Traurig’s U.S. Data, Privacy and Cybersecurity Group.
Continue Reading Executive Perspectives, Episode 4, Jena Valdetero

Updates on the Evolving Data Protection Landscape
In the latest episode of Axio’s Executive Insight Series, CEO Scott Kannry sat down with Jena Valdetero, Co-Chair of Greenberg Traurig’s U.S. Data, Privacy and Cybersecurity Group.
Continue Reading Executive Perspectives, Episode 4, Jena Valdetero
Virginia’s HB 2094 regulates high-risk AI systems, focusing on consumer protection. Developers must ensure transparency and manage risks, while deployers must disclose AI use. Generative AI outputs must be identifiable. Enforcement includes penalties up to $10,000. Effective July 1, 2026.
Continue Reading Virginia Poised to Become Second State to Enact Comprehensive AI Legislation
On Jan. 17, 2025, EU Regulation 2022/2554 on digital operational resilience for the financial sector (DORA) became applicable in the EU.
DORA focusses on risk management and resilience testing, with a strong focus on vendor risk management, incident management and reporting, and resilience testing of key systems.
DORA applies to financial institutions that are authorized…
The European Union has introduced significant new regulations, including the Digital Operational Resilience Act (DORA) and the EU AI Act.
The GT London team is hosting a roundtable briefing to explore:
Over the past few years, the rate of notable data breaches has risen considerably, and along with that rise has come an increase in class action litigation. In a world where any company can be the next victim of a breach, business leaders and their legal counsel should consider in advance how to protect privilege…
The Security Innovation Network (SINET) hosted its 10th Annual SINET Risk Executive Workshop Jan. 29-30, bringing together CISOs and risk executives for an exclusive, invitation-only event. Over the course of two days, participants engaged in thought leadership sessions that explored the evolving role of modern CISOs and risk executives.
GT Shareholder Jena Valdetero, U.S.
As we settle in to 2025, and five additional state privacy laws have or are about to go into effect, we wanted to put on your radar the obligation to conduct data protection impact assessments (DPIAs). In general, a DPIA should contain:
Greenberg Traurig Data Privacy & Cybersecurity Practice Shareholder Liz Harding presented “Artificial Intelligence: Understanding the US Legal and Regulatory Landscape Governing AI” to the ACC of Israel Feb. 11. The session discussed potential legal harms from the use of artificial intelligence and how the United States has addressed those harms, including by:
Six months after the SEC’s Cybersecurity Incident Disclosure Rule (SEC Rule) came into force, an April 2024 GT Alert summarized disclosure trends. The GT Alert identified that the companies who filed a mandatory form 8-K disclosing a cybersecurity incident had erred on the side of caution, hedged on whether the materiality threshold had been met…
On Jan. 16, 2025 the European Data Protection Board (EDPB) published guidelines on the pseudonymization of personal data for public consultation. The Berlin Data Protection Commissioner (BlnBDI) played a leading role in drafting these guidelines (see the German-language BlnBDI press release). The consultation is ongoing, and comments can be submitted until Feb. 28, 2025…