Skip to content
  1. EEA Cross-Border Transfers. The U.S. and the EU will work towards, and hopefully reach, a cross-border data transfer solution.
  2. Ransomware. More ransomware attacks and increased regulatory scrutiny of companies that pay ransom demands.
  3. Digital Advertising. Development of alternate marketing strategies, and perhaps more reliance on consumer opt-in, as privacy laws further erode traditional tracking and targeting approaches.
  4. COVID-19 Data Sharing. Entities involved in the COVID-19 response ecosystem will continue to have reporting, data sharing, and management requirements that vary based on jurisdiction.
  5. Access Requests. Businesses will make operational updates relating to employee and B2B data collection, geolocation, cross-contextual behavioral advertising and sharing to ensure compliance with the 12-month “look-back” requirement for access requests.
  6. State Privacy Legislation. Other states will join California and pass their own privacy laws, further complicating compliance for companies.
  7. FTC Investigations. With the Biden administration in place, there will be an increase in privacy-related regulatory investigations.
  8. Health Data Compliance. Further complications in health data compliance between state and federal law.
  9. Record Retention Policies. There will be increased focus on the appropriate retention periods and consumer notice of retention periods in the EU, and by 2023 in California under the CPRA.
  10. Privilege in Breach Investigations. There will be more litigation and guidance on steps to trigger and not inadvertently waive privilege in relation to third party forensic investigations.
Print:
EmailTweetLikeLinkedIn
Photo of Darren Abernethy Darren Abernethy

Darren J. Abernethy is a data privacy attorney with more than a decade of experience, including in AmLaw private practice in Washington, D.C. and as in-house counsel at startups and a leading privacy technology vendor. He advises clients on matters related to advertising…

Darren J. Abernethy is a data privacy attorney with more than a decade of experience, including in AmLaw private practice in Washington, D.C. and as in-house counsel at startups and a leading privacy technology vendor. He advises clients on matters related to advertising technology, privacy, data breach management, and FTC best practices.

Darren’s concentrations include the California Consumer Privacy Act (CCPA), the European Union General Data Protection Regulation (GDPR)/ePrivacy, digital advertising, direct marketing, and IP-related transactional matters.

Photo of Ian C. Ballon Ian C. Ballon

Ian Ballon is an intellectual property and Internet litigator who is the Co-Chair of Greenberg Traurig LLP’s Global Intellectual Property & Technology Practice Group. He represents clients in copyright, DMCA, trademark, trade secret, right of publicity, privacy, security, software, database and Internet- and…

Ian Ballon is an intellectual property and Internet litigator who is the Co-Chair of Greenberg Traurig LLP’s Global Intellectual Property & Technology Practice Group. He represents clients in copyright, DMCA, trademark, trade secret, right of publicity, privacy, security, software, database and Internet- and mobile-related disputes and in the defense of data privacy, security breach, behavioral advertising, TCPA and other Internet-related class action suits. Please click here to view a list of some of his recent cases.

Mr. Ballon, who splits his time between the firm’s Silicon Valley and LA offices, is the author of the five-volume legal treatise, E-Commerce and Internet Law: Treatise With Forms 2d Edition (Thomson Reuters West 2008 & 2018 Cum. Supp., www.ianballon.net) and the earlier first edition, which has been cited in state and federal court opinions. He is also the author of The Complete CAN-SPAM Act Handbook (West 2008) and The Complete State Security Breach Notification Compliance Handbook (West 2009). In addition, Mr. Ballon serves as Executive Director of Stanford University Law School’s Center for E-Commerce and serves as a member to the consultative group to the American Law Institute’s Principles of the Law, Data Privacy project. He previously served as an Advisor to the American Law Institute’s Intellectual Property: Principles Governing Jurisdiction, Choice of Law, and Judgments in Transnational Disputes (ALI Principles of Law 2007).

Mr. Ballon has been named one of the top 100 lawyers in California and has been recognized as one of the Top 75 intellectual property litigators in California by the Los Angeles and San Francisco Daily Journal in every year that the list has been published, from 2009 through 2018. He also was named the “Lawyer of the Year” for technology law in 2018 and for information technology law in the 2019, 2016, and 2013 editions of The Best Lawyers in America. In 2018 and 2019, he was named one of the top 10 Cyber/Artificial Intelligence Lawyers in California by The Daily Journal, was recognized in World Trademark Review’s “WTR 1000,” in 2018 as a leading trademark attorney in California for trademark litigation, and named to the 2018 Lawdragon 500 Leading lawyers list. In 2017, he was selected as an “Intellectual Property Trailblazer” by the National Law Journal and named a “Groundbreaker” by The Recorder in its 2017 Litigation Departments of the Year awards for winning a series of TCPA class action suits. Mr. Ballon was recognized as the 2012 New Media Lawyer of the Year by the Century City Bar Association. In 2010, he was the recipient of the California State Bar Intellectual Property Law section’s Vanguard Award for outstanding legal professionals who are spearheading new developments in the world of intellectual property. Mr. Ballon was listed in Variety’s “Legal Impact Report: 50 Game-Changing Attorneys” (2012) and was recognized as one of the top new media lawyers in the United States by CyberEsq. magazine, one of the 100 most influential lawyers in California by California Law Business, one of the top 100 lawyers in L.A. by the Los Angeles Business Journal, a Northern California “Super Lawyer” (every year from 2004 through 2020), one of the top 50 IP Litigators in California and one of the top 25 copyright, trademark and patent lawyers in California by The Daily Journal. He is listed in Legal 500 U.S., The Best Lawyers in America in the areas of intellectual property and information technology and in the Chambers and Partners USA Guide in the areas of privacy and data security as well as IT and outsourcing.

Mr. Ballon is admitted to practice in California, the District of Columbia and Maryland and before the U.S. Supreme Court and multiple U.S. Circuit Courts of Appeal. He also has been elected to membership in the American Law Institute and holds the CIPP/US certification from the International Association of Privacy Professionals.

Photo of Kate Black Kate Black

Kate Black’s practice focuses on data privacy, information protection, and commercial transactions in consumer technology, digital health, life sciences, and genetics. Kate provides companies with comprehensive, practical strategies for meeting their regulatory obligations while building and maintaining public trust and advancing innovative and…

Kate Black’s practice focuses on data privacy, information protection, and commercial transactions in consumer technology, digital health, life sciences, and genetics. Kate provides companies with comprehensive, practical strategies for meeting their regulatory obligations while building and maintaining public trust and advancing innovative and emerging models of health care research and delivery. She’s managed every aspect of global privacy programs, including supervising privacy assessments, providing product strategy and counseling, managing complex vendor and partner agreements, and overseeing security policy audits for leading health technology companies. She regularly advises on proposed regulatory and legislative changes that will impact the health technology environment and has been a featured speaker and frequent lecturer on data privacy and cybersecurity, data analytics, digital health, mobile medical applications, and privacy issues related to genetic and health research.

Prior to joining the firm, Kate served as 23andMe’s first Global Privacy Officer in Mountain View, CA and worked in the Office of Policy and Planning in the Office of the National Coordinator for Health IT in the U.S. Department of Health and Human Services in Washington, D.C.

Photo of Gretchen A. Ramos Gretchen A. Ramos

Gretchen A. Ramos is Co-Chair of the Data, Privacy & Cybersecurity Practice and focuses her practice on privacy, cybersecurity, and information management. A creative problem-solver with a long track record of success in commercial disputes, she never loses sight of the simple fact…

Gretchen A. Ramos is Co-Chair of the Data, Privacy & Cybersecurity Practice and focuses her practice on privacy, cybersecurity, and information management. A creative problem-solver with a long track record of success in commercial disputes, she never loses sight of the simple fact that she works in a service industry. Clients appreciate not only her legal skills, but also her direct, no-nonsense approach to client service, including her bullet-pointed emails, snapshot executive summaries, and creativity in finding ways to streamline communications for in-house counsel with dozens of other projects—and little time—on their hands.

Gretchen’s clients come from diverse industries, including technology (SaaS), health care and life sciences, consumer products, manufacturing, academic institutions, and non-profits. She provides clients with practical business advice on compliance with state and federal U.S. laws, GDPR, APEC, and other global privacy laws in relation to their external and internal privacy and security procedures, product and app development, and advertising practices. Gretchen also regularly drafts and negotiates contracts concerning data-related vendors, assists clients in assessing privacy risks in corporate transactions, and provides guidance on and conducts privacy and security assessments. She has managed dozens of data breaches, and helps clients prepare for and immediately respond to security incidents and breaches.

Photo of Jena M. Valdetero Jena M. Valdetero

Jena M. Valdetero serves as Co-Chair of the firm’s U.S. Data, Privacy and Cybersecurity Practice where she advises clients on complex data privacy and security issues. She has led more than 1,000 data breach investigations. A litigator by background, Jena defends companies against…

Jena M. Valdetero serves as Co-Chair of the firm’s U.S. Data, Privacy and Cybersecurity Practice where she advises clients on complex data privacy and security issues. She has led more than 1,000 data breach investigations. A litigator by background, Jena defends companies against privacy and data breach litigation, with an emphasis on class action lawsuits. She has designed and conducted dozens of data breach tabletop exercises to empower clients to respond effectively to a data security incident. She also counsels companies on data privacy and security compliance programs and advises on cyber risks associated with mergers and transactions. Jena also advises a diverse array of clients on compliance with existing and emerging privacy laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), the Gramm Leach Bliley Act (GLBA), and the Health Insurance Portability and Accountability Act (HIPAA). She is a certified privacy professional through the International Association of Privacy Professionals (CIPP/US), for which she is a former KnowledgeNet Co-Chair.
Jena is a passionate advocate of diversity and inclusion. She currently serves as a board member of the Chicago chapter of Women in Law Empowerment Forum.

Photo of David A. Zetoony David A. Zetoony

David Zetoony, Co-Chair of the firm’s U.S. Data, Privacy and Cybersecurity Practice, focuses on helping businesses navigate data privacy and cyber security laws from a practical standpoint. David has helped hundreds of companies establish and maintain ongoing privacy and security programs, and he

David Zetoony, Co-Chair of the firm’s U.S. Data, Privacy and Cybersecurity Practice, focuses on helping businesses navigate data privacy and cyber security laws from a practical standpoint. David has helped hundreds of companies establish and maintain ongoing privacy and security programs, and he has defended corporate privacy and security practices in investigations initiated by the Federal Trade Commission, and other data privacy and security regulatory agencies around the world, as well as in class action litigation.

David receives regular recognitions from clients and peers for his knowledge and experience in the fields of data privacy and security. The National Law Journal named him a “Cybersecurity and Data Privacy Trailblazer,” JD Supra recognized him four times as one of the most widely read names when it comes to data privacy, cyber security, or the collection and use of data, and Lexology identified him six times as the top “legal influencer” in the area of technology, media, and telecommunications in the United States, the European Union, and in the context of cross-border transfers of information. He is the author of the American Bar Associations primary publication on the European General Data Protection Regulation (GDPR) and is writing the American Bar Associations primary publication on the California Consumer Privacy Act (CCPA).