European Union

Regulatory authorities globally are prioritizing data deletion rights, including legislation like California’s Delete Act and enforcement actions in Europe and Oregon. Businesses should consider enhancing their mechanisms for handling deletion requests to ensure compliance and build consumer trust.
Continue Reading Enforcement Update: Regulatory Attention Focused on Deletion Requests

On Jan. 17, 2025, EU Regulation 2022/2554 on digital operational resilience for the financial sector (DORA) became applicable in the EU.

DORA focusses on risk management and resilience testing, with a strong focus on vendor risk management, incident management and reporting, and resilience testing of key systems.

DORA applies to financial institutions that are authorized

On Jan. 16, 2025 the European Data Protection Board (EDPB) published guidelines on the pseudonymization of personal data for public consultation. The Berlin Data Protection Commissioner (BlnBDI) played a leading role in drafting these guidelines (see the German-language BlnBDI press release). The consultation is ongoing, and comments can be submitted until Feb. 28, 2025

  1. Full Steam Ahead: The European Union’s (EU) Artificial Intelligence (AI) Act in Action — As the EU’s landmark AI Act officially takes effect, 2025 will be a year of implementation challenges and enforcement. Companies deploying AI across the EU will likely navigate strict rules on data usage, transparency, and risk management, especially for high-risk AI

David Zetoony, co-chair of GT’s U.S. Data, Privacy and Cybersecurity Practice, and Shareholders Reena Bajowala and Liz Harding will present the MyLawCLE and Federal Bar Association webinar, “Artificial Intelligence and Data Privacy: Current Laws and Regulations in the United States and the European Union,” Jan. 15, 2025.

This program will include an in-depth

The EU Digital Operational Resilience Act (DORA) takes effect Jan. 17, 2025, and will impact EU financial institutions and their providers of technology-related services (ICT Third Party Service Providers). This webinar will provide a practical overview of the obligations that will apply to both in-scope financial institutions and ICT Third Party Service Providers and explore current

The European Data Protection Board (EDPB) has recently (re)positioned itself on several controversial topics and published three new guidelines and opinions. Although not legally binding, they do have a significant influence on proceedings before the supervisory authorities and courts. This GT Alert discusses the EDPB’s new guidelines and their implications for companies dealing with personal

On Aug. 1, 2024, the EU Artificial Intelligence Act (AI Act) entered into force and will gradually take effect over the next 36 months. This marks not only the end of yet another legislative saga within the European Union but also the beginning of a new era in AI regulation. The AI Act creates an

Greenberg Traurig Shareholder Reena Bajowala will present the Strafford webinar “New EU Artificial Intelligence Act: Impact on U.S. Organizations, Strategies to Ensure Compliance” Tuesday, Sept. 10 from 1–2:30 p.m. EDT. This CLE course will explore the AI Act’s regulatory framework, summarize key points U.S. organizations need to understand, and provide practical steps for