Regulatory authorities globally are prioritizing data deletion rights, including legislation like California’s Delete Act and enforcement actions in Europe and Oregon. Businesses should consider enhancing their mechanisms for handling deletion requests to ensure compliance and build consumer trust.
Continue Reading Enforcement Update: Regulatory Attention Focused on Deletion Requests
In the latest episode of Axio’s Executive Insight Series, CEO Scott Kannry sat down with Jena Valdetero, Co-Chair of Greenberg Traurig’s U.S. Data, Privacy and Cybersecurity Group.
Continue Reading Executive Perspectives, Episode 4, Jena Valdetero
The European Union has introduced significant new regulations, including the Digital Operational Resilience Act (DORA) and the EU AI Act.
The GT London team is hosting a roundtable briefing to explore:
Over the past few years, the rate of notable data breaches has risen considerably, and along with that rise has come an increase in class action litigation. In a world where any company can be the next victim of a breach, business leaders and their legal counsel should consider in advance how to protect privilege
The Security Innovation Network (SINET) hosted its 10th Annual SINET Risk Executive Workshop Jan. 29-30, bringing together CISOs and risk executives for an exclusive, invitation-only event. Over the course of two days, participants engaged in thought leadership sessions that explored the evolving role of modern CISOs and risk executives.
GT Shareholder Jena Valdetero, U.S.
As we settle in to 2025, and five additional state privacy laws have or are about to go into effect, we wanted to put on your radar the obligation to conduct data protection impact assessments (DPIAs). In general, a DPIA should contain:
Greenberg Traurig Data Privacy & Cybersecurity Practice Shareholder Liz Harding presented “Artificial Intelligence: Understanding the US Legal and Regulatory Landscape Governing AI” to the ACC of Israel Feb. 11. The session discussed potential legal harms from the use of artificial intelligence and how the United States has addressed those harms, including by:
Six months after the SEC’s Cybersecurity Incident Disclosure Rule (SEC Rule) came into force, an April 2024 GT Alert summarized disclosure trends. The GT Alert identified that the companies who filed a mandatory form 8-K disclosing a cybersecurity incident had erred on the side of caution, hedged on whether the materiality threshold had been met
On Jan. 16, 2025 the European Data Protection Board (EDPB) published guidelines on the pseudonymization of personal data for public consultation. The Berlin Data Protection Commissioner (BlnBDI) played a leading role in drafting these guidelines (see the German-language BlnBDI press release). The consultation is ongoing, and comments can be submitted until Feb. 28, 2025
GT Shareholder David A. Zetoony, co-chair of the firm’s U.S. Data Privacy and Cybersecurity Practice, will present the CLE webinar “The Ethical Issues Involved with Creating a Data Protection Impact Assessment (DPIA)” Jan. 21, 2025. While thousands of companies are required to create, maintain, and update DPIAs, few attorneys have experience creating