Data Privacy & Cybersecurity

Greenberg Traurig Shareholders Breton H. Permesly and Tyler J. Thompson will present the CLE webinar, “Personal Information in the Franchise Relationship,” on Wednesday, June 28 at 12:30 pm EDT. As privacy laws proliferate around the world while the value of customer personal information simultaneously increases, data has never been riskier or had

All modern privacy statutes regulate when personal information can be shared with third parties, whether those third parties are service providers, vendors, contractors, or business partners. Most modern privacy statutes recognize, however, that privacy risks are reduced when the third party is related to the organization from which the data originates. As the following chart

On April 17, 2023, the Washington State Legislature passed the “My Health My Data Act” (WMHMDA), which will take effect for most companies March 31, 2024. Unlike other modern state privacy laws that purport to regulate any collection of “personal data,” WMHMDA confers privacy protections only upon “Consumer Health Data.” This term is defined to

Greenberg Traurig is a sponsor of the Privacy + Security Forum 2023 Spring Academy May 10-12 in Washington, DC. The conference will break down the silos of privacy and security and bring together seasoned thought leaders, who will host virtual sessions and workshops designed to deliver practical takeaways for all conference participants.

Wednesday, May 10

In September 2021, Quebec’s Parliament updated its data privacy regime by passing the Act to Modernize Legislative Provisions as Regards the Protection of Personal Information, 2021 (“Law 25”). It is critical to determine whether an organization is subject to Law 25, as there are potential fines of up to 4% of an organization’s worldwide turnover.

Most of the modern state data privacy laws have attempted to exclude from their jurisdictional reach organizations that process de minimis amounts of personal information. The state statutes create different thresholds for what constitute de minimis processing base those thresholds largely on whether the organization sells personal information. The net result is that most states

Data protection authorities worldwide, including France’s Commission Nationale de l’Informatique et des Libertés (CNIL), the California attorney general (CAG), and the U.S. Federal Trade Commission (FTC), recently have indicated their intention to increase privacy enforcement efforts against mobile apps. As the digital landscape continues to evolve, data protection and privacy concerns remain

The IAPP Global Privacy Summit 2023, held April 4-5 in Washington, D.C., will bring together thousands of privacy pros from around the world for a comprehensive data privacy conference. The event will provide critical updates from key figures in the privacy field and offer new strategies and best practices. From technology and advertising to

Brazil’s Data Protection Agency clarifies what sanctions look like for violations of the country’s General Data Protection Law.[1]

On Feb. 27, 2023, Brazil’s Data Protection Agency (ANPD) issued the Regulation of Dosimetry and Application of Administrative Sanction (Regulation), which details fines and other sanctions for violations of Brazil’s General Data Protection Law (LGPD) by

The CCPA states that a service provider must be contractually prohibited from “retaining, using, or disclosing the personal information [provided to it by a business] for any purpose other than for the business purposes specified in the contract for the business . . . .”[1] That prohibition, however, may not apply to information once