With its Russmedia judgment (C-492/23, Grand Chamber, 2 December 2025), the Court of Justice of the European Union (CJEU or Court) fundamentally reshapes how online marketplaces and other platforms hosting user-generated content must approach data protection compliance.
Continue Reading CJEU’s Russmedia Decision Expands Platform Controller Duties Under GDPR
Data brokers who offered brokerage services in California in 2025 must register or re-register their status with the state’s data broker registry by Jan. 31, 2026.
In-scope companies that fail to do so may be liable for administrative fines or even reasonable expenses incurred by the CalPrivacy regulator in investigating and bringing an administrative action
Please join Greenberg Traurig and San Francisco shareholders Darren J. Abernethy and Gretchen A. Ramos on Dec. 10, 2025, for a CLE reviewing the key activities from this year in the world of data privacy and reading the tea leaves for what in-house counsel teams may expect for next year, with a focus on practical action items for businesses.
Continue Reading ACC Webinar: Getting Ready for 2026 – Data Privacy Compliance Priorities
The last remaining provisions of the amendments to the New York Department of Financial Services’ (DFS) cybersecurity regulation called Part 500 came into effect Nov. 1, 2025.
Continue Reading NYDFS Final Cybersecurity Rules – MFA, Asset Inventory, and Third-Party Risk
On Oct. 28, 2025, please join Greenberg Traurig and leaders from its Chambers USA Band 1 Retail Industry Group and Privacy & Cybersecurity Practice, along with a legal director from Scott’s Company LLC, for a CLE exploring the evolving landscape of data privacy and security laws and their impact on in-house legal teams.
This expert
Starting Nov. 10, 2025, contractors and subcontractors handling controlled unclassified information (CUI) may be required to have a current CMMC Level 2 self-assessment for new contracts and option exercises involving CUI.
Continue Reading Recapping CMMC Level 2: Considerations for Government Contractors
Cybersecurity month starts with a critical compliance date for the Department of Justice (DOJ)’s Data Security Program (DSP). Starting on Oct. 6, any U.S. person or company handling Americans’ bulk sensitive or personal data or U.S. government-related data must implement a written data compliance program that lays out specified due diligence, audit, reporting, and recordkeeping processes for covered data transactions.
Continue Reading Incoming Deadlines and Requirements for DOJ’s Data Security Program on Oct. 6, 2025
On Sept. 23, 2025, the California Privacy Protection Agency (CPPA) announced that the state’s Office of Administrative Law (OAL) had formally approved the CPPA’s wide-ranging package of revised and new California Consumer Privacy Act (CCPA) regulations.
Continue Reading Revised and New CCPA Regulations Set to Take Effect on Jan. 1, 2026 – Summary of Near-Term Action Items
Greenberg Traurig’s 2025 Data Privacy Symposium in Chicago gathered more than 100 professionals for interactive sessions exploring the latest in data privacy, cybersecurity, and technology. Expert speakers led conversations on AI, AdTech, breach response, privacy litigation, and more, while attendees enjoyed networking opportunities at a lively reception and dinner.
Continue Reading Highlights from the Data Privacy Symposium 2025
