Data Privacy & Cybersecurity

No. A privacy framework describes a set of standards or concepts around which a company bases its privacy program. Typically, a privacy framework does not attempt to include all privacy-related requirements imposed by law or account for the privacy requirements of any particular legal system or regime. As a result, a company can utilize a

The Data, Privacy & Cybersecurity Practice of global law firm Greenberg Traurig, LLP is recognized in the 2022 Chambers USA Guide. The guide, which is researched by UK-based Chambers and Partners and is based on thousands of interviews with practicing lawyers and clients, ranked the practice Band 1 for Nationwide Privacy & Data Security:

Modern state privacy laws confer upon individuals the ability to ask for their personal information to be deleted. Statutes differ, however, in the scope of the “deletion right.” For example, some states only permit consumers to request the deletion of personal information that the consumer provided to the organization (allowing the organization to keep personal

All modern data privacy statutes allow individuals the ability to request that organizations take certain actions in relation to their personal information. Organizations are not always required to take the actions requested, however, and often exercise discretion in terms of how to handle a data subject request. For example, if an individual asks an organization

Some privacy statutes explicitly reference “sensitive” or “special” categories of personal information. While such terms, when used, often include similar data types that are generally considered as raising greater privacy risks to data subjects if disclosed, the exact categories that fall under those rubrics differ between and among statutes. Furthermore, other privacy statutes do not

The term “targeted advertising” is defined relatively consistently between and among modern U.S. data privacy statutes with the noticeable exception of California which deviates somewhat in the California Privacy Rights Act’s (CPRA) definition of the similar term “cross-context behavioral advertising” by omitting any reference to tracking a person over time, or making predictions about a

Greenberg Traurig Of Counsel Phillip V. Marano was a panelist on the “Data/Brand Damage: The Nexus Between Data Privacy & Trademarks” session at Cleveland-Marshall College of Law’s Cybersecurity and Privacy Protection Conference. The conference is one of the leading educational and networking events in the Great Lakes region and features rich content of interest to

On May 19, 2022, the Department of Justice announced it would not charge good-faith hackers who expose weaknesses in computer systems with violating the Computer Fraud and Abuse Act (CFAA or Act), 18 U.S.C. § 1030. Congress enacted the CFAA in 1986 to promote computer privacy and cybersecurity and amended the Act several times, most

Most modern U.S. data privacy statutes require companies to allow data subjects to opt out of having their personal information used for targeted advertising. As the following chart indicates, the term “targeted advertising” is defined consistently between and among most state statutes with the noticeable exception of the California Consumer Privacy Act (CCPA) and its