The California Privacy Protection Agency (CPPA) Board met on July 24, 2025, and advanced several key initiatives with direct implications for businesses operating in California.
The meeting focused on finalizing regulations pertaining to automated decision-making, risk assessments, and cybersecurity audits; advancing the California Delete Act’s Delete Request and Opt-Out Platform (DROP) rulemaking applicable to data
On the heels of the California Attorney General’s largest California Consumer Privacy Act-related settlement yet, the Connecticut Office of the Attorney General has announced its first public enforcement action under the Connecticut Data Privacy Act (CTDPA).
Continue Reading Connecticut AG Fines Ticket Marketplace in State’s First CTDPA Privacy Law Enforcement Action
Regulatory authorities globally are prioritizing data deletion rights, including legislation like California’s Delete Act and enforcement actions in Europe and Oregon. Businesses should consider enhancing their mechanisms for handling deletion requests to ensure compliance and build consumer trust.
Continue Reading Enforcement Update: Regulatory Attention Focused on Deletion Requests
On Aug. 2, 2024, Illinois Gov. J.B. Pritzker signed SB 2979 into law, amending BIPA in two ways: significantly limiting potential damages and updating the Act’s definition of “written release” to include an “electronic signature.”
GT Shareholder Darren Abernethy is featured on an episode of The Privacy Advisor Podcast, hosted by the International Association of Privacy Professionals (IAPP).
Amid the rapidly evolving landscape of U.S. state privacy laws, Darren discusses privacy litigation trends, shedding light on novel theories emerging from the plaintiff’s bar including issues related to pen registers, chatbots
The California Attorney General and Los Angeles City Attorney last week jointly settled an enforcement action against a mobile gaming company (“the Company”) for alleged violations of the Children’s Online Privacy Protection Act (COPPA), the California Consumer Privacy Act (CCPA), and the state’s Unfair Competition Law. The city and
On May 8, 2024, Colorado’s legislature enacted “An Act Concerning Consumer Protections in Interactions with Artificial Intelligence Systems” (SB205), a state law that comprehensively regulates the use of certain “Artificial Intelligence (AI)” systems.[1] The law is aimed at addressing AI bias, establishing a requirement of human oversight throughout the life cycle of
Greenberg Traurig is a sponsor of the 2023 Privacy + Security Forum Fall Academy at the George Washington University Nov. 8-10, 2023. The conference will break down the silos of privacy and security and bring together seasoned thought leaders for in-depth sessions and workshops designed to deliver practical takeaways for conference participants.
Greenberg Traurig Shareholder
Probably not.
Most modern state privacy laws attempt to carve out organizations that process de minimis amounts of personal information, or whose business activities do not monetize data. While the specific thresholds differ between states, many of the new statutes only apply to organizations that control or process personal information relating to at least 100,000