Regulatory authorities globally are prioritizing data deletion rights, including legislation like California’s Delete Act and enforcement actions in Europe and Oregon. Businesses should consider enhancing their mechanisms for handling deletion requests to ensure compliance and build consumer trust.
Continue Reading Enforcement Update: Regulatory Attention Focused on Deletion Requests

Virginia’s HB 2094 regulates high-risk AI systems, focusing on consumer protection. Developers must ensure transparency and manage risks, while deployers must disclose AI use. Generative AI outputs must be identifiable. Enforcement includes penalties up to $10,000. Effective July 1, 2026.
Continue Reading Virginia Poised to Become Second State to Enact Comprehensive AI Legislation

On Jan. 17, 2025, EU Regulation 2022/2554 on digital operational resilience for the financial sector (DORA) became applicable in the EU.

DORA focusses on risk management and resilience testing, with a strong focus on vendor risk management, incident management and reporting, and resilience testing of key systems.

DORA applies to financial institutions that are authorized

Over the past few years, the rate of notable data breaches has risen considerably, and along with that rise has come an increase in class action litigation. In a world where any company can be the next victim of a breach, business leaders and their legal counsel should consider in advance how to protect privilege

The Security Innovation Network (SINET) hosted its 10th Annual SINET Risk Executive Workshop Jan. 29-30, bringing together CISOs and risk executives for an exclusive, invitation-only event. Over the course of two days, participants engaged in thought leadership sessions that explored the evolving role of modern CISOs and risk executives.

GT Shareholder Jena Valdetero, U.S.