The effective date for Colorado’s groundbreaking Artificial Intelligence Act has been pushed back by five months, now set for June 30, 2026. Gov. Jared Polis signed amendments after extensive debate in a special legislative session, giving lawmakers more time to address substantive concerns. With continued disagreement among stakeholders, it remains uncertain if further changes will be made before the new deadline.
Continue Reading Colorado Delays Comprehensive AI Law With Further Changes Anticipated

On Sept. 3, 2025, in a much-anticipated legal decision, the European General Court (EGC) rejected the request of a French member of Parliament to annul the EU-U.S. Data Privacy Framework (DPF or Framework). 

Although this decision reinforces that U.S. organizations that have self-certified as to their adherence to the DPF principles may continue to receive

The upcoming EU Data Act introduces a user-centric approach to data generated by IoT devices, giving individuals and organizations unprecedented control over both personal and non-personal data. Discover what this paradigm shift means for data holders, business models, and the future of data sharing in the EU.
Continue Reading Action Required for Manufacturers of Connected Devices: Challenges Under the EU Data Act

NIS 2 (Directive (EU) 2022/2555), the European Union’s updated framework for cybersecurity, is designed to enhance cybersecurity across the EU by establishing a high common level of security for network and information systems.
Continue Reading EU NIS 2 Directive: Expanded Cybersecurity Obligations for Key Sectors

Greenberg Traurig’s Data Privacy & Cybersecurity Group invites you to a complimentary, interactive, in-person CLE symposium in Chicago on Thursday, Sept. 11 and Friday, Sept. 12.

This two-day event will feature timely insights and forward-looking conversations on the evolving challenges in data privacy, cybersecurity, and technology. Shaped by today’s most pressing issues – from regulatory

On July 31, 2025, the Fraud Section of the U.S. Department of Justice’s Commercial Litigation Branch (Fraud Section) announced new settlement agreements with government contractors to resolve their respective False Claims Act (FCA) liabilities arising out of cyber fraud allegations.

Continue Reading DOJ Settles Cybersecurity FCA Claims With PE Firm and Government Contractors

The California Privacy Protection Agency (CPPA) Board met on July 24, 2025, and advanced several key initiatives with direct implications for businesses operating in California.

The meeting focused on finalizing regulations pertaining to automated decision-making, risk assessments, and cybersecurity audits; advancing the California Delete Act’s Delete Request and Opt-Out Platform (DROP) rulemaking applicable to data

Greenberg Traurig Shareholder Reena Bajowala has been named Vice-Chair and Chairperson-Elect of the Cybersecurity and Technology Law Committee within the American Bar Association’s Section of Business Law for 2025. Reena previously served as a 2021–2023 ABA Business Law Fellow, a distinction that reflects her longstanding involvement and leadership within the Section.

In her leadership role

The EU AI Act marks the world’s first comprehensive legal framework for using and developing AI. Implementation may pose structural, technical, and governance-related challenges for companies, particularly in the area of general-purpose AI (GPAI).
Continue Reading EU AI Act: Key Compliance Considerations Ahead of August 2025