Most modern U.S. data privacy statutes require companies to allow data subjects to opt out of having their personal information (PI) used for targeted advertising. As the following chart indicates, the term “targeted advertising” is defined consistently between and among most state statutes with the notable exception of the California Consumer Privacy Act (CCPA) and

The term “targeted advertising” is defined relatively consistently between and among modern U.S. data privacy statutes with the notable exception of California which deviates somewhat in the California Privacy Rights Act’s (CPRA) definition of the similar term “cross-context behavioral advertising” by omitting any reference to tracking a person over time or making predictions about a

Probably not.

Under the European GDPR, if the personal information that an organization is going to use as part of training an AI has been collected directly from individuals, then those individuals should be provided with a copy of the organization’s privacy notice “at the time when personal data are obtained.”[1] If the personal

Attorneys familiar with the European GDPR are acquainted with the bifurcation of the world into controllers and processors. For purposes of European data privacy, a “controller” refers to a company that either jointly or alone “determines the purposes and means” of how personal data will be processed.[1] A “processor” refers to a company (or

On Sept. 14, Greenberg Traurig attorneys will present a full day of CLE programming at the GT Miami office that highlights the latest risks every company should be focused on. Each session will present practical guidelines on cutting-edge issues to help counsel materially reduce current risk while discussing what’s next. View detailed symposium agenda here

Join Greenberg Traurig attorneys and business guests for an in-person half day of CLE programming in Orlando on Tuesday, Sept. 12. This interactive event will highlight the latest risks every company should focus on. Each topic will present practical guidance on topical and everyday issues to help reduce current risk, while discussing what’s next.


Categorizing data as “sensitive” is a common feature in U.S. state privacy law, as well as the EU’s GDPR (which uses the term “special category” for similar personal data).[1] What is considered sensitive data varies from state to state, as well as the obligations that come with it. Colorado, Connecticut, Florida, Indiana, Montana, Oregon

You’re invited! Come cool off in the GT Phoenix office for an intimate roundtable discussion on the latest developments in:

  • Data Privacy
  • Cybersecurity and AI
  • Trade Secrets
  • IP Protection
  • Restrictive Covenants

Thursday, Aug. 31, 2023
2:00 p.m. – 4:30 p.m.

Greenberg Traurig Phoenix
375 E. Camelback Rd. | Suite 800
Phoenix, AZ 85016

Topic: Data Privacy

On Aug. 30, 2023, GT Data Privacy & Cybersecurity Practice Shareholders David Zetoony, Lily McNulty, and Tyler Thompson will present the session “Artificial Intelligence in the Workplace and HR and Data Protection: Safeguarding Company, Customer, and Employee Information” at the Arizona Society for HR Management (AZSHRM) 2023 Annual State Conference. The conference