The CCPA Regulations require that businesses that buy, receive, sell, or share personal information about more than 10 million Californians disclose metrics within their privacy notices regarding the quantity of data subject requests that they received in the previous calendar year. Specifically, businesses must publicly report:

  • The number of access requests that the business received,

In most contexts, employees should have a low expectation of privacy in the workplace. Their computers, desks, and other common areas may be subject to strict company control and their conduct subject to workplace policies. But as we will discuss in an upcoming two-part series on The Performance Review (Greenberg Traurig’s California Labor and Employment

On May 6, 2021, Colonial Pipeline was attacked by ransomware suspected to have originated in Eastern Europe or Russia, allowing cyber criminals to penetrate a major utility with significant impact on the entire US eastern seaboard’s economy. From the perspective of vulnerability, the Colonial Pipeline attack was a significant wake-up call–a Pearl Harbor moment for

Some privacy statutes explicitly reference “sensitive” or “special” categories of personal information. While such terms, when used, often include similar data types that are generally considered as raising greater privacy risks to data subjects if disclosed, the exact categories that fall under those rubrics differ between and among statutes. Furthermore, other privacy statutes do not

David A. Zetoony, co-chair of global law firm Greenberg Traurig, LLP’s U.S. Data, Privacy and Cybersecurity Practice, has been named by Lexology as the top “Legal Influencer” in the field of U.S. Technology, Media and Telecommunications (TMT) and Cross-Border TMT.

Click here to read the full press release.

On Sept. 15, join GT Data, Privacy & Cybersecurity Shareholder David Zetoony and Associate Karin Ross for their myLawCLE presentation, “What Is Considered Sensitive Personal Information?”, co-sponsored with the Federal Bar Association.

The term “sensitive personal information” is often referred to in contracts, regulatory guidance, and policy documents. What constitutes sensitive personal information,

The Fourth of July is usually reserved for fireworks, and this year was no different. On July 2, 2021, Kaseya, a provider of IT and security-management solutions, announced that it was the target of a supply-chain ransomware attack by the REvil/Sodinokibi (REvil) organized ransomware group. Kaseya’s virtual systems/server administrator (VSA) is a server and cloud-based