Please join Greenberg Traurig and San Francisco shareholders Darren J. Abernethy and Gretchen A. Ramos on Dec. 10, 2025, for a CLE reviewing the key activities from this year in the world of data privacy and reading the tea leaves for what in-house counsel teams may expect for next year, with a focus on practical action items for businesses.
Continue Reading ACC Webinar: Getting Ready for 2026 – Data Privacy Compliance Priorities
The California Privacy Protection Agency (CPPA) Board met on July 24, 2025, and advanced several key initiatives with direct implications for businesses operating in California.
The meeting focused on finalizing regulations pertaining to automated decision-making, risk assessments, and cybersecurity audits; advancing the California Delete Act’s Delete Request and Opt-Out Platform (DROP) rulemaking applicable to data
On July 1, 2025, the California attorney general (AG) announced a $1.55 million settlement (pending court approval) with Healthline Media, LLC (Healthline), who publishes Healthline.com, a health information website. This settlement marks the regulator’s continued focus on online tracking technologies for targeted advertising and the effectiveness of consumer opt-out systems.
Continue Reading California CCPA Settlement: Health Website Penalized for Tracking Non-Compliance
The California Attorney General and Los Angeles City Attorney last week jointly settled an enforcement action against a mobile gaming company (“the Company”) for alleged violations of the Children’s Online Privacy Protection Act (COPPA), the California Consumer Privacy Act (CCPA), and the state’s Unfair Competition Law. The city and
Attorneys familiar with the European GDPR are acquainted with the bifurcation of the world into controllers and processors. For purposes of European data privacy, a “controller” refers to a company that either jointly or alone “determines the purposes and means” of how personal data will be processed.[1] A “processor” refers to a company (or
Following on the heels of a California Superior Court’s last minute ruling that stayed enforcement of the revised California Consumer Privacy Act (CCPA) regulations, as previously discussed on this blog, California’s data privacy regulators have responded in ways that confirm they are more committed than ever to holding businesses accountable for alleged violations
On June 30, 2023, the Superior Court for the County of Sacramento issued a minute order enjoining the California Privacy Protection Agency (CPPA or Agency) from enforcing updates to the existing CCPA regulations until March 29, 2024, twelve months after they were finalized. However, the Agency’s enforcement of the CCPA, as now amended by the California
Three months prior to the enforcement date of the California Consumer Privacy Act (CCPA), as amended, the California Office of Administrative Law approved the updated CCPA Regulations (final rulemaking documents will be posted here after processing). These updates take into account the CCPA’s expanded scope following its amendment by the California Privacy Rights
The CCPA states that a service provider must be contractually prohibited from “retaining, using, or disclosing the personal information [provided to it by a business] for any purpose other than for the business purposes specified in the contract for the business . . . .”[1] That prohibition, however, may not apply to information once
GT Shareholders Gretchen A. Ramos, Co-Chair of the Global Data Privacy & Cybersecurity Practice, and Darren Abernethy will present the CLE webinar, “The Final CCPA Regulations: What You Need To Know,” March 2 at 12:00 p.m. PT. The webinar will provide an overview of key takeaways from the finalized proposed