Data Privacy & Cybersecurity

As part of a larger spending bill signed by President Biden on March 15, 2022, Congress passed the Cyber Incident Reporting for Critical Infrastructure Act (CIRA) to increase funding for the federal Cybersecurity and Critical Infrastructure Agency (CISA). CIRA requires companies considered to be in a “critical infrastructure” sector to notify CISA within 72 hours

Continuing its focus on cybersecurity, on March 9, 2022, in a party-line vote, the SEC proposed rules and amendments governing cybersecurity reporting requirements for public companies subject to the Securities Exchange Act of 1934.

Click here to read the full GT Alert.

Greenberg Traurig is sponsoring the ACC’s 2022 Cybersecurity Summit, taking place March 8-10, 2022.

On March 9, Shareholder Gretchen A. Ramos, co-chair of the firm’s Global Data, Privacy & Cybersecurity Practice, will deliver the keynote session, “New Global Data Protection Laws.” The session will cover new privacy laws, structuring compliance efforts, obtaining

Join Gretchen Ramos, global co-chair of GT’s Data, Privacy, & Cybersecurity Practice, for PrivacyConnect’s “Data Privacy: 2022 Business Challenges and Solutions” webinar Jan. 27 at 10:00 a.m. EST.

The webinar will discuss questions on global expectations, local challenges, interplay between data privacy and AI, digitalization, competition, consumer affairs, cross-border trade, governance, regulatory enforcement,

A ransomware attack on a major U.S. gas pipeline sharpened people’s concerns about cybercrime in 2021, while the Biden administration balanced working with the private sector and threatening penalties for keeping breaches secret. GT Shareholder Jena M. Valdetero was mentioned in this article on cybersecurity steps the Biden administration has taken, published by Law360 Dec.

While the CCPA went into effect on Jan. 1, 2020, it did not become fully enforceable until July 1, 2020. When we passed the one-year anniversary of the CCPA becoming law, it provided an opportunity to assess the impact of the CCPA on privacy programs and to begin to benchmark against emerging industry standards. To

DRI’s Cybersecurity and Data Privacy Committee’s virtual seminar will take place Tuesday, Oct. 26 and provide an overview of important data protection and privacy concepts and review data protection and privacy obligations imposed by state and global laws and regulations. Topics discussed will include how to comply with the challenging and ever-changing data protection and

No.

The regulations implementing the CCPA require that in-scope businesses must provide two or more designated methods of submitting requests to opt-out, including an interactive form accessible via a clear and conspicuous link titled “Do Not Sell My Personal Information,” on the business’s website or mobile application.[1]

In addition to the “DNSMPI” link noted

Yes.

Where a global privacy control (“GPC”) conflicts with a consumer’s existing business-specific privacy setting or their participation in a business’s financial incentive program, the business must respect the GPC, but may notify the consumer of the conflict and give the consumer the choice to confirm the business-specific privacy setting or participation in the financial

No.

A group of privacy advocates and privacy software companies has proposed an “unofficial” specification for how consumers might transmit, and how companies might receive, a global privacy opt-out signal that indicates an intention for information not to be sold.  As of 12 October 2020, the draft “Global Privacy Control specification” claims to have “no