Greenberg Traurig is a sponsor of the 2022 Privacy + Security Forum Fall Academy at the George Washington University, which will break down the silos of privacy and security and bring together seasoned thought leaders for in-depth sessions and workshops designed to deliver practical takeaways for conference participants.

Shareholder Rebekah S. Guyon will present the

After Europe blazed the trail by passing the sweeping General Data Protection Regulation (“GDPR”) in 2016, California followed closely in the footsteps of European efforts by passing the most comprehensive data privacy law in the United States, the California Consumer Privacy Act (the “CCPA”). Effective January 1, 2020, the CCPA provided a number of obligations

Tim Butler, a shareholder in GT’s Data, Privacy & Cybersecurity Practice, participated in the 2022 LEND360 Conference in Chicago. Tim was a panelist on the presentation “Data Ownerships and Security,” including a breakout session titled “The Road Forward for Banks and Fintech,” on Sept. 14, 2022.

Amid new innovations in the

On Aug. 11, 2022, the U.S. Consumer Financial Protection Bureau issued guidance indicating that financial institutions and service providers that fail to adopt sufficient data security measures to protect consumer financial data may violate the Consumer Financial Protection Act provision prohibiting unfair acts and practices.

Click here to continue reading the full GT Alert.

On Aug. 20, 2021, after two rounds of public comments on China’s draft Personal Information Protection Law (PIPL), China promulgated the final version of the PIPL, which takes effect Nov. 1, 2021. Together, the PIPL, Cybersecurity Law (which came into force June 1, 2017) and Data Security Law (which came into

On June 10, 2021, the final version of Data Security Law (DSL) of the People’s Republic of China was published, and the DSL will take effect Sept. 1, 2021. Prior to the issuance of the final version, two drafts of the DSL were released to the public seeking comments, in July 2020 and

While theoretically an organization could adopt ISO 27701 as a separate standalone framework to apply to an organization’s privacy program, the framework was conceptualized as an extension of the ISO data security standards. As a result, it is organized based upon the assumption that an organization already has a security program that is built off

On May 12, 2021, President Biden issued an executive order entitled Improving the Nation’s Cybersecurity (EO). The EO was released only days after the cyberattack impacting Colonial Pipeline, and several months following discovery of the penetration of various federal agencies as a result of the Solar Winds cyber breach by Russian hackers in 2019. The

While theoretically an organization could adopt ISO 27701 as a separate standalone framework to apply to the organization’s privacy program, the framework was conceptualized as an extension of the ISO data security standards – i.e., a company would ideally be certified in both data security and data privacy. As a result, it is organized based

The International Organization for Standards, better known simply as ISO, is an international standard on how organizations should manage information security. Organizations can obtain a certification from an accredited assessor that it is compliant with ISO security standards.

In 2019, ISO developed a privacy framework that was intended to build off of the existing ISO