data security

Cybersecurity month starts with a critical compliance date for the Department of Justice (DOJ)’s Data Security Program (DSP). Starting on Oct. 6, any U.S. person or company handling Americans’ bulk sensitive or personal data or U.S. government-related data must implement a written data compliance program that lays out specified due diligence, audit, reporting, and recordkeeping processes for covered data transactions.
Continue Reading Incoming Deadlines and Requirements for DOJ’s Data Security Program on Oct. 6, 2025

Greenberg Traurig is hosting a timely webinar on October 15, guiding organizations through the upcoming DOJ enforcement of the Data Security Program. GT experts will cover compliance obligations, risk mitigation strategies, and practical steps to identify and manage sensitive data transactions ahead of the July 2025 enforcement deadline.

Continue Reading Webinar | From Risk to Readiness: Preparing for DOJ Enforcement of the Data Security Program

DOJ’s new Data Security Program (DSP), effective April 8, 2025, imposes significant restrictions on U.S. government contractors and global companies that handle sensitive U.S. personal or government-related data. The DSP is currently subject to a 90-day initial enforcement period, After July 8, 2025, NSD will implement full enforcement of the DSP.
Continue Reading DOJ’s Data Security Program: Key Compliance Considerations for Impacted Entities

On February 28 President Biden issued an Executive Order “to protect Americans’ sensitive personal data from exploitation by countries of concern.” (EO 14117, “Preventing Access to Americans’ Bulk Sensitive Personal Data by Countries of Concern.”)

On March 5 the National Security Division of the Department of Justice (DOJ) published an advanced notice of proposed rulemaking

Go-To Guide:

  • The Safeguards Rule compliance deadline is delayed by six months
  • Eight subsections of the Safeguards Rule are affected by the delay
  • The new effective date for compliance is June 9, 2023
  • The FTC cited implementation challenges for small business as the reason for the delay.

On Nov. 15, 2022, the Federal Trade Commission

Greenberg Traurig is a sponsor of the 2022 Privacy + Security Forum Fall Academy at the George Washington University, which will break down the silos of privacy and security and bring together seasoned thought leaders for in-depth sessions and workshops designed to deliver practical takeaways for conference participants.

Shareholder Rebekah S. Guyon will present the

After Europe blazed the trail by passing the sweeping General Data Protection Regulation (“GDPR”) in 2016, California followed closely in the footsteps of European efforts by passing the most comprehensive data privacy law in the United States, the California Consumer Privacy Act (the “CCPA”). Effective January 1, 2020, the CCPA provided a number of obligations

Tim Butler, a shareholder in GT’s Data, Privacy & Cybersecurity Practice, participated in the 2022 LEND360 Conference in Chicago. Tim was a panelist on the presentation “Data Ownerships and Security,” including a breakout session titled “The Road Forward for Banks and Fintech,” on Sept. 14, 2022.

Amid new innovations in the

On Aug. 11, 2022, the U.S. Consumer Financial Protection Bureau issued guidance indicating that financial institutions and service providers that fail to adopt sufficient data security measures to protect consumer financial data may violate the Consumer Financial Protection Act provision prohibiting unfair acts and practices.

Click here to continue reading the full GT Alert.

On Aug. 20, 2021, after two rounds of public comments on China’s draft Personal Information Protection Law (PIPL), China promulgated the final version of the PIPL, which takes effect Nov. 1, 2021. Together, the PIPL, Cybersecurity Law (which came into force June 1, 2017) and Data Security Law (which came into