On June 20, 2025, Texas Governor Greg Abbott signed SB 2610 into law, joining a growing number of states that aim to incentivize sound cybersecurity practices through legislative safe harbors. Modeled on laws in states like Ohio and Utah, the
Loyalty Programs Under Fire: Are Your Customer Incentives Violating Privacy Laws?
“Too much of a good thing.” We usually think of this phrase as it relates to things like working too hard, exercising too much, or binge-watching TV all weekend (just us?).
But the phrase applies across life, work, and even
Regulatory Roller Coaster: District Court Judge Vacates HIPAA Reproductive Health Privacy Rule
Who feels like they’ve been on a regulatory roller coaster lately?On June 18, 2025, in Purl v. U.S. Department of Health & Human Services, Judge Kacsmaryk of the U.S. District Court for the Northern District of Texas vacated key provisions of HHS’s HIPAA
U.S. Privacy Litigation Update: May 2025
Keypoint: In this post: (1) Standing may depend on how specific plaintiffs’ complaint is; (2) the 2nd Circuit adopts the 3rd and 9th Circuit’s narrower interpretation of PII under the VPPA; (3) Promises in privacy policies not to share user data
Proposed State Privacy Law Update: June 23, 2025
Keypoint: Texas enacts two amendments to its data broker law while New York’s legislature passes a social media warning bill.
Below is the twenty fourth weekly update on the status of proposed state privacy legislation in 2025. As always, the
Privacy Compliance in the U.S. and Canada: One Border, Two Privacy Playbooks
If you’re doing business in both Canada and the United States, you’ve probably already discovered this truth: one privacy strategy just won’t work for both countries. In fact, trying to apply the same rules on both sides of the border
GT’s Data Privacy & Cybersecurity Practice Recognized in The Legal 500 United States 2025 Edition
Greenberg Traurig’s Data Privacy & Cybersecurity Practice is recognized in The Legal 500 United States 2025 edition for Media, technology and telecoms> Cyber law (including data privacy and data protection). The group is praised as “a large, highly qualified, geographically-dispersed team”
DOJ’s Data Security Program: Key Compliance Considerations for Impacted Entities
DOJ’s new Data Security Program (DSP), effective April 8, 2025, imposes significant restrictions on U.S. government contractors and global companies that handle sensitive U.S. personal or government-related data. The DSP is currently subject to a 90-day initial enforcement period, After
Developments in Online Safety and Data Privacy for Minors
There have been numerous developments in the online safety and data privacy space for minors in particular over the last few months. Here we cover some notable decisions in the federal courts and cases with nationwide implications in addition to
The Vermont Age-Appropriate Design Code Act: What You Need to Know
Vermont recently adopted the Vermont Age-Appropriate Design Code Act, which goes into effect on January 1, 2027. The law is enforceable by the Vermont Attorney General as an unfair or deceptive act or practice. The Attorney General’s Office may draft regulations.