Unlocking GDPR: Navigating Compliance, Rights, and Penalties

In our rapidly advancing global economy, the benefits of modernization and digital integration are undeniable, bringing unprecedented efficiency and connectivity to our daily lives. But as much as we get out of it, we also put in. The more digitized our lives become the higher the volume of personal data that will enter the digital landscape. So much of our personal information is collected online by companies we would not even consider. Every click, every interaction online results in a trail of data, much of which is harvested by companies without explicit consent. Companies will then take our personal information and sell it online to third-parties. Essentially, our data could be anywhere and everywhere online. Amidst this digital frenzy, the General Data Protection Regulation (GDPR), the European Union’s comprehensive data privacy law, stands as a beacon of privacy rights and consumer protections. As fines for non-compliance only continue to increase, counsel advising clients with business in the EU will find this webinar an excellent opportunity to better understand the regulation and stay updated on the past year’s developments.
In this seminar, our expert panelists will introduce GDPR, shedding light on the regulation and the background to its establishment. They will cover the far-reaching scope of the regulation as well as its exceptions. The experts will then go on to describe the recent changes to how GDPR is regulated that came about in 2023. They will describe the EU’s move towards a more centralized enforcement model allowing for greater consistency across rulings in various EU countries. The panelists will continue by discussing the criteria for receiving GDPR penalties, emphasizing the accountability of entities that violate these stringent regulations. They will continue by reviewing some of the fines that have been distributed throughout the EU, including the standout example and largest fine to date given to Meta, serving as a stark reminder of the serious consequences of mishandling personal data. Finally, the panelists will discuss what they expect for the future of GDPR and recommendations for best practices.

Our Mission is to bridge the knowledge gap between law and technology professionals by educating attorneys on technology to attorneys and technology executives on its laws and regulations. Legal Cyber Academy provides a comprehensive tool and evolving knowledge base through exclusive insights from world class cybersecurity, privacy, web 3.0, forensic, and e-discovery legal and technical practitioners. Earn CLE, CPE, and CE credits. (Refunds are available if you do not receive credit) At Legal Cyber Academy We recognize that technology, the cybersecurity threats it faces, and relevant laws and regulation are rapidly evolving, presenting unique challenges and opportunities. Our platform is dedicated to empowering legal professionals with the skills and understanding necessary to navigate the complex landscape of technology in their field, enabling them to effectively advise clients, draft contracts, and navigate legal implications in a technology-driven world. Simultaneously, we strive to equip technology professionals with the legal knowledge they need to make informed decisions, ensure compliance with regulations, and limit liability. By fostering a deep understanding of legal frameworks, we hope to support technology professionals in creating innovative, compliant, and socially conscious technological advancements. Join us in our mission to reshape the way legal professionals and technology experts understand and interact with each other in a rapidly changing technical and legal landscape. Together, they will mitigate risk better, ensure compliance, and actively shape the future of technology and its accompanying laws.

LAW & FORENSICS LLC – FOUNDER; JAMS – NEUTRAL; HARVARD – ADJUNCT;
Danie Garrie, Esq., is the Co-Founder of Law & Forensics LLC, where he heads the Computer Forensics and digital discovery Cybersecurity teams. Daniel has been a dominant voice in the computer forensics and cybersecurity space for the past 20 years, as an attorney and technologist. He is an adjunct professor at Harvard for Computer Forensics, and prior to Law & Forensics, he successfully built and sold several technology start-up companies. Since co-founding Law & Forensics LLC in 2008, Daniel has built it into one of the leading boutique firms specializing in cybersecurity and forensic engineering. He is a mediator, arbitrator, and e-discovery special master for JAMS and is a partner and head of Cybersecurity practice at Zeichner, Ellman & Krause LLP. Daniel earned both a Bachelor’s and a Master’s degree in computer science from Brandeis University, as well as a J.D. from Rutgers Law School. Daniel has led cyber and forensic teams in some of the most visible and sensitive incidents in the United States. He and his team have worked globally for two of the top five banks and dozens of the largest private and public companies in the world. In addition, Daniel has been awarded several patents for advanced cybersecurity and forensic platforms he built with his team, including TableTop.AI, CustodyTrack.IO, and Forensic Scan. Daniel is also well-published in the cybersecurity space and has authored more than 200 articles and books. His work is cited by Black’s Law Dictionary 10th Ed. defining the terms 'software', 'internet', and 'algorithm'. Lastly, he has been recognized by several United States Supreme Court Justices for his legal scholarship and is a trusted source and thought leader for cybersecurity articles and opinions, cited over 500 times to date.

Global Chief Privacy Officer | Crawford & Company
Royal is a former registered nurse-turned-attorney, with over 30 years of experience in health and lawrelated fields. She was an RN when HIPAA went into effect, and as an attorney, naturally gravitated to health regulatory law. She then moved into global privacy law, being the first to submit a dual application for both controller and processor binding corporate rules to comply with European privacy laws. She is certified by the International Association of Privacy Professionals as a Certified Internal Privacy Professional in both the U.S. and Europe, a Certified Information Privacy Manager, and a Fellow of Information Privacy – one of the first to reach such a qualification. Professionally, she serves on the board of several non-profit organizations, teaches privacy law at the Sandra Day O’Connor College of Law at Arizona State University, and co-hosts the popular “Serious Privacy” podcast. In addition, she frequently writes, speaks, and has consulted on data protection, privacy and cybersecurity for companies around the world.

Partner | King & Spalding
Jarno Vanto is a Partner in our Data, Privacy and Security practice. Due to his extensive international regulatory experience, he is frequently called upon by his clients to provide a differentiated global perspective regarding privacy, cybersecurity and technology related matters. Jarno partners with his clients on key business issues spanning privacy and cybersecurity regulatory compliance and investigations, complex cross-border technology and data transactions, data and software licensing, and other technology and data transfer agreements. He counsels clients regarding global privacy and cybersecurity compliance programs and IP management. His experience spans the full scope of privacy laws, including, not by way of limitation, GDPR, CCPA and emerging U.S. state privacy laws. He provides privacy compliance counseling to companies that provide software-as-a-service, data-as-a-service, automotive and connected vehicle technologies, mobile applications, location-based technologies, financial services, server technologies, HR services, and healthcare technologies. He also regularly advises global corporations on the legal issues they encounter operating in the U.S. market. Jarno frequently advises private equity funds and their portfolio companies on privacy due diligence and transactions involving companies whose core business is regulated data. Multinationals rely on Jarno’s expertise in connection with group cross-border data transfer frameworks. Jarno holds CIPP/US and CIPP/E certifications.

Associate Director, Ethics and Compliance | OneTrust
Noshin Khan is a seasoned and technology-driven Senior Compliance Counsel who firmly believes in “doing the right thing” at work and in personal life. At OneTrust, Noshin plays a pivotal role working and implementing the internal Ethics & Compliance program. Additionally, as part of her role within the Ethics Center of Excellence, she serves as a trusted advisor to practitioners, offering invaluable insights into European laws and best practices. With a focus on EMEA Laws, Noshin's expertise encompasses the European Whistleblower Protection Directive, the EU Artificial Intelligence Act, the EU Corporate Sustainability Due Diligence Directive, Sapin II, and the Duty of Vigilance Law in France. Prior to her tenure at OneTrust, Noshin served as a Global Compliance Manager at Forensic Risk Alliance, a distinguished consulting firm renowned for its expertise in Forensic Accounting, Data Governance, Bribery, Corruption & Fraud Investigation. Noshin holds certifications as Certified Compliance and Ethics Professional – International (CCEP-I), Leadership Professional in Ethics & Compliance (LPEC) and is also Certified in Ethics of AI from the London School of Economics. Additionally, she is a Certified Information Privacy Professional for Europe (CIPP/E), Certified Information Privacy Manager (CIPM), and a Fellow of Information Privacy (FIP) certified by the IAPP.