News & Analysis as of

California Consumer Privacy Act (CCPA) Risk Assessment California Privacy Rights Act (CPRA)

The California Consumer Privact Act (CCPA), effective January 1, 2020, enhances privacy rights and consumer protections of California residents. Follow this channel for latest guidance and updates on the CCPA,... more +
The California Consumer Privact Act (CCPA), effective January 1, 2020, enhances privacy rights and consumer protections of California residents. Follow this channel for latest guidance and updates on the CCPA, including implications for business conducting business in California.  less -
Katten Muchin Rosenman LLP

California Regulator Finalizes CCPA Rules for Automated Decision Making, Cybersecurity Audits and Risk Assessments

Katten Muchin Rosenman LLP on

On July 24, 2025, during its scheduled Board Meeting, the California Privacy Protection Agency (CPPA) Board voted unanimously to finalize rules governing the use of automated decision-making technology, risk assessments,...more

Robinson+Cole Data Privacy + Security Insider

California Privacy Protection Agency’s Regulations on Automated Decision-Making Technology, Risk Assessments Delayed

Robinson+Cole Data Privacy + Security Insider on

The California Privacy Protection Agency’s (CPPA) highly anticipated regulations for automated decision-making technology and risk assessment requirements are likely far from final. The CPPA met at the beginning of the month...more

Ankura

California’s Revised Risk Assessment Regulations

Ankura on

In December, the California Privacy Protection Agency (CPPA) published revised draft regulations on risk assessments required under the California Privacy Rights Act (CPRA). Under prior draft regulations, the CPPA will...more

WilmerHale

CPPA Publishes Additional Proposed Regulations - Including Proposed Revisions to CCPA Regulations - For Discussion at December...

WilmerHale on

In the run-up to this Friday’s December Board meeting, the California Privacy Protection Agency (CPPA or the “Agency”) has continued its recent flurry of regulatory activity. Late last week, the CPPA published an additional...more

WilmerHale

California Privacy Protection Agency Publishes New Draft CPRA Cybersecurity and Automated Decisionmaking Regulations in Advance of...

WilmerHale on

In advance of the California Privacy Protection Agency’s (CPPA) December 8 Board meeting, the Agency has published new draft automated decisionmaking technology (ADMT) regulations, as well as revisions to draft regulations on...more

Alston & Bird

California Privacy Protection Agency Releases Draft Regulations on Risk Assessments

Alston & Bird on

On August 28, 2023, the California Privacy Protection Agency (the “Agency”) released two sets of draft regulations under the California Consumer Privacy Act (the “CCPA”), one for risk assessments and another for cybersecurity...more

Wiley Rein LLP

California Eyes New Privacy, Cyber, and AI Obligations

Wiley Rein LLP on

California continues to forge ahead on potential new privacy, cybersecurity, and artificial intelligence (AI) obligations, including through its California Consumer Privacy Act (CCPA) rulemaking process and by launching a new...more

WilmerHale

CPPA Holds Meeting to Discuss Regulations for Automated Decision-Making Technology, Cybersecurity Audits, and Cybersecurity Risk...

WilmerHale on

On July 14, the California Privacy Protection Agency (CPPA or the “Board”) hosted a meeting to discuss key issues. Notably, the Board’s New CPRA Rules Subcommittee (“the Subcommittee”) previewed three areas of forthcoming...more

Sheppard Mullin Richter & Hampton LLP

Impact of the Last Minute CCPA-Enforcement Delay

Sheppard Mullin Richter & Hampton LLP on

A California court recently issued a ruling delaying the CPPA’s ability to enforce the most recent CCPA regulations until March 29, 2024. This does not delay enforcement of the CCPA statute or existing regulations....more

WilmerHale

California State Court Delays Enforcement of CPRA Regulations

WilmerHale on

On June 30, the Sacramento County Superior Court issued a ruling that will delay enforcement of regulations issued pursuant to the California Privacy Rights Act (CPRA) to March 29, 2024. These regulations were originally...more

Jackson Lewis P.C.

California Superior Court Put the Brakes on Enforcement of California Privacy Rights Act

Jackson Lewis P.C. on

In March 2023, the California Chamber of Commerce filed a Petition for Writ of Mandate and Complaint for Declaratory and Injunctive Relief against the California Privacy Protection Agency (CPPA), the agency tasked with...more

Constangy, Brooks, Smith & Prophete, LLP

California court delays enforcement of CCPA/CPRA regs until March 2024

Constangy, Brooks, Smith & Prophete, LLP on

On Friday, the Sacramento Superior Court issued a ruling delaying the enforcement of recently enacted California Privacy Rights Act regulations until March 2024. The CPRA, which amended the California Consumer Privacy Act,...more

ArentFox Schiff

Develop a Process to Create Privacy Impact Assessments Under the Attorney-Client Privilege

ArentFox Schiff on

Data protection assessments are required for high-risk processing activities in a rapidly growing set of federal, state, and international comprehensive privacy laws. These assessments are triggered by processing activities,...more

WilmerHale

California Privacy Protection Agency Emphasizes Enforcement and Expresses Opposition to Federal Privacy Legislation at March...

WilmerHale on

On Friday, March 3, 2023, the California Privacy Protection Agency (CPPA) held a public board meeting. Though the meeting focused primarily on the Agency’s budget and various administrative issues (e.g., subcommittee...more

Jackson Lewis P.C.

CPPA Starts Rulemaking on Cybersecurity, Risk Assessments, and Automated Decision-making

Jackson Lewis P.C. on

While the California Privacy Protection Agency (CPPA) only recently approved revised amended regulations pertaining to the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), it is already on...more

Alston & Bird

California Privacy Protection Agency Issues Invitation for Preliminary Comments on Proposed Rulemaking on Risk Assessments,...

Alston & Bird on

The California Privacy Protection Agency (CPPA) issued an Invitation for Preliminary Comments on Proposed Rulemaking (Invitation) Friday as it considers new rules regarding Risk Assessments, Cybersecurity Audits, and...more

Jackson Lewis P.C.

California Privacy Protection Act Ends 2022 Without CPRA Regulations, But CPPA Targets Risk Assessments and AI for Additional...

Jackson Lewis P.C. on

On December 16, 2022, the California Privacy Protection Agency (CPPA) had its final meeting before the California Privacy Rights Act (CPRA) which amended the California Consumer Privacy Act takes effect on January 1, 2023....more

Dorsey & Whitney LLP

Universal Opt-Out/Global Privacy Control: Preparing for the New Online World

Dorsey & Whitney LLP on

2022 has been a whirlwind year for cybersecurity, data, and privacy counsel who are navigating an expanding regulatory landscape and unique sets of legal requirements from numerous jurisdictions. This trend is likely to...more

Lerman Senter PLLC

California Privacy Law Nears Effective Date; Businesses Risk Million Dollar Penalties

Lerman Senter PLLC on

The Consumer Privacy Rights Act (CPRA), which amended the California Consumer Privacy Act (CCPA), becomes fully effective on January 1, 2023. Businesses should review the new law and recent enforcement actions before the law...more

Buchalter

The Compliance Clock is Ticking: Prepare for the California Privacy Sprint to January 1st

Buchalter on

The amended California Consumer Privacy Act (CCPA), sometimes referred to as the California Privacy Rights Act (CPRA) or Proposition 24, takes effect on January 1, 2023 – and introduces new consumer rights, while...more

Alston & Bird

The California Privacy Protection Agency Solicits Public Input on Forthcoming Privacy Regulations

Alston & Bird on

The California Privacy Protection Agency Board began its preliminary rulemaking activities to solicit input on forthcoming regulations under the California Privacy Rights Act (“CPRA”) in September 2021 when it met to review...more

Husch Blackwell LLP

How do the CPRA, CPA & VCDPA approach data protection assessments?

Husch Blackwell LLP on

Keypoint: The CPRA, CPA and VCDPA require data protection assessments for certain processing activities; however, when and how entities must conduct and prepare assessments varies....more

Lowenstein Sandler LLP

U.S. Privacy 2022: Compare, Contrast, and Integrate New State Laws

Lowenstein Sandler LLP on

U.S. state legislatures accelerated efforts in 2021 to fill the gap created by the absence of national data privacy legislation. California, Virginia, and Colorado passed or amended data protection laws, and the trend is...more

Ankura

Using the NIST Privacy Framework to Assess Privacy Risk and Build a Privacy Program

Ankura on

Since the General Data Protection Regulation (GDPR) went into effect in 2018, over half a dozen countries have passed similar privacy regulations and another few dozen have updated or proposed new privacy regulations. In the...more

Jackson Lewis P.C.

CPRA Series: The CPRA And Risk Assessments

Jackson Lewis P.C. on

The California Privacy Protection Act (CPRA) amended the California Consumer Privacy Act (CCPA) and has an operative date of January 1, 2023. The CPRA introduces new compliance obligations including a requirement that...more

28 Results
 / 
View per page
Page: of 2
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide