News & Analysis as of

California Consumer Privacy Act (CCPA) Risk Assessment Data Protection

The California Consumer Privact Act (CCPA), effective January 1, 2020, enhances privacy rights and consumer protections of California residents. Follow this channel for latest guidance and updates on the CCPA,... more +
The California Consumer Privact Act (CCPA), effective January 1, 2020, enhances privacy rights and consumer protections of California residents. Follow this channel for latest guidance and updates on the CCPA, including implications for business conducting business in California.  less -
Troutman Pepper Locke

US State Risk Assessment and Impact Assessment Requirements

Troutman Pepper Locke on

The number of instances in which businesses must conduct risk assessments and impact assessments under state privacy and AI laws has exploded. In recent months, California and Connecticut have added additional — and...more

Troutman Pepper Locke

U.S. State Privacy and AI Laws Key Dates (2025)

Troutman Pepper Locke on

Between consumer data privacy laws, AI laws, data broker laws, and children’s privacy laws, the number of deadlines companies must track has exploded. This includes deadlines that are often buried in laws and regulations,...more

Foley Hoag LLP - Security, Privacy and the...

California Finalizes New CCPA Regulations: What Businesses Need to Know

Foley Hoag LLP - Security, Privacy and the... on

California continues to lead the way in data privacy standards as the latest regulatory updates from the California Privacy Protection Agency (“CPPA”) mark a significant step forward in safeguarding individual rights and data...more

Sheppard Mullin Richter & Hampton LLP

California Finalizes New CCPA Rules on ADMT, Cybersecurity Audits, and Risk Assessments

Sheppard Mullin Richter & Hampton LLP on

On July 24, the California Privacy Protection Agency (CPPA) approved a major rule package covering automated decision-making technology (ADMT), mandatory cybersecurity audits, and privacy risk assessments under the California...more

Sheppard Mullin Richter & Hampton LLP

CPPA Adopts ADMT, Cybersecurity and Risk Assessment Regulations

Sheppard Mullin Richter & Hampton LLP on

The CPPA scratched another task off the to-do list last month when it officially adopted proposed regulations under CCPA. These rules focus on three major areas: automated decision-making technology, risk assessments, and...more

Constangy, Brooks, Smith & Prophete, LLP

State privacy enforcement heats up this summer: What CA, CT settlements mean for your business

Constangy, Brooks, Smith & Prophete, LLP on

In an era of escalating data breaches, organizations must be vigilant in protecting consumer information. A comprehensive federal data privacy law would streamline compliance efforts, but Congress has yet to pass one, leaving...more

Baker Botts L.L.P.

The CPPA Finalizes Rules on ADMT, Risk Assessments, and Cybersecurity Audits

Baker Botts L.L.P. on

On 24 July 2025, the California Privacy Protection Agency (CPPA) unanimously approved a long-awaited and -debated rulemaking package that addresses: (i) the use of automated decision-making technology, (ii) mandatory risk...more

Ogletree, Deakins, Nash, Smoak & Stewart,...

California Finalizes Groundbreaking Regulations on AI, Risk Assessments, and Cybersecurity, Part II: What Businesses Need to Know

Ogletree, Deakins, Nash, Smoak & Stewart,... on

In July 2025, the California Privacy Protection Agency (CPPA) Board unanimously approved new regulations pursuant to the California Consumer Privacy Act (CCPA) that specifically address the use of automated decisionmaking...more

Blank Rome LLP

California Finalizes CCPA Regulations on Cybersecurity Audits, Risk Assessments, and Automated Decisionmaking: Key Provisions and...

Blank Rome LLP on

The California Privacy Protection Agency (“CPPA”) finalized a set of regulations under the California Consumer Privacy Act (“CCPA”) on July 24, 2025, that address cybersecurity audits, risk assessments, and automated...more

Polsinelli

What You Need to Know About California’s Finalized CCPA Amendments: Part Two

Polsinelli on

On July 24, 2025, the California Privacy Protection Agency (CPPA) approved final regulations (the Rule) under the California Consumer Privacy Act of 2018 (CCPA), introducing new obligations related to automated...more

Troutman Pepper Locke

Analyzing the New CCPA Regulations

Troutman Pepper Locke on

At its July 24 board meeting, the California Privacy Protection Agency Board authorized agency staff to finalize regulations on automated decision-making technology, risk assessments, cybersecurity audits, insurance, and...more

Goodwin

California’s New Privacy and Cybersecurity Regulations on Risk Assessments, Automated Decision making and Cybersecurity Audits:...

Goodwin on

During a Board Meeting on July 24, 2025, the California Privacy Protection Agency (CPPA) unanimously approved the long-awaited final text of its second rulemaking package, implementing a broad swath of new requirements...more

BakerHostetler

Use of AI in Marketing and Digital Media - 2025 Playbook

BakerHostetler on

Right now, we are all taking stock of the many important issues and challenges we saw crop up for clients last year, trying to predict what they will face in the coming year, and strategizing about how we can help....more

Robinson+Cole Data Privacy + Security Insider

California Privacy Protection Agency’s Regulations on Automated Decision-Making Technology, Risk Assessments Delayed

Robinson+Cole Data Privacy + Security Insider on

The California Privacy Protection Agency’s (CPPA) highly anticipated regulations for automated decision-making technology and risk assessment requirements are likely far from final. The CPPA met at the beginning of the month...more

Alston & Bird

California Privacy Protection Agency Board Votes to Advance Proposed Regulations to Formal Rulemaking

Alston & Bird on

On March 8, 2024, the California Privacy Protection Agency (“CPPA”) Board voted to advance to formal rulemaking proposed regulations under the California Consumer Privacy Act, as amended, regarding risk assessments, automated...more

McCarter & English, LLP

Are You Ready? How CCPA-Regulated Businesses Can Plan for Compliance with California’s Forthcoming Cybersecurity Regulations

McCarter & English, LLP on

The California Privacy Protection Agency (CPPA) released initial draft regulations for cybersecurity audits (which have since been amended) and risk assessments late this summer. The agency’s board of directors addressed the...more

Wiley Rein LLP

California Eyes New Privacy, Cyber, and AI Obligations

Wiley Rein LLP on

California continues to forge ahead on potential new privacy, cybersecurity, and artificial intelligence (AI) obligations, including through its California Consumer Privacy Act (CCPA) rulemaking process and by launching a new...more

Epstein Becker & Green

California Privacy Protection Agency Public Board Meeting Sheds Light on Upcoming Risk Assessment and Cybersecurity Audit...

Epstein Becker & Green on

The five-member Board of the California Privacy Protection Agency (the “CPPA”) held a public meeting on September 8, 2023, to discuss a range of topics, most notably, draft regulations relating to risk assessments and...more

Robinson+Cole Data Privacy + Security Insider

AI and Audits: Proposed CCPA Regulations Up for Discussion

Robinson+Cole Data Privacy + Security Insider on

On September 8, 2023, the California Privacy Protection Agency (CPPA) will discuss the two new sets of proposed California Privacy Protection Act (CCPA) regulations. Here is a breakdown of the two new proposed regulations and...more

Ballard Spahr LLP

CPPA publishes new draft regulations addressing AI, risk assessments, cyber audits

Ballard Spahr LLP on

The California Privacy Protection Agency (CPPA) recently published two new sets of draft regulations addressing a range of cutting-edge data protection issues. Although the CPPA has not officially started the formal...more

Ballard Spahr LLP

CPPA Publishes New Draft Regulations Addressing AI, Risk Assessments, and Cyber Audits

Ballard Spahr LLP on

The California Privacy Protection Agency (CPPA) recently published two new sets of draft regulations addressing a range of cutting-edge data protection issues. Although the Agency has not officially started the formal...more

Wyrick Robbins Yates & Ponton LLP

Déjà Vu All Over Again: The CPPA Releases Draft Regulations on Cybersecurity Audits and Risk Assessments (Part 1 of 2)

Wyrick Robbins Yates & Ponton LLP on

On August 29, 2023, the California Privacy Protection Agency (“CPPA”) released a set of draft regulations on cybersecurity audits and risk assessments. For those who recall the multiple rounds of the CPPA’s draft CCPA...more

Husch Blackwell LLP

Enforcement of New CCPA Regulations Delayed By Court Ruling

Husch Blackwell LLP on

Keypoint: Enforcement by the California Privacy Protection Agency of the new CCPA regulations will be delayed until March 2024, but the Agency can still enforce the CCPA statutory changes as of July 1, 2023....more

ArentFox Schiff

Develop a Process to Create Privacy Impact Assessments Under the Attorney-Client Privilege

ArentFox Schiff on

Data protection assessments are required for high-risk processing activities in a rapidly growing set of federal, state, and international comprehensive privacy laws. These assessments are triggered by processing activities,...more

Akin Gump Strauss Hauer & Feld LLP

CPPA Approves Final CPRA Regulations, Invites Comments on Future Rulemaking Topics

Akin Gump Strauss Hauer & Feld LLP on

On February 10, 2023, the California Privacy Protection Agency (CPPA) issued an invitation for public commentary on the topics that will be included in their future rulemaking: cybersecurity audits, risk assessments and...more

34 Results
 / 
View per page
Page: of 2
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide