#WorkforceWednesday: California's Upcoming Cyber Audit and Automated Tech Rules - Employment Law This Week®
Recent Developments in California Privacy Laws - The Consumer Finance Podcast
On Sept. 9, the California Privacy Protection Agency (CPPA), in collaboration with the Attorneys General of California, Connecticut, and Colorado, announced the launch of a multi-state privacy enforcement sweep targeting...more
On September 9, 2025, California Attorney General Rob Bonta, together with the California Privacy Protection Agency and the Attorneys General of Colorado and Connecticut, announced a joint enforcement sweep targeting...more
The California Privacy Protection Agency (CPPA) is now in its second year with full enforcement powers and has begun to exercise its authority under the California Consumer Privacy Act (CCPA) in significant ways in 2025. With...more
Most U.S. businesses are aware that they need to have a Privacy Policy available on their websites. Most businesses also are aware that the generic forms they may obtain from third-party website developers or through general...more
When it comes to data privacy and cybersecurity regulation in the United States, California continues to lead the way. The state’s latest updates to the California Consumer Privacy Act (CCPA) show that its rules do more than...more
On August 6, the California Privacy Protection Agency (CPPA) filed a petition in the Superior Court of California for the court to enforce an investigative subpoena against a company for allegedly failing to comply with a...more
On 24 July 2025, the California Privacy Protection Agency (CPPA) unanimously approved a long-awaited and -debated rulemaking package that addresses: (i) the use of automated decision-making technology, (ii) mandatory risk...more
Despite the avalanche of lawsuits and enforcement actions related to tracking technology, companies can take at least some solace in a recent decision curtailing Video Privacy Protection Act (VPPA) lawsuits. On July 28, the...more
It’s not just the summer temperatures that are rising; privacy enforcement is heating up across the nation, too. As states ramp up their monitoring and regulatory actions, businesses are finding themselves at the crossroads...more
Key point: The California legislature is currently considering several privacy-related bills that could impact the private sector....more
The annual review and update (if necessary) of privacy notices just got an upgrade to a “must do.” This provision, found in California Consumer Privacy Act from the beginning, requires companies to assess their data...more
On July 24, 2025, the California Privacy Protection Agency (CPPA) Board unanimously approved amendments to the California Consumer Privacy Act (CCPA). These substantial changes include new compliance obligations for...more
The California Privacy Protection Agency (“CPPA”) finalized a set of regulations under the California Consumer Privacy Act (“CCPA”) on July 24, 2025, that address cybersecurity audits, risk assessments, and automated...more
The California Privacy Protection Agency (CPPA) board unanimously voted on July 24, 2025 to finalize a package of regulations related to automated decision-making technology (ADMT), cybersecurity audits, and risk assessments....more
On May 1, 2025, the California Privacy Protection Agency (CPPA) issued a Final Order in one of its first public enforcement actions under the California Consumer Privacy Act (CCPA), imposing a fine of nearly $350,000 on the...more
On July 24, the CPPA released updated regulations under the California Consumer Privacy Act, (CCPA) establishing those changes made after the 45-day comment period affecting three main areas of concern: Automated...more
At its July 24 board meeting, the California Privacy Protection Agency Board authorized agency staff to finalize regulations on automated decision-making technology, risk assessments, cybersecurity audits, insurance, and...more
California regulators unanimously approved a sweeping set of regulations on July 24 governing the use of automated decision-making technology (ADMT) and mandating risk assessments and cybersecurity audits for businesses...more
On July 24, 2025, the California Privacy Protection Agency (CPPA) Board approved a final package of amendments to the regulations implementing the California Consumer Privacy Act (CCPA). These sweeping changes impose...more
Before assuming his new role as Executive Director for the California Privacy Protection Agency (CPPA), Tom Kemp served as a volunteer policy advisor on the Delete Act in 2023 and California’s 2020 ballot initiative, which...more
Businesses should be aware of recent public outreach in California – and other states with consumer privacy laws – signaling that increased enforcement activity is on the horizon. For instance, the California Privacy...more
The California Privacy Protection Agency (“CPPA”) Board will meet on Thursday, July 24 to discuss the California Consumer Privacy Act (“CCPA”) draft regulations on cybersecurity audits, risk assessments, automatic...more
On July 1, 2025, California Attorney General Rob Bonta announced a $1.55 million proposed settlement order with Healthline Media – the largest California Consumer Privacy Act (CCPA) settlement to date. The proposed settlement...more
Online retailers now face an increasingly complex matrix of state consumer-privacy statutes that impose prescriptive requirements on data collection, monetization, and cybersecurity practices. ...more
On May 1, 2025, the California Privacy Protection Agency (CPPA) released a revised draft of its regulations. These modifications, issued in response to public comments on earlier drafts, aim to clarify and simplify key...more