#WorkforceWednesday: California's Upcoming Cyber Audit and Automated Tech Rules - Employment Law This Week®
Recent Developments in California Privacy Laws - The Consumer Finance Podcast
The California Privacy Protection Agency (“CPPA”) finalized a set of regulations under the California Consumer Privacy Act (“CCPA”) on July 24, 2025, that address cybersecurity audits, risk assessments, and automated...more
On July 24, 2025, the California Privacy Protection Agency (CPPA) approved final regulations (the Rule) under the California Consumer Privacy Act of 2018 (CCPA), introducing new obligations related to automated...more
California regulators unanimously approved a sweeping set of regulations on July 24 governing the use of automated decision-making technology (ADMT) and mandating risk assessments and cybersecurity audits for businesses...more
On July 24, 2025, the California Privacy Protection Agency (CPPA) Board approved a final package of amendments to the regulations implementing the California Consumer Privacy Act (CCPA). These sweeping changes impose...more
The California Privacy Protection Agency (CPPA) announced the formal public comment period for its latest proposed rulemaking package, which includes updates to existing regulations and introduces new guidelines for automated...more
On December 17, the California Privacy Protection Agency announced increases in fines and penalties under the California Consumer Privacy Act (CCPA), effective January 1, 2025. The agency’s announcement explained the CCPA...more
On November 22, 2024, the California Privacy Protection Agency (CPPA) formally proposed new regulations implementing the California Consumer Privacy Act (CCPA). Although the CCPA itself and previous CCPA regulations largely...more
After much anticipation, on November 8, the California Privacy Protection Agency (CPPA) Board voted to advance proposed regulations for insurance, cybersecurity audits, risk assessments, and automated decision-making...more
On November 22, 2024, the California Privacy Protection Agency (CPPA) opened the public comment period for the proposed California Consumer Privacy Act (CCPA) regulations related to cybersecurity audits, risk assessments, and...more
On November 22, 2024, the California Privacy Protection Agency (CPPA) opened the formal public comment period for its latest proposed rulemaking package. The package includes updates to existing regulations and proposed...more
On November 8, 2024, the California Privacy Protection Agency (CPPA) voted 4-1 to proceed with formal rulemaking regarding automated decision-making technology (“ADMT”), which the draft regulations define as “any technology...more
On November 9, 2024, the five-person board of the California Privacy Protection Agency (CPPA) voted unanimously to adopt the proposed Data Broker Registration regulations without modifications. The new regulations seek to...more
On November 8, the California Privacy Protection Agency (CPPA) voted 5-0 to approve new regulations to implement the DELETE Act of 2023. The most noteworthy development was the agency’s adoption of a new definition of...more
On November 8, 2024, the California Privacy Protection Agency (the “CPPA”) Board advanced to formal rulemaking the California Consumer Privacy Act (“CCPA”) draft regulations on cybersecurity audits, risk assessments,...more
On November 8, the California Privacy Protection Agency (CPPA) Board voted to adopt new regulations concerning data broker registration requirements and to advance a proposed rulemaking package for insurance, cybersecurity...more
The California Privacy Protection Agency is going after data brokers. The CPPA board voted earlier this month to adopt new regulations regarding data broker registration requirements. If approved, the regulations will...more
On November 14, 2024, the California Privacy Protection Agency (“CPPA”), which is tasked with enforcing the California Consumer Privacy Act (the “CCPA”), announced it settled with two data brokers, Growbots, Inc. and UpLead...more
During the California Privacy Protection Agency’s (CPPA) meeting on November 8, 2024, it voted to proceed with formal rulemaking regarding artificial intelligence (AI) and cybersecurity audits. The CPPA’s rulemaking related...more
The California Privacy Protection Agency (CPPA) is starting formal rulemaking (again) as they move beyond the pre-rulemaking drafts that were debated for a little over a year. During their November 8, 2024, board meeting, the...more
The California Privacy Protection Agency (CPPA) Board has initiated a formal rulemaking process on a new regulatory package, moving forward with proposals for automated decision-making technology (ADMT) rules, cybersecurity...more
The California Privacy Protection Agency (CPPA), at its board meeting on November 8, 2024, voted 4–1 to advance proposed regulations to a formal rulemaking. As currently drafted, these regulations would, among other things...more
On September 4, the California Privacy Protection Agency (“CPPA”) issued an enforcement advisory warning businesses against using “dark patterns” in their user interfaces. “Dark patterns” are choices a company makes regarding...more
On July 16, 2024, the California Privacy Protection Agency (CPPA) Board met to discuss advancing a substantial draft California Consumer Privacy Act (CCPA) rulemaking package to formal proceedings. The proposed...more
What Issues Did the California Privacy Protection Agency Raise? On July 16, 2024, the California Privacy Protection Agency (Agency) discussed proposed updates to the California Consumer Privacy Act (CCPA) regulations....more
On July 16, 2024, the California Privacy Protection Agency (the “CPPA”) board declined to advance to formal rulemaking California Consumer Privacy Act (“CCPA”) draft regulations on cybersecurity audits, risk assessments,...more