#WorkforceWednesday: California's Upcoming Cyber Audit and Automated Tech Rules - Employment Law This Week®
Recent Developments in California Privacy Laws - The Consumer Finance Podcast
Consumer protections have expanded in California following the approval of the California Consumer Privacy Act (“CCPA”) regulations (“Regulations”) by the California Privacy Protection Agency (“CPPA”). The Regulations,...more
On July 24, 2025, during a public meeting following public comment, the California Privacy Protection Agency (CPPA) Board unanimously approved amendments to the California Consumer Privacy Act (CCPA). These substantial...more
California regulators unanimously approved a sweeping set of regulations on July 24 governing the use of automated decision-making technology (ADMT) and mandating risk assessments and cybersecurity audits for businesses...more
This month, the California Privacy Protection Agency (CPPA) Board discussed updates to the California Consumer Privacy Act (CCPA) draft regulations related to cybersecurity audits, risk assessments, automatic decision-making...more
Key Takeaways - - The California Privacy Protection Agency (CPPA) is substantially revising its draft privacy regulations. - Definitions for automated decision-making technology (ADMT) and "significant decisions" are...more
The California Privacy Protection Agency (CPPA) announced the formal public comment period for its latest proposed rulemaking package, which includes updates to existing regulations and introduces new guidelines for automated...more
The evolution of artificial intelligence (AI) has introduced systems capable of making autonomous decisions, known as agentic AI. While generative AI essentially “creates” – providing content such as text, images, etc. –...more
On February 23, 2024, the California Privacy Protection Agency (CPPA) released updated draft regulations on the use of AI and ADMT. The key changes include: New and updated definitions, Increased scope for activities...more
After years of internal discussion, the Board of the California Privacy Protection Agency (CPPA), at their March 8th meeting, voted to progress toward formalizing the proposed regulations on risk assessments and automated...more
The Background: The California Privacy Protection Agency board ("CPPA" or "Board") is in the process of issuing new regulations as authorized under the California Privacy Rights Act. These three sets of proposed regulations...more
The firm is pleased to distribute the Q4 2023 edition of All Eyes on AI: Regulatory, Litigation, and Transactional Developments, which closely follows the evolving regulatory landscape for artificial intelligence (AI) in the...more
The most recent meeting of the California Privacy Protection Agency was a lengthy one, with a jam-packed agenda. Part 1 of our look at what came out of that meeting is here. This post will analyze the discussion and draft...more
The California Privacy Protection Agency (“CPPA”) issued and discussed draft regulations on Cybersecurity Audits and Risk Assessments late in the summer. The CPPA Board plans to discuss the draft regulations at its upcoming...more
On November 27, 2023, the California Privacy Protection Agency (CPPA) unveiled draft automated decisionmaking technology (ADMT) regulations that would set forth new consumer protections related to the profiling of consumers...more
On November 27, 2023, the California Privacy Protection Agency (CPPA) released draft regulations for automated decision-making technology (ADMT). While the CPPA has not officially begun the formal rulemaking process, the...more
Keypoint: The California Privacy Protection Agency continued its rulemaking efforts by releasing draft automated decisionmaking technology regulations although the Agency has yet to initiate the formal rulemaking process....more
Keypoint: The California Privacy Protection Agency continued its rulemaking efforts by releasing revised draft cybersecurity audit regulations although the Agency has yet to initiate the formal rulemaking process....more
In August, the California Privacy Protection Agency (CPPA) released its initial draft regulations for cybersecurity audits and risk assessments under the California Privacy Rights Act (CPRA). While the CPPA has not yet...more
On August 29, 2023, the California Privacy Protection Agency (“CPPA”) released a set of draft regulations on cybersecurity audits and risk assessments. In Part 1 of this two-part series of posts, we explored the CPPA’s draft...more
The California Privacy Protection Agency (CPPA) recently published two new sets of draft regulations addressing a range of cutting-edge data protection issues. Although the CPPA has not officially started the formal...more
The California Privacy Protection Agency (CPPA) recently published two new sets of draft regulations addressing a range of cutting-edge data protection issues. Although the Agency has not officially started the formal...more
On August 28, 2023, the California Privacy Protection Agency (CPPA) released discussion drafts of regulations on cybersecurity audits and privacy risk assessments in advance of the CPPA’s meeting on September 8, 2023. ...more
On August 29, 2023, the California Privacy Protection Agency (“CPPA”) released a set of draft regulations on cybersecurity audits and risk assessments. For those who recall the multiple rounds of the CPPA’s draft CCPA...more
The California Privacy Protection Agency (CPPA) has released its agenda for the September 8 board meeting, which includes (among other topics) presentation of a draft Cybersecurity Audit Regulation and a draft Risk Assessment...more
The CPPA kicked off a first round of rulemaking in May 2022 and finalized that set of rules in March of this year. At the latest California Privacy Protection Agency (CPPA) meeting, the CPRA Rules Subcommittee (Rules...more