CPPA Archives

In Cybersecurity

California’s CPPA moves into 2024 with an ambitious agenda on Cybersecurity Audits, Risk Assessments, and Automated Decision-Making Technology

December 14, 2023 by Cynthia Cole, Justine Phillips, Grayson Myers and Garrett Stallins 3 Mins Read

The California Privacy Protection Agency (“CPPA”) held a public board meeting on December 8, 2023. As discussed in our previous article, the CPPA is in the process of preparing Draft Regulations on Cybersecurity Audits, Risk Assessments and Automated Decision-Making Technology. The Rules Subcommittee provided updates on these regulations, and Board members provided their feedback on the drafts. Key Takeaways Regarding CCPA Cybersecurity Audit Regulations The Cybersecurity Audit Regulations would require businesses “whose processing of consumers’…

In California Privacy Law

The Data Market in California faces another blow as data brokers will be subject to additional obligations under the streamlined deletion mechanism for California consumers

October 16, 2023 by Cynthia Cole, Lothar Determann, Helena Engfeldt, Mariana Oliver, Manisha Reddy, Michelle Shin and Jonathan Tam 3 Mins Read

If you are a data broker or a business that relies on data brokers for targeted advertising, you should be aware that the California Data Broker Law will be significantly changed under the California Delete Act On October 10, 2023, California Governor, Gavin Newsom, signed Senate Bill 362, referred to as the Delete Act, into law. The Delete Act amends existing data broker laws to subject all data brokers to new registration and disclosure requirements…

In California Privacy Law

Key Takeaways from CPPA’s Public Meeting Discussing Risk Assessments and Cybersecurity Audits

September 26, 2023 by Garrett Stallins and Justine Phillips 3 Mins Read

As we previously covered in a post earlier this month, the California Privacy Protection Agency (“CPPA”) has published draft regulations on risk assessments and cybersecurity audits required by the California Consumer Privacy Act (“CCPA”), as amended by the California Privacy Rights Act (“CPRA”). On September 8, the CPPA held a public board meeting that included discussion of select portions of the regulations. Prior to the meeting, the board circulated copies of the draft regulations for…