The five-member Board of the California Privacy Protection Agency (the “CPPA”) held a public meeting on September 8, 2023, to discuss a range of topics, most notably, draft regulations relating to risk assessments and cybersecurity audits. Once the regulations are finalized and approved after a formal rulemaking process, they will impose additional obligations on many businesses covered by the California Consumer Privacy Act, as amended by the California Privacy Rights Act (“CCPA”). The Board’s discussion of these draft regulations is instructive for ...
The California Privacy Protection Agency Board (the “Board”) held a public meeting on February 3, 2023, adopting and approving the current set of draft rules (the “Draft Rules”), which implement and clarify the California Consumer Privacy Act of 2018 (“CCPA”) as amended by the California Privacy Rights Act of 2020 (“CPRA”). The Draft Rules cover many CCPA requirements, including restrictions on the collection and use of personal information, transparency obligations, consumer rights and responding to consumer requests, and service provider contract requirements. At the meeting, the Board also addressed additional proposed rulemaking processes concerning cybersecurity audits, risk assessments, and automated decision-making.
Blog Editors
Recent Updates
- Election Day and the Days After: Tips for Employers
- Podcast: Wizarding and the World of Trade Secrets – Employment Law This Week
- New York State’s Retail Worker Safety Act – New Obligations for Retail Workers Coming in 2025
- Courts Stay Consistent on Title VII’s Participation Clause, but the EEOC Has a Different Take
- Video: Mental Health Parity Rules, NLRB Restrictions, New York's Workplace Violence Prevention Law - Employment Law This Week