HB Ad Slot
HB Mobile Ad Slot
CPPA Starts Rulemaking on Cybersecurity, Risk Assessments, and Automated Decision-making
Wednesday, February 22, 2023

While the California Privacy Protection Agency (CPPA) only recently approved revised amended regulations pertaining to the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), it is already on to its next rulemaking.

On February 10, 2023, the CPPA issued an invitation for preliminary comments on proposed rulemaking pertaining to cybersecurity audits, risk assessments, and automated decision-making. The invitation includes some specific questions the CPPA would like to receive comments on, but comments are not limited to those areas of inquiry.

The comment period will be open until March 27, 2023, and can be submitted:

Electronic: Comments may be submitted electronically to regulations@cppa.ca.gov. Please include “PR 02-2023” in the subject line.

Mail: California Privacy Protection Agency Attn: Kevin Sabo 2101 Arena Blvd Sacramento, CA 95834

The questions posed by the CPPA appear to be attempting to harmonize the efforts of the CPPA with other laws other than the CCPA and CPRA that apply to covered businesses. There are also specific questions regarding the European Data Protection Board’s Guidelines on Data Protection Impact Assessment, as well as Colorado’s Privacy Act, suggesting that the CPPA is looking more widely than mere consistency with California law.

HTML Embed Code
HB Ad Slot
HB Ad Slot
HB Mobile Ad Slot
HB Ad Slot
HB Mobile Ad Slot
 
NLR Logo
We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up to receive our free e-Newsbulletins

 

Sign Up for e-NewsBulletins