The California Privacy Protection Agency Advances Regulations
| 14 min
The California Privacy Protection Agency (CPPA) has signaled it will advance rulemaking at its upcoming November 8 board meeting to place restrictions on the use of automated decision-making technology (ADMT) and impose new obligations to require businesses to conduct cybersecurity audits and risk assessments. The agency has grappled with these issues for more than two years, including soliciting formal comments in a February 2023 invitation for preliminary comments and conducting other stakeholder outreach.