The California Privacy Protection Agency (CPPA) issued an Invitation for Preliminary Comments on Proposed Rulemaking (Invitation) Friday as it considers new rules regarding Risk Assessments, Cybersecurity Audits, and Automated Decisionmaking. The proposed rulemaking is pursuant to California Civil Code § 1798.185(a)(15)-(16), which directs the CPPA to draft regulations on these topics.
Although the Invitation enumerates specific topics and questions to help guide interested members of the public in drafting comments, the CPPA is open to any input related to these three areas of focus.
Members of the public are invited to submit comments until 5:00 pm PT on March 27, 2023. Comments can be submitted via email to regulations@ccpa.ca.gov with “PR 02-2023” in the subject line or via mail to the California Privacy Protection Agency, Attn: Kevin Sabo, 2101 Arena Blvd, Sacramento, CA 95834.
Alston & Bird’s Privacy, Cyber & Data Strategy Team will continue to monitor developments surrounding CCPA rulemaking and provide updates as more information becomes available. Please contact us if you have any questions.