CPPA Issues Revised Draft CCPA Regulations; Votes to Initiate Public Comment Period | News & Insights

Blog Posts July 23, 2025

CPPA Board to Discuss Draft CCPA Regulations, DROP Requirements

The California Privacy Protection Agency (“CPPA”) Board will meet on Thursday, July 24 to discuss the California Consumer Privacy Act (“CCPA”) draft regulations on cybersecurity audits, risk assessments, automatic decisionmaking technology (“ADMT”), the CCPA’s application to insurance companies, and updates to the existing CCPA regulations. Ahead of the meeting, the CPPA re-issued the draft regulations […]

The post CPPA Board to Discuss Draft CCPA Regulations, DROP Requirements appeared first on Alston & Bird Privacy, Cyber & Data Strategy Blog.

Blog Posts July 19, 2024

CPPA Board Declines to Advance CCPA Regulations to Formal Rulemaking; CPPA Highlights Enforcement Priorities

On July 16, 2024, the California Privacy Protection Agency (the “CPPA”) board declined to advance to formal rulemaking California Consumer Privacy Act (“CCPA”) draft regulations on cybersecurity audits, risk assessments, automated decisionmaking technology, insurance companies and updates to existing regulations. The CPPA board voted against advancing the regulations during its board meeting when it also […]

The post CPPA Board Declines to Advance CCPA Regulations to Formal Rulemaking; CPPA Highlights Enforcement Priorities appeared first on Alston & Bird Privacy, Cyber & Data Strategy Blog.

Digital Download August 2025

The Digital Download | Alston & Bird’s Privacy & Data Security Newsletter | August 2025

Keep up with what's happening in privacy, data security, and all things cyber — from federal and state cybersecurity regulations and the EU GDPR to a new law for AI pricing algorithms — from our Privacy, Cyber & Data Strategy Group.

Blog Posts July 25, 2025

CPPA Board Votes to Adopt CCPA Regulations; Open DROP Rules to Public Comment

On July 24, 2025, the California Privacy Protection Agency (“CPPA”) Board voted to adopt draft regulations under the California Consumer Privacy Act (“CCPA”) concerning cybersecurity audits, risk assessments, automated decisionmaking technologies, and the CCPA’s application to insurance companies. The approved regulations also include certain updates to the existing CCPA regulations. The CPPA will now submit […]

The post CPPA Board Votes to Adopt CCPA Regulations; Open DROP Rules to Public Comment appeared first on Alston & Bird Privacy, Cyber & Data Strategy Blog.

Advisories October 20, 2025

Privacy, Cyber & Data Strategy Advisory | California Expands the Impact of the CCPA with Sweeping New Rules on Cybersecurity Audits, Automated Decisionmaking Technologies, and Privacy Risk Assessments

The California Privacy Protection Agency (CPPA) has finalized sweeping new California Consumer Privacy Act (CCPA) regulations on automated decisionmaking technology (ADMT), cybersecurity audits, and privacy risk assessments. Our Privacy, Cyber & Data Strategy Team outlines the key compliance standards and how they may extend the CCPA’s reach to businesses previously outside its scope.