CPPA Board to Discuss Draft CCPA Regulations, DROP Requirements | News & Insights

Blog Posts May 9, 2025

CPPA Issues Revised Draft CCPA Regulations; Votes to Initiate Public Comment Period

On May 1, 2025, the California Privacy Protection Agency (“CPPA”) Board convened to discuss revisions to the California Consumer Privacy Act (“CCPA”) draft regulations on cybersecurity audits, risk assessments, automatic decisionmaking technology (“ADMT”), insurance, and updates to the existing CCPA regulations. The revisions were informed by comments received by the CPPA during the formal public […]

The post CPPA Issues Revised Draft CCPA Regulations; Votes to Initiate Public Comment Period appeared first on Alston & Bird Privacy, Cyber & Data Strategy Blog.

Digital Download August 2025

The Digital Download | Alston & Bird’s Privacy & Data Security Newsletter | August 2025

Keep up with what's happening in privacy, data security, and all things cyber — from federal and state cybersecurity regulations and the EU GDPR to a new law for AI pricing algorithms — from our Privacy, Cyber & Data Strategy Group.

Blog Posts July 25, 2025

CPPA Board Votes to Adopt CCPA Regulations; Open DROP Rules to Public Comment

On July 24, 2025, the California Privacy Protection Agency (“CPPA”) Board voted to adopt draft regulations under the California Consumer Privacy Act (“CCPA”) concerning cybersecurity audits, risk assessments, automated decisionmaking technologies, and the CCPA’s application to insurance companies. The approved regulations also include certain updates to the existing CCPA regulations. The CPPA will now submit […]

The post CPPA Board Votes to Adopt CCPA Regulations; Open DROP Rules to Public Comment appeared first on Alston & Bird Privacy, Cyber & Data Strategy Blog.

Digital Download February 2023

The Digital Download – Alston & Bird’s Privacy & Data Security Newsletter – February 2023

Keep up with what’s happening in privacy, data security, and all things cyber – from California privacy laws to federal reporting rules to new data transfer rules across the Atlantic – from our Privacy, Cyber & Data Strategy Group.

Advisories October 20, 2025

Privacy, Cyber & Data Strategy Advisory | California Expands the Impact of the CCPA with Sweeping New Rules on Cybersecurity Audits, Automated Decisionmaking Technologies, and Privacy Risk Assessments

The California Privacy Protection Agency (CPPA) has finalized sweeping new California Consumer Privacy Act (CCPA) regulations on automated decisionmaking technology (ADMT), cybersecurity audits, and privacy risk assessments. Our Privacy, Cyber & Data Strategy Team outlines the key compliance standards and how they may extend the CCPA’s reach to businesses previously outside its scope.