Privacy Daily is providing readers with the top stories from last week, in case you missed them. All articles can be found by searching the title or clicking on the hyperlinked reference number.
California Privacy Protection Agency (CPPA)
The California Privacy Protection Agency (CPPA) enforces California’s privacy laws and is setting the pace for state-level regulation as one of the first U.S. privacy regulators. The agency regularly issues detailed rulemaking on topics such automated decision-making, audits and risk assessments, with businesses watching closely due to CPPA enforcement and interpretation's outsized impact on national privacy expectations. This page tracks agency actions, final and draft regulations and compliance takeaways from CPPA activity.
Employers won’t face a new set of California requirements on automated decision systems. Gov. Gavin Newsom (D) vetoed SB-7, which would have added employer ADS rules on top of recent regulations about automated decision-making technology by the California Privacy Protection Agency and the California Civil Rights Council (see 2509240045).
OneTrust agrees that businesses shouldn't set and forget privacy compliance tools, amid increased scrutiny from regulators, said Ojas Rege, general manager of privacy and data governance. In an interview with Privacy Daily, Rege also said that a great amount of enforcement action is happening behind the scenes, without becoming public. In addition, the OneTrust official warned that “AI amplifies every single privacy and data governance gap you have in your organization.”
Data brokers and other businesses face major new obligations after California Gov. Gavin Newsom (D) signed SB-361 on Wednesday (see 2510080054), privacy attorneys blogged afterward.
Adding two more states to the Consortium of Privacy Regulators will increase the multistate enforcement body’s power, lawyers who previously worked for state attorney general offices said Wednesday. Minnesota and New Hampshire AGs joined the group, the California Privacy Protection Agency (CPPA) announced Wednesday.
Attorneys general from Minnesota and New Hampshire joined states’ Consortium of Privacy Regulators, the California Privacy Protection Agency (CPPA) said Wednesday.
California Gov. Gavin Newsom (D) signed universal opt-out legislation and two other privacy bills Wednesday.
Businesses should expect an increase in universal opt-out preference signals (OOPS) after California Gov. Gavin Newsom (D) signed a bill Wednesday that requires all web browsers to support the functionality (see 2510080036), said Tom Kemp, California Privacy Protection Agency executive director. The CPPA and regulators in other states are checking if companies are honoring such requests, Kemp warned in an interview Wednesday. Newsom signed AB-566 and two other privacy bills earlier in the day.
Privacy Daily is providing readers with the top stories from last week, in case you missed them. All articles can be found by searching the title or clicking on the hyperlinked reference number.
Strong passwords and multi-factor authentication (MFA) are “key to protecting your privacy,” Tom Kemp, California Privacy Protection Agency executive director, wrote on the CPPA blog Thursday.