CPPA preview: Cybersecurity audit regs nearing formal proposal
By 
Adrianne Appel2024-01-09T20:16:00
Companies with business in California could face tough new cybersecurity mandates under draft regulations that are soon headed for formal rulemaking.
The California Privacy Protection Agency (CPPA) is expected to vote as early as Friday to launch the formal rulemaking process for a series of cybersecurity audit requirements on businesses. Once approved for formal rulemaking, the draft regulations would be open 45 days for public comment before being finalized. Businesses would then have two years to come into compliance with the rules.
Two other packages of draft rules, one on data risk assessments and another on automated decision-making technology, are still being debated by the five-member CPPA, which was tasked with writing and enforcing privacy rules under amendments to the California Consumer Privacy Act passed in 2020.
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
PremiumWhat’s on tap for CPPA from its deputy director of enforcement
Michael Macko, deputy director of enforcement at the California Privacy Protection Agency, described priorities for the agency now and in the near future during a recent board meeting.
-
News BriefCPPA warns of collecting too much data in first enforcement advisory
The California Privacy Protection Agency warned businesses to stop asking for excessive information from consumers who have requested to opt out of having their data collected or who are otherwise exercising their privacy rights under the California Consumer Privacy Act.
-
News BriefCalif. AG launches sweep into streaming apps’ compliance with CCPA
California Attorney General Rob Bonta announced the launch of an investigative sweep targeting popular streaming apps and devices, alleging noncompliance with the California Consumer Privacy Act.
More from Regulatory Policy
-
News BriefIs Google headed for a breakup? Second federal judge calls it a monopoly
A federal judge has ruled that Google “willfully engaged in a series of anticompetitive acts” in the advertising technology industry, the latest antitrust setback in what could become a string of losses for tech companies.
-
PremiumAI regulation: U.K. sits on regulatory fence between U.S. and E.U.
The U.K. has pressed pause on artificial intelligence regulation as its government comes under twin pressures from those who fear the growing power of unregulated AI and the overriding need to generate growth. The postponement of long-expected legislation means that the U.K. is left sitting on the fence between federal ...
-
News BriefSenate Democrats urge DOJ to revive crypto crime unit amid growing enforcement concerns
A small band of Senate Democrats is calling on the Trump administration to reinstate the cryptocurrency investigations unit at the Department of Justice (DOJ).