SACRAMENTO, Calif.: Today, the California Privacy Protection Agency (CPPA) opened the formal public comment period for its latest proposed rulemaking package. The package includes updates to existing regulations and proposed regulations for cybersecurity audits, risk assessments, automated decision-making technology (ADMT), and insurance companies. The public comment period begins November 22, 2024, and concludes January 14, 2025.

Members of the public are encouraged to provide feedback. Individuals who would like to provide oral feedback are encouraged to attend the CPPA’s public hearing on Tuesday, January 14, 2025, from 2 p.m. to 6 p.m. The hearing is in a hybrid format so that attendees can join virtually or in person in Sacramento. Additional information can be found here.

Individuals who would like to provide written public comments can email them to regulations@cppa.ca.gov or send in hard copy to the Agency’s headquarters. Written comments will be accepted until 6 p.m. PST on January 14, 2025.

The proposed rulemaking package:

• Updates existing CCPA regulations
• Establishes requirements for certain businesses to complete annual cybersecurity audits and conduct risk assessments
• Implements consumers’ rights to access and opt-out of businesses’ use of ADMT
• Clarifies when insurance companies must comply with the CCPA

The proposed regulations are based on several years of preliminary rulemaking activities, including receiving written comments from the public, hosting stakeholder sessions throughout the state, and meeting with stakeholders to receive invaluable feedback. Now in formal rulemaking, CPPA has extended the public comment period beyond the 45-day statutory requirement to ensure ample opportunity for participation.

“We have extended the public comment period longer than required to give all interested parties sufficient time and capacity to weigh in on this important rulemaking package,” said CPPA General Counsel Philip Laird. “Transparency and fairness have guided this process, and we will continue to carefully consider industry and public input every step of the way.”

Visit CPPA’s website to view the proposed regulations and supporting documents, as well as the notice of proposed rulemaking.

ABOUT US

The California Privacy Protection Agency (CPPA) is committed to promoting the education and awareness of consumers’ privacy rights and businesses’ responsibilities under the California Consumer Privacy Act.

Individuals can visit privacy.ca.gov to access helpful and up-to-date information on how to exercise their rights and protect their personal information. In addition, the Agency’s website provides important information about CPPA board meetings, announcements, and the rulemaking process.

Fonte: Business Wire