On 14 January 2025, the California Privacy Protection Agency (CPPA) closes the public consultation on proposed regulations on California Consumer Privacy Act (CCPA) updates, cybersecurity audits, risk assessments, automated decision-making technology (ADMT), and insurance companies. The CPPA will assess the comments received to finalise the regulatory text. The proposed regulations introduce mandatory risk assessments for data processing activities involving sensitive or large-scale personal information. Businesses will be required to identify and mitigate privacy risks, document safeguards, and ensure the quality of data used in automated decision-making.
Original source