Digital Policy Alert logo

United States of America: Implementation of mandatory triennial audit obligations under Civil Code Section 1798.99.86(e), as enacted by Senate Bill 362 (DELETE ACT)

Policy overview

Description

Implementation of mandatory triennial audit obligations under Civil Code Section 1798.99.86(e), as enacted by Senate Bill 362 (DELETE ACT)

Beginning on 1 January 2028, the mandatory audit obligations in Civil Code Section 1798.99.86(e), as enacted by Senate Bill 362 (DELETE ACT), are required to be implemented by data brokers. These obligations require each data broker to undergo an au…

Scope

Policy Area
Data governance
Policy Instrument
Data protection regulation
Regulated Economic Activity
cross-cutting
Implementation Level
national
Government Branch
executive
Government Body
central government

Complete timeline of this policy change

Hide details
2023-02-08
under deliberation

On 8 February 2023, California State Senator Becker introduced Senate Bill 362 to amend Section 179…

2023-04-10
under deliberation

On 10 April 2023, the California State Senate provided some amendments to the proposal, introduced …

2023-05-31
under deliberation

On 31 May 2023, Senate Bill 362 to amend Section 1798.99.82 of the Civil Code relating to data brok…

2023-09-14
adopted

On 14 September 2023, Senate Bill 362 to amend Section 1798.99.82 of the Civil Code relating to dat…

2023-10-10
adopted

On 10 October 2023, Senate Bill 362 (DELETE Act) was signed into law, amending Sections 1798.99.80,…

2024-01-01
in grace period

On 1 January 2024, Senate Bill No. 362, the DELETE Act, entered into force following its signature …

2026-01-01
in force

By 1 January 2026, the accessible deletion mechanism obligation in Civil Code Section 1798.99.86(a)…

2026-08-01
in force

Beginning on 1 August 2026, the deletion-processing and access obligations in Civil Code Section 17…

2028-01-01
in force

Beginning on 1 January 2028, the mandatory audit obligations in Civil Code Section 1798.99.86(e), a…