United States of America: Opened consultation on California Privacy Protection Agency Rulemaking on Data Protection Regulations and Automated Decision Making

On 10 February 2023, the California Privacy Protection Agency (CPPA) opened a public consultation on its Proposed Rulemaking on Automated Decision Making until 27 March 2023. The CPPA is welcoming stakeholders' views on the performance of regular personal information processing risk assessments, as well as on the governance of automated decision-making technologies. With regards to the risk assessments, the Agency is interested in the requirements and definitions foresaw in other applicable laws, the minimum required contents of the assessments, as well as the possibility of different requirements for businesses with less than USD 25 million in revenue per year. Concerning automated decision-making technologies, the Agency is interested in the requirements and definitions foresaw in other applicable laws but also in feedback concerning the usage of such technologies, including consumer concerns and algorithmic discrimination.