Calif. OAL Must Finalize Privacy Agency's ADMT Rules By Sept. 22
California Privacy Protection Agency rules on automated decision-making technology (ADMT) and other subjects could receive Office of Administrative Law approval before the end of September.
Sign up for a free preview to unlock the rest of this article
Privacy Daily provides accurate coverage of newsworthy developments in data protection legislation, regulation, litigation, and enforcement for privacy professionals responsible for ensuring effective organizational data privacy compliance.
The CPPA submitted the rulemaking package on ADMT, cyber audits, risk assessments, insurance and other California Consumer Privacy Act updates to OAL on Friday. That started a shot clock of 30 business days for OAL to approve the rules, meaning it must decide by Sept. 22, or they are approved automatically. OAL’s website shows the office received the CPPA rulemaking package.
The earliest the rules could take effect is Oct. 1, privacy lawyers said in recent blog posts (see 2508050031). Even though the regulations aren’t yet final, the lawyers have advised organizations to start preparing now (see 2507250027). The CPPA Board approved the rules last month after a lengthy and controversial proceeding (see 2507240070).