The California Privacy Protection Agency approved rules on automated decision-making technology (ADMT) and other subjects at a partially virtual meeting Thursday. CPPA Board members voted 5-0 to clear the rulemaking package, which also covers risk assessments, cybersecurity audits, insurance and updates to California Consumer Privacy Act (CCPA) regulations.
A consumer advocacy group that sponsored the California Delete Act offered a mostly positive assessment of the California Privacy Protection Agency’s latest draft of rules for implementing a data deletion mechanism. Concerns linger that data brokers may try to shirk the requirements, said Emory Roane, Privacy Rights Clearinghouse associate director of policy, in an email to Privacy Daily. However, the CPPA’s new draft answers key questions about ensuring the Delete Request and Opt-Out Platform (DROP) will work effectively when it opens to consumers Jan. 1 and data brokers on Aug. 1, 2026.
The California Privacy Protection Agency won't make further significant changes to proposed rules in a controversial rulemaking on automated decision-making technology (ADMT) and other subjects, according to a draft released Tuesday. Meanwhile, in a proceeding on creating a data-deletion mechanism, the agency proposed several clarifications on data broker responsibilities. The CPPA posted those and other materials ahead of Thursday’s scheduled board meeting (see 2507110055).
A proposed change to the California Consumer Privacy Act (CCPA) about publicly available information hit a temporary roadblock Wednesday in the Assembly Privacy Committee. Sen. Aisha Wahab (D) said she planned to work with California businesses over the summer to refine SB-435, which failed to clear the committee but is still alive. “We are deeply committed [to] working with industry.”
Virginia’s reproductive health data privacy law could be amended next year in response to concerns from retailers, state Sen. Barbara Favola (D) said in an email to Privacy Daily Wednesday. “I expect to be making some changes to my data privacy law during the 2026 session.”
California Assemblymember Buffy Wicks (D) said her bill to require transmission of age-verification signals (AB-1043) “still is a very strong bill” after she accepted various proposed changes. At a Senate Judiciary Committee hearing Tuesday, Chair Thomas Umberg (D) foreshadowed more adjustments could come in the weeks ahead.
Republicans and business groups during two hearings Tuesday objected to California legislation seeking limits on surveillance pricing. They raised concerns with proposals regulating businesses’ price flexibility and providing a private right of action.
Colorado shouldn’t use upcoming kids’ privacy regulations as a “back door” to require age verification, retailers warned the state’s law department last week. In addition to warning against requiring verification through possible rules about a company’s “willful disregard” of a user being a minor, industry groups cautioned that any regulation of system design features mustn’t violate the First Amendment.
Massachusetts should follow New York state in passing an age-verification bill to ban social media platforms from using algorithms to deliver content to users younger than 18, said Massachusetts Rep. William MacGregor (D) at a livestreamed Thursday hearing of the Joint Committee on Advanced IT, the Internet and Cybersecurity.
Logitech’s global AI lead doesn’t "subscribe" to the idea that the EU AI Act will stifle innovation, she said Wednesday.