Ahead of formal rulemaking, the California Privacy Protection Agency (CPPA) invited preliminary comments on proposed rulemaking under the California Privacy Rights Act of 2020 (CPRA). CJAC collected member feedback and filed comments their behalf in early November.
CPPA asked for input specifically around topics including:
1. Cybersecurity Audits and Consumer Privacy Risk Assessments
Performed by Businesses
2. Automated Decision-making Technology
3. Scope, Processes and Safeguards around CPPA’s Audit Function
4. Consumers’ Rights to Opt-Out of the Selling or Sharing of Their Personal Information and to Limit the Use and Disclosure of their Sensitive Personal Information
5. Consumers’ Rights to Limit the Use and Disclosure of Sensitive Personal Information
6. Information to Be Provided in Response to a Consumers’ Request to Know
7. Feedback on Definitions and Categories
Based on the comments we received, CJAC members and businesses place high priority on promulgation of clarifying regulations that will thoughtfully and objectively guide compliance with the California Consumer Privacy Act and the CPRA.