On August 28, 2023, the California Privacy Protection Agency (the “Agency”) released two sets of draft regulations under the California Consumer Privacy Act (the “CCPA”), one for risk assessments and another for cybersecurity audits, as part of the Agency’s informal rulemaking process. We discuss the draft cybersecurity audits in California Proposes Annual Audits to Assess Sufficiency and Compliance of Company Cybersecurity. This post discusses the draft risk assessment regulations (the “Draft…
By: Alston & Bird
By: Alston & Bird
