Laws & Regulations
In November 2020, California voters passed Proposition 24, the California Privacy Rights Act ("CPRA"). The CPRA amends and extends the California Consumer Privacy Act of 2018 ("CCPA"). To implement the law, the CPRA established the California Privacy Protection Agency ("Agency") and vested it with the full administrative power, authority and jurisdiction to implement and enforce the California Consumer Privacy Act of 2018. The Agency’s responsibilities include updating existing regulations, and adopting new regulations.
The California Consumer Privacy Act
- The CCPA (amended by the CPRA)
- Proposition 24 – Text, includes Findings and Declarations, Purpose and Intent)
- Proposition 24 – Voter Guide
Current Preliminary Rulemaking Activity
- CPPA Pre-Rulemaking Activities on Cybersecurity Audits, Risk Assessments, and Automated Decisionmaking
Completed Rulemaking Activity
- California Consumer Privacy Act Regulations
- Transfer of Rulemaking Authority & New Division for CPPA Regulations
- CPPA Pre-Rulemaking Activities
Notifications Regarding Our Rulemaking
Information regarding the rulemaking process will be posted to this page. If you would like to receive notifications regarding rulemaking activities, please subscribe to our email list here.