AI News

California Finalizes New Privacy Rules for AI and Cybersecurity

New regulations under the California Consumer Privacy Act will require risk assessments and annual cybersecurity audits for certain businesses.

Olivia Sharp 1 min read 670 views
Free
The California Privacy Protection Agency finalized new regulations under the CCPA, establishing new compliance obligations for cybersecurity and automated decision-making.

On October 9, 2025, the California Privacy Protection Agency (CPPA) finalized a new set of regulations under the California Consumer Privacy Act (CCPA). These rules establish new, mandatory compliance obligations for businesses in three key areas: privacy risk assessments, cybersecurity audits, and the use of automated decision-making technology (ADMT).

Automated Decision-Making Technology (ADMT)

The regulations establish new rules for the use of AI in making "significant decisions" concerning consumers, such as those related to employment, housing, or healthcare. Businesses using ADMT for such purposes must provide consumers with a notice and an option to opt out. The rules for …

Archive Access

This article is older than 24 hours. Create a free account to access our 7-day archive.

Sign Up for Free Archive Access Already have an account? Log in

Share this article

#automation #research #enterprise

Related Articles