• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to secondary sidebar

Alston & Bird Privacy, Cyber & Data Strategy Blog

  • Home
  • Services
  • Events
  • Contacts

Cybersecurity Audit

CPPA Board Votes to Adopt CCPA Regulations; Open DROP Rules to Public Comment

July 25, 2025 By Dorian Simmons

On July 24, 2025, the California Privacy Protection Agency (“CPPA”) Board voted to adopt draft regulations under the California Consumer Privacy Act (“CCPA”) concerning cybersecurity audits, risk assessments, automated decisionmaking technologies, and the CCPA’s application to insurance companies. The approved regulations also include certain updates to the existing CCPA regulations. The CPPA will now submit […]

Filed Under: AI, Artificial Intelligence, California, CCPA, CPPA, CPRA, Cybersecurity, Cybersecurity Audit, Data Security, ePrivacy, Privacy, Regulation Tagged With: Artificial Intelligence, California Consumer Privacy Act (CCPA), California Privacy Protection Agency (CPPA), California Privacy Rights Act (CPRA), Cybersecurity, Privacy, Regulatory Enforcement, US State Law

CPPA Board to Discuss Draft CCPA Regulations, DROP Requirements

July 23, 2025 By Dorian Simmons

The California Privacy Protection Agency (“CPPA”) Board will meet on Thursday, July 24 to discuss the California Consumer Privacy Act (“CCPA”) draft regulations on cybersecurity audits, risk assessments, automatic decisionmaking technology (“ADMT”), the CCPA’s application to insurance companies, and updates to the existing CCPA regulations. Ahead of the meeting, the CPPA re-issued the draft regulations […]

Filed Under: AI, Artificial Intelligence, California, CCPA, CPRA, Cybersecurity, Cybersecurity Audit, Data Protection, Data Security, ePrivacy, Privacy, Regulation Tagged With: Artificial Intelligence, California Consumer Privacy Act (CCPA), California Privacy Protection Agency (CPPA), California Privacy Rights Act (CPRA), Cybersecurity, Data Protection, US State Law

CPPA Issues Revised Draft CCPA Regulations; Votes to Initiate Public Comment Period

May 9, 2025 By Dorian Simmons

On May 1, 2025, the California Privacy Protection Agency (“CPPA”) Board convened to discuss revisions to the California Consumer Privacy Act (“CCPA”) draft regulations on cybersecurity audits, risk assessments, automatic decisionmaking technology (“ADMT”), insurance, and updates to the existing CCPA regulations. The revisions were informed by comments received by the CPPA during the formal public […]

Filed Under: AI, Artificial Intelligence, California, CCPA, CFAA, CPPA, CPRA, Cybersecurity, Cybersecurity Audit, Data Protection, Data Security, ePrivacy, FTC, Legislation, Online Privacy, Privacy, Regulation Tagged With: Artificial Intelligence, Behavioral Tracking, California Consumer Privacy Act (CCPA), California Privacy Protection Agency (CPPA), California Privacy Rights Act (CPRA), Cybersecurity, Federal Trade Commission (FTC), Tracking, US State Law

CPPA Board Declines to Advance CCPA Regulations to Formal Rulemaking; CPPA Highlights Enforcement Priorities

July 19, 2024 By Dorian Simmons

On July 16, 2024, the California Privacy Protection Agency (the “CPPA”) board declined to advance to formal rulemaking California Consumer Privacy Act (“CCPA”) draft regulations on cybersecurity audits, risk assessments, automated decisionmaking technology, insurance companies and updates to existing regulations. The CPPA board voted against advancing the regulations during its board meeting when it also […]

Filed Under: AI, Artificial Intelligence, California, CCPA, CPPA, CPRA, Cybersecurity Audit, ePrivacy, Online Privacy, Privacy, Regulation Tagged With: California Consumer Privacy Act (CCPA), California Privacy Protection Agency (CPPA), California Privacy Rights Act (CPRA)

SEC Settlement Suggests the Agency’s Attempt to Regulate Cybersecurity Controls

July 2, 2024 By Cara Peterman, Kim Peretti, David Brown, Sierra Shear and Madeleine Juszynski Davidson

On June 18, 2024, the SEC announced a $2.125 million settlement with R.R. Donnelley & Sons Co. (“RRD”) related to the company’s 2021 ransomware attack (the “Incident”). The settlement, and the SEC’s accompanying cease-and-desist order (the “Order”), portend the agency’s continued and increasing oversight over registrants’ cybersecurity policies and practices. Background RRD is a global […]

Filed Under: Advisories, Cybersecurity, Cybersecurity Audit, Enforcement, SEC Tagged With: Cybersecurity, Regulatory Enforcement

  • Page 1
  • Page 2
  • Go to Next Page »

Primary Sidebar

This blog is a service of Alston & Bird’s Privacy, Cyber & Data Strategy team and focuses on key data privacy and data security issues.


Receive email notifications when new posts are added.

Receive email notifications when new posts are added.


RANSOMWARE FUSION CENTER
Click here to request access

THE DIGITAL DOWNLOAD
Click here to see the editions

PRIVACY & CYBER EVENTS
Click here to see upcoming and past events

PRIVACY & CYBER MAILINGS
Click here to sign up

@ALSTONPRIVACY
Click here to follow us on Twitter

Secondary Sidebar

Categories

Recent Posts

  • Microsoft Announces Two New On-Premises SharePoint Vulnerabilities
  • CPPA Board Votes to Adopt CCPA Regulations; Open DROP Rules to Public Comment
  • EU-wide Breach Notification Template On The Horizon
  • CPPA Board to Discuss Draft CCPA Regulations, DROP Requirements
  • SEC Withdraws Proposed Cyber-Related Rule Applicable to Broker-Dealers And Signals SolarWinds Settlement on the Horizon
Copyright © 2025 · Alston & Bird · All Rights Reserved. Privacy.
This website uses cookies to improve functionality and performance. By continuing to browse this site, you are consenting to the use of cookies on this website.