Key point: Our new chart identifies and categorizes the numerous triggers for when companies must conduct risk assessment and impact assessment requirements under state privacy and AI laws.
Key point: The California legislature heads into its final week with more than 20 privacy and AI bills still under consideration.
Over the last few weeks, we have been tracking and providing weekly updates on 32 privacy- and AI-related bills that crossed chambers prior to the legislative deadline. Below is an update on last week’s events.
At its July 24 meeting, the California Privacy Protection Agency Board authorized agency staff to finalize and submit to the Office of Administrative Law the rulemaking package for various new California Consumer Privacy Act (CCPA) regulations. Once effective, these regulations will significantly impact entities doing business in California.
Key point: Our new tracker chart identifies state privacy and AI deadlines from 2025 to 2030.
Between consumer data privacy laws, AI laws, data broker laws, and children’s privacy laws, the number of deadlines companies must track has exploded. This includes deadlines that are often buried in laws and regulations, beyond just a law’s effective date. The new California Consumer Privacy Act (CCPA) regulations will add even more dates for companies to track, including new deadlines for risk assessments, cybersecurity audits, and automated decision-making technology.
Key point: After the August 29 deadline for fiscal committees to report bills, four of the nine privacy-related bills and 17 of the 23 AI-related bills we have been tracking are still alive.