California Privacy Protection Agency (CPPA)

The California Privacy Protection Agency (CPPA) enforces California’s privacy laws and is setting the pace for state-level regulation as one of the first U.S. privacy regulators. The agency regularly issues detailed rulemaking on topics such automated decision-making, audits and risk assessments, with businesses watching closely due to CPPA enforcement and interpretation's outsized impact on national privacy expectations. This page tracks agency actions, final and draft regulations and compliance takeaways from CPPA activity.

Date Range:

Author:

Category:

Include:

articlessource documents

Refine Trend Search

Clear Terms

Search Primer

Term list: Separate terms with spaces, not commas or semicolons.

Multi-word term: Place inside quotes to ensure an exact match (e.g. "China import").

Acronyms: Use all capital letters to ensure the search is not looking for that letter sequence instead.

Required term: If a term must be included in any resulting articles, prefix it with a plus sign (e.g., +CBP).

Excluded term: If a term should be excluded from any articles being found, prefix it with a minus sign (e.g., -ruling).

Singular form: Always use the singular form when doing multi-word terms (e.g. "russian export control" instead of "russian export controls").

Shortest word form: When you have different word forms in a quoted (multi-word) term, you want to only include the shortest version if it is the last part of the expression (e.g., "entity list" instead of "entity listing" or "entity listed").