The Board of the California Privacy Protection Agency (the CPPA) held its first meeting since July on Friday, September 8, 2023, and discussed the first public draft of cybersecurity audit regulations and risk assessment regulations. While the CPPA Board expressly announced that the drafts were for board meeting discussion purposes and that it has not started the formal rulemaking procedures yet, the first public drafts of the regulations provide a roadmap for where the CPPA Board may go, and the draft regulations would impose new and detailed compliance requirements.

Read the full Update here.