Calif. Privacy Agency Chief Says It's Conducting Slew of Investigations
The California Privacy Protection Agency, the nation's first dedicated privacy regulator, has “many investigations underway,” Executive Director Ashkan Soltani said at a partially virtual CPPA board meeting Friday. Soltani estimated that the agency has received about 100 complaints from consumers since forming in 2021. The CPPA’s data broker registry is up and running after a 2023 bill transferred it to the agency from the California DOJ, Soltani said. Many have since registered and CPPA plans to publish a list of registrants in March, he said. Staff is preparing a proposed rulemaking package including cybersecurity risk assessments, automated decision-making technology for the next board meeting, said Soltani: Staff is incorporating feedback from board members after the Dec. 8 meeting (see 2312080064). In addition, staff is writing draft language and speaking with possible legislative authors for a potential bill that would require browser vendors to let users exercise their California privacy rights through a global opt-out signal, said Maureen Mahoney, deputy director-policy and legislation. “We’re confident that we have adequate resources to effectively sponsor the bill.” CPPA's board voted at last month’s meeting to advance the legislative proposal. The board considered a draft 2024-27 strategic plan with the mission statement: “Protect consumers’ privacy, ensure that businesses and consumers are well-informed about their rights and obligations, and vigorously enforce the law against businesses that violate consumers’ privacy rights.”