California Privacy Protection Agency’s request for an expedited review for the rulemaking process

Happy Friday --

 

The California Privacy Protection Agency’s requested an expedited review and an earlier effective date for the rulemaking process. You can read the request HERE.


As a reminder, under the regular rulemaking schedule, these regulations would take effect April 1, 2023 if approved by the Office of Administrative Law and filed with the Secretary of State by the end of this month (February).


If the rulemaking package is filed between March 1 and May 31, the applicable effective date would be July 1. See below:


When does an approved regulation become effective?

Generally, regulations become effective on one of four quarterly dates based on when the final regulations are filed with the Secretary of State: January 1, if filed between September 1 and November 30; April 1, if filed between December 1 and February 29; July 1, if filed between March 1 and May 31; and October 1, if filed between June 1 and August 31. Effective dates may vary, however, if a different effective date is provided for in statute or other law, if the adopting agency requests a later effective date, or if the agency demonstrates good cause for an earlier effective date.


As it is highly unlikely this month's deadline will be met for implementation on April 1, it appears that the Agency is instead seeking that the regulations take effect immediately upon being filed with the SOS.

 

As many of you know, the CPPA’s FAQs on their website state “[t]he proposed regulations will go into effect once approved by both the CPPA Board and the Office of Administrative Law (OAL). Pursuant to the timelines prescribed by the California Administrative Procedures Act, the earliest that proposed regulations could be in effect is April 2023; however, this estimate is subject to change”


I wanted to make sure your teams are aware of the Agency’s request and are prepared for the possibility that the effective date may not follow the quarterly timelines.


Also, a quick reminder that the California Privacy Protection Agency (CPPA) issued a formal invitation (read HERE) for preliminary public comments on cybersecurity audits, risk assessments, and automated decision making. Additional background materials can be found HERE.


If you would like to submit comments for CRA to submit on behalf of the association, please do so NO LATER THAN FRIDAY, MARCH 17, 2023.


As always, please let us know if you have any questions regarding either of the issues mentioned in this email.


Rachel

Facebook  Twitter  Linkedin  Instagram  
California Retailers Association | 1121 L Street, Suite 607, Sacramento, CA 95814
Unsubscribe cra@calretailers.com
Update Profile | Constant Contact Data Notice
Sent by cra@calretailers.com powered by
Trusted Email from Constant Contact - Try it FREE today.
Try email marketing for free today!