Janet A. Liang, Chair | California Chamber of Commerce website
Janet A. Liang, Chair | California Chamber of Commerce website
The California Chamber of Commerce has submitted comments in response to the California Privacy Protection Agency's (CPPA) draft regulations on automated decision-making technologies, cybersecurity audits, and privacy risk assessments. The CalChamber supports the goal of protecting consumer privacy and security but argues that the proposed regulations need significant revisions.
The CalChamber raised concerns about several aspects of the draft regulations. It noted that they overreach CPPA’s statutory authority and interfere with ongoing legislative efforts in California regarding automated decision-making technologies. The regulations also conflict with existing statutory rights, deviate from global privacy standards, undermine constitutional protections, and underestimate costs for businesses and the state.
One of CalChamber's key recommendations is a 24-month compliance period for updated regulations. "The cybersecurity audit and risk assessment timelines already recognize a 24-month time frame. Accordingly, the ADMT requirements and the modifications to the existing regulations should also be afforded a 24-month time frame for compliance," stated CalChamber.
Additionally, they urged clarification that these rules apply only to processing activities post-enactment.
An economist report released last November by Capitol Matrix Consulting (CMC), commissioned by CalChamber, indicates that net economic losses could result from these proposals due to reduced jobs and tax revenues in California. This analysis critiques CPPA’s Standardized Regulatory Impact Assessment (SRIA), pointing out underestimations in costs to businesses—projected at $3.5 billion in the first year—and potential employment losses peaking at 126,000 by 2030.
The CMC report also highlighted errors such as underestimating auditor compensation rates and excluding out-of-state business impacts while overstating savings from cybercrime loss reductions due to arithmetic mistakes.
For further details or access to these analyses, readers can refer to full copies available online.
Alerts Sign-up