Skip to Content

Privacy & Data

Comments on California Privacy Protection Agency’s Proposed Rules on Automated Decision-making

/ Ridhi Shetty

Recently, the California Privacy Protection Agency issued a Notice of Proposed Rulemaking to advance updated regulations required under the California Consumer Privacy Act (CCPA). CDT submitted comments to the Agency focusing on the proposed requirements for businesses’ use of automated decision-making technologies (ADMTs) and the risk assessments that must be performed for these systems. In particular, our comments recommend:

  • Improving the definition of “automated decision-making technology” so that businesses that rely significantly on automated systems to make their decisions cannot avoid compliance with the rules
  • Ensuring that risk assessments include enough information to determine whether an ADMT’s risks to consumers outweigh the benefits
  • Strengthening the requirements for businesses to provide notice to consumers before and after using an ADMT, and to make sure consumers can exercise their rights to access and appeal ADMTs

Read the full comments.

Related Reading

White document on the black background.

Congressional Leaders Should Oppose & Investigate Unlawful Firings at FTC
The CDT logo. A dark grey "cdt" alongside "Center for Democracy & Technology" on a white background.

CDT, Civil Society Oppose Inadequate West Virginia Privacy Bill
Graphic for CDT report, entitled "Building A Disability-Inclusive AI Ecosystem." Illustration with a mainframe computer, surrounded by web browser windows showing persons with disabilities in different contextual data systems, and data blocks. Top to bottom, left to right: person in a blue shirt wearing headphones; person in an orange shirt; person in a green shirt wearing a NJ tube; person in a purple shirt with a limb difference.

Building A Disability-Inclusive AI Ecosystem: A Cross-Disability, Cross-Systems Analysis Of Best Practices