Regulations related to the California Consumer Privacy Act (CCPA), cybersecurity updates, risk assessments, automated decision-making technology, and insurance companies are the focus of a letter sent Wednesday by America’s Credit Unions and the California Credit Union League to the California Privacy Protection Agency. The CCPA was first enacted in 2018 and amended and expanded in 2020. 

The letter addressed why the proposals will contribute to greater regulatory burden without any corresponding benefit to consumer privacy or safety. 

Given the current extensive supervision and regulation that already applies to federally-insured credit unions,  America’s Credit Unions Director of Innovation Technology Andrew Morris and California Credit Union League Vice President of Regulatory Advocacy and Compliance Lisa Quaranta highlighted concerns that the granularity of the proposed rulemaking, one-size-fits-all design, and needless variation of well-established cybersecurity standards already applicable to California credit unions will be overly burdensome. .

Read the full letter.