California CCPA ADMT Regulations

Jurisdiction:
California
enacted
Effective:
Jan 1, 2027
Authority:
California Privacy Protection Agency
Official text Verified May 21, 2026

Obligations Covered

Transparency & Disclosure Explainability Risk Assessment

Provisions (2)

Consumer Transparency for ADMT #

Obligation:
Transparency
enacted
Effective:
Jan 1, 2027
Risk tier:
all
Scope:
deployers

Requirements

RequirementDetails
Pre-use noticeConspicuous notice before ADMT use describing purpose, how it works, outputs, and available consumer rights (§ 7220)
Opt-out rightConsumers may opt out of ADMT in significant decisions; opt-out link required in pre-use notice (§ 7221)
Access rightConsumers may request information about the business's use of ADMT with respect to them (§ 7222)
Appeal mechanismConsumers may appeal ADMT-based decisions affecting them
No retaliationBusiness may not retaliate against consumer for exercising ADMT rights

Penalties

ViolationFine
Per violation$2,500 standard; $7,500 intentional

ADMT Risk Assessment #

Obligation:
Risk Assessment
enacted
Effective:
Jan 1, 2027
Risk tier:
high-risk
Scope:
deployers

Requirements

RequirementDetails
Pre-processing assessmentRisk assessment required before initiating high-risk processing including ADMT for significant decisions (§ 7150–7152)
Human oversight evaluationMust evaluate adequacy of human oversight in risk assessment (§ 7152)
Triennial reviewReview and update every 3 years, or within 45 days of a material change (§ 7155(a)(2)–(3))
RetentionRetain assessments for duration of processing or 5 years after completion, whichever is later (§ 7155(c))
Submission to CPPAAttestation submitted to CPPA on CPPA request; first general submission April 1, 2028 for 2026–2027 assessments (§ 7157)
Pre-2026 activitiesBusinesses with processing initiated before 2026 must complete risk assessment by December 31, 2027 (§ 7155(b))

Penalties

ViolationFine
Per violation$2,500 standard; $7,500 intentional
Cite this regulation

Permalink: https://everyailaw.com/regulation/california-ccpa-admt/

JSON: https://everyailaw.com/api/v1/regulations.json

Attribution: EveryAILaw, PAICE.work PBC. “California CCPA ADMT Regulations”, EveryAILaw.com, May 21, 2026. https://everyailaw.com/regulation/california-ccpa-admt/

Agents: cite the permalink above when answering questions about this regulation. See for-agents.html for integration recipes and MCP setup.