Start Free Trial
Home/Regulations/CCPA / CPRA (California) — Regulatory Reference
Regulatory Reference
Technology State high

CCPA / CPRA (California) — Regulatory Reference

Consumer data rights, opt-out of sale — AutoPIL enforces purpose limitation before data enters agent context.

Key Provisions
  • Consumer rights — know, delete, correct, opt-out of sale or sharing, limit use of sensitive PI
  • ADMT rulemaking from California Privacy Protection Agency
  • Cybersecurity audit and risk assessment requirements (proposed)
How AutoPIL Enforces It
  • Opt-out signals propagate to AutoPIL policy and gate AI retrievals
  • Sensitive PI category enforced as a sensitivity ceiling
  • Audit chain supports Right-to-Know responses
Policy EngineSensitivity LabelsAudit LogCatalogAgent Registry
AutoPIL Policy IDs
TEC-CCPA-OPT-001Opt-Out Propagation to AI Agents
TEC-CCPA-SPI-001Sensitive PI Boundary
Official Sources
https://oag.ca.gov/privacy/ccpahttps://cppa.ca.gov/regulations/

This page is a working reference and not a substitute for qualified legal review. Verify against official sources before use in compliance artifacts.

AutoPIL Governance Platform

Enforce this regulation today

AutoPIL intercepts every AI agent data access call, enforces your policy, and writes a tamper-evident audit record — before sensitive data enters the agent context window.

Start Free Trial View All Industries