Your Meta Pixel Now Needs a California Risk Assessment
California’s CCPA risk-assessment regulations took effect January 1, 2026, after Office of Administrative Law approval on September 22, 2025. WooCommerce stores crossing the 100,000-California-consumer threshold and running Meta Pixel, Google Ads tag, or any retargeting tool now sit inside the CPPA’s automated-decisionmaking definition and have until December 31, 2027 to produce a documented risk assessment for activities already underway. The CPPA fact sheet explicitly names tools that place consumers into ad-targeting audiences as ADMT. Penalties run up to $7,500 per intentional violation. First-party server-side tracking simplifies the safeguards documentation the regulation demands.