Does Your CDP's AI Decisioning Require a CCPA Pre-Use Notice?

Angle

California's CPRA ADMT rules (effective January 1, 2026) require pre-use notices, opt-out rights, and logic disclosure for any Automated Decision-Making Technology — and real-time CDP decisioning qualifies. The article explores what 'ADMT-compliant' means architecturally: which decisioning capabilities trigger the rules, which vendors have built opt-out handling into the product, and what organizations must implement themselves regardless of vendor choice.

Key decision this helps with

Which AI decisioning capabilities in your CDP stack trigger CCPA ADMT compliance requirements, and what does compliance cost architecturally?

Tradeoffs the article will map

• Real-time personalization capability vs. ADMT pre-use notice and opt-out overhead
• Vendor-native ADMT compliance tooling vs. customer-side logic disclosure infrastructure
• Granular decisioning transparency (required by ADMT) vs. model IP protection (vendor interest)

Open questions / uncertainties

• CPPA enforcement priorities for CDP-powered ADMT are not yet established — whether automated audience segmentation vs. real-time next-best-action triggers different obligations is unresolved
• Whether ADMT risk assessments apply to decisioning models trained on pseudonymized profiles is legally ambiguous as of early 2026
• No Gartner or Forrester framework yet maps CDP vendors to ADMT compliance surface area

Knowledge-graph nodes this draws from

• concept.real-time-decisioning
• concept.consent-management
• vendor.tealium
• vendor.braze
• vendor.adobe-experience-platform