*Result*: Regulatory compliance for cybersecurity with GDPR and CCPA.

*Legislation such as the General Data Protection Regulation (GDPR) in the European Union and the California Consumer Privacy Act (CCPA) are examples of how concerns about data protection and privacy have emerged from the influence of big digital businesses. This article shifts the focus to a new set of relationships—between corporations and investors—and examines how privacy legislation is addressed in investor presentations. The paper's primary goal is to examine how businesses portray the GDPR and CCPA as potential threats to their operations. To achieve this, they conduct a qualitative analysis of nine large technology businesses' yearly regulatory filings (Form 10-K). This analysis provides insights into the direct and indirect ways these laws may impact technology firms' operations, outlining five ways technology companies perceive GDPR and CCPA as hazards to their company. The paper stresses the significance of these results for the larger CSCW and privacy research groups, underlining the importance of understanding the decision-making dynamics and capital-related factors at these organizations for implementing substantial privacy improvements within the current institutional frameworks. Emphasizing the importance of understanding decision-making dynamics will make the audience feel more informed about the complexities of privacy legislation in the corporate world, empowering them to make informed decisions. [ABSTRACT FROM AUTHOR]*