The American Data Dissemination Act (ADD) has been introduced by Senator Marco Rubio (R-Fla.) to target businesses collecting consumer data over the internet. The bill is considered a response to California’s Consumer Privacy Act (CCPA), which placed regulations on how companies collect and share personal data. As there is a lack of federal regulation when it comes to consumer data, the bill has been much anticipated.

While it does not include specific data privacy regulations, within two and a half years of the bill becoming a law federal privacy law would be established in the U.S. – determined by recommendations by the FTC. However, the FTC has been limited in their recommendations as the ADD requires that they be similar to the 1974 Privacy Act. Many are now arguing that the Act is too antiquated to address the privacy concerns today.

Limiting restrictions included in the ADD include:

  • Criteria for exempting certain small, newly formed businesses
  • Criteria for restricting the disclosure of records maintained by covered businesses
  • Criteria for granting individuals access in response to their requests of records and, if a covered business elects, the record may be deleted subject to certain requirements
  • Criteria for consumers to update incomplete and inaccurate records
  • Establishing a dispute resolution process modeled after section 611(a) of the Fair Credit Reporting Act (FCRA)
  • Establishing accepted standards for a code of practices to ensure the secure collection, maintenance, and dissemination of records for covered businesses
  • Establishing a process for accounting records of disclosures for a reasonable period.

Establishing Privacy Regulations

While many are calling for GDPR-like regulations, this level of stringency is unlikely as the ADD proposes a limited scope and provides exemptions for startups and other small businesses.  The FTC will ultimately determine the stringency of the law.

As for its effect on state legislature, the ADD states that its regulations will supersede all provisions of state law subject to the Act.

In the meantime, learn how Gryphon picks up where regulators leave off.

Related Posts

Regulatory Round Up: Q1 2024

As we wrap the first quarter of 2024, it’s essential to stay up to date on recent telemarketing regulations to ensure operational success for the rest of the year. Here…

Revenue Growth through TCPA and DNC Contact Compliance

There’s a common misconception that implementing a contact compliance solution for DNC and TCPA compliance will hurt your marketing outreach, ultimately impacting revenue growth. However, this doesn’t have to be…

Best Practices for DNC and TCPA Compliance

Year after year consumer trust and brand loyalty continue to be integral to the success of organizations. Can your organization afford to be the headline in major DNC and TCPA…

Learn more about Gryphon