The American Data Dissemination Act (ADD) has been introduced by Senator Marco Rubio (R-Fla.) to target businesses collecting consumer data over the internet. The bill is considered a response to California’s Consumer Privacy Act (CCPA), which placed regulations on how companies collect and share personal data. As there is a lack of federal regulation when it comes to consumer data, the bill has been much anticipated.

While it does not include specific data privacy regulations, within two and a half years of the bill becoming a law federal privacy law would be established in the U.S. – determined by recommendations by the FTC. However, the FTC has been limited in their recommendations as the ADD requires that they be similar to the 1974 Privacy Act. Many are now arguing that the Act is too antiquated to address the privacy concerns today.

Limiting restrictions included in the ADD include:

  • Criteria for exempting certain small, newly formed businesses
  • Criteria for restricting the disclosure of records maintained by covered businesses
  • Criteria for granting individuals access in response to their requests of records and, if a covered business elects, the record may be deleted subject to certain requirements
  • Criteria for consumers to update incomplete and inaccurate records
  • Establishing a dispute resolution process modeled after section 611(a) of the Fair Credit Reporting Act (FCRA)
  • Establishing accepted standards for a code of practices to ensure the secure collection, maintenance, and dissemination of records for covered businesses
  • Establishing a process for accounting records of disclosures for a reasonable period.

Establishing Privacy Regulations

While many are calling for GDPR-like regulations, this level of stringency is unlikely as the ADD proposes a limited scope and provides exemptions for startups and other small businesses.  The FTC will ultimately determine the stringency of the law.

As for its effect on state legislature, the ADD states that its regulations will supersede all provisions of state law subject to the Act.

In the meantime, learn how Gryphon picks up where regulators leave off.

New Telemarketing Sales Rule Provisions and What You Need to Know

While the Federal Communications Commission (FCC) has kept companies busy with a flurry of newly proposed (and enacted) legislation over the last few months, their partner, the Federal Trade Commission…

The Power of Branded Calling in Telemarketing

There are millions of unknown calls made per week to US consumers and of those calls, only 11% are answered*. Consumers receive calls from unknown numbers and don’t pick up…

Understanding TCPA Compliance

What is the TCPA? Understanding TCPA compliance begins with recognizing the foundational legislation that governs it. The Telephone Consumer Protection Act (TCPA) was enacted in 1991 by Congress to combat…