The American Data Dissemination Act (ADD) has been introduced by Senator Marco Rubio (R-Fla.) to target businesses collecting consumer data over the internet. The bill is considered a response to California’s Consumer Privacy Act (CCPA), which placed regulations on how companies collect and share personal data. As there is a lack of federal regulation when it comes to consumer data, the bill has been much anticipated.

While it does not include specific data privacy regulations, within two and a half years of the bill becoming a law federal privacy law would be established in the U.S. – determined by recommendations by the FTC. However, the FTC has been limited in their recommendations as the ADD requires that they be similar to the 1974 Privacy Act. Many are now arguing that the Act is too antiquated to address the privacy concerns today.

Limiting restrictions included in the ADD include:

  • Criteria for exempting certain small, newly formed businesses
  • Criteria for restricting the disclosure of records maintained by covered businesses
  • Criteria for granting individuals access in response to their requests of records and, if a covered business elects, the record may be deleted subject to certain requirements
  • Criteria for consumers to update incomplete and inaccurate records
  • Establishing a dispute resolution process modeled after section 611(a) of the Fair Credit Reporting Act (FCRA)
  • Establishing accepted standards for a code of practices to ensure the secure collection, maintenance, and dissemination of records for covered businesses
  • Establishing a process for accounting records of disclosures for a reasonable period.

Establishing Privacy Regulations

While many are calling for GDPR-like regulations, this level of stringency is unlikely as the ADD proposes a limited scope and provides exemptions for startups and other small businesses.  The FTC will ultimately determine the stringency of the law.

As for its effect on state legislature, the ADD states that its regulations will supersede all provisions of state law subject to the Act.

In the meantime, learn how Gryphon picks up where regulators leave off.

How to Prepare for New Lead Generation Requirements Effective January 2025

While 2025 may seem far away, preparation time to accommodate the Federal Communication Commission’s (FCC) new requirements targeting and eliminating unlawful text messages and robocalls (aka the lead generator loophole…

12 Risks of Call Center Agent Conversations

Call centers make hundreds of telemarketing calls per day. That’s hundreds of opportunities for agents to unknowingly violate federal, state, and local telemarketing regulations and conversation compliance. While call center…

How AI is reducing burden on call center quality assurance (QA) teams

Call center quality assurance (QA) teams are constantly overburdened with administrative, repetitive tasks that keep them from what’s important: ensuring that your product or service meets the required standards so…