4. Third parties

An in-depth comparison between ADPPA (American Data Privacy and Protection Act) and the CALIFORNIA PRIVACY LAWS*
*CCPA (California Consumer Privacy Act) and CPRA (California Privacy Rights Act)

Result of comparison ADPPA California Privacy laws CCPA/CPRA
Quite similar
  • Third-party collecting entities refers to the covered entities whose principal source of revenue is derived from processing or transferring data that the entity did not directly collect. In addition to the requirements imposed on covered entities, third-party collecting entities would be required to: (i) register with the national FTC register; (ii) place additional notice on their website to inform consumers of their role as a third-party collecting entity; and (iii) respect signals from the “Do Not Collect” registry (deletion of personal data within 30 days)
  • Such Third parties must get registered with the state according to National Californian laws.
  • The opt-out mechanism/rule also applies to Third parties.
  • As for covered business, also Data brokers must provide the same “Do not sell or share my information” link.