Which regulatory agencies enforce this type of clause?

{'agency': 'FTC', 'reason': 'The FTC regulates data broker practices and can investigate third-party data collection that exceeds disclosed purposes or consumer expectations under FTC Act Section 5.', 'complaint_url': 'https://reportfraud.ftc.gov/'}

What is the severity of this clause?

ConductAtlas classifies this Third-Party Data Collection and Information from External Sources clause as medium severity. Severity reflects the magnitude of rights affected, the breadth of users impacted, and the degree of discretion the platform retains.

Third-Party Data Collection and Information from External Sources — Comcast

Share 𝕏 Share in Share 🔒 PDF

What it is

Xfinity collects personal information about you not just from your own use of its services, but also from third-party data sources, which may include data brokers, credit bureaus, or advertising partners.

Consumer impact (what this means for users)

Xfinity receives personal information about you from outside sources, meaning even if you limit what you share directly with Xfinity, the company may still hold extensive data about you collected from third-party data brokers or partner companies.

Cross-platform context

See how other platforms handle Third-Party Data Collection and Information from External Sources and similar clauses.

Compare across platforms →

Need full compliance memos? See Professional →

Why it matters (compliance & risk perspective)

Xfinity building a profile of you using data collected from external third parties — beyond what you provide directly — significantly expands the scope of data they hold and the accuracy of targeted advertising profiles.

View original clause language

It also applies to the information we collect about you from third parties.

Institutional analysis (Compliance & legal intelligence)

(1) REGULATORY FRAMEWORK: Third-party data collection implicates CCPA/CPRA (Cal. Civ. Code § 1798.100) requiring disclosure of sources from which personal information is collected; EU GDPR Art. 14 requiring notice to data subjects when personal data is not obtained directly from them; FTC Act Section 5 for deceptive practices in data broker relationships; and state data broker registration laws (California Data Broker Registry, Vermont 9 V.S.A. § 2446, Texas Business & Commerce Code § 541). (2)

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

FTC

The FTC regulates data broker practices and can investigate third-party data collection that exceeds disclosed purposes or consumer expectations under FTC Act Section 5.
File a complaint →

Provision details

Document information

Document

Comcast Privacy Policy

Entity

Comcast

Document last updated

April 29, 2026

Tracking information

First tracked

March 20, 2026

Last verified

April 28, 2026

Record ID

CA-P-003796

Document ID

CA-D-00344

Evidence Provenance

Source URL

https://www.xfinity.com/privacy/policy

Wayback Machine

View archived versions →

SHA-256

e43ca0effd6fa8f57499468ded0c2f8fd98db27516f4f9b8ed1fcdd4cbe5541e

Verified

✓ Snapshot stored ✓ Change verified

How to Cite

ConductAtlas Policy Archive
Entity: Comcast | Document: Comcast Privacy Policy | Record: CA-P-003796
Captured: 2026-03-20 04:21:34 UTC | SHA-256: e43ca0effd6fa8f5…
URL: https://conductatlas.com/platform/comcast/comcast-privacy-policy/third-party-data-collection-and-information-from-external-sources/
Accessed: May 2, 2026

Classification

Severity

Medium

Third-Party Data Collection and Information from External Sources