RIPA is one of those bills that was probably deliberately incomprehensible such that no-one could find anything to object to before it passed.
If I remember correctly it was unlimited data collection with compulsory installation of surveillance equipment and criminal penalties for providers to even mention they were spying on anyone.
My understanding is that RIPA does NOT force Telcos and ISPs to collect any data that they wouldn't otherwise collect in the normal course of their business (e.g. for billing purposes). However, it DOES force them to hand over the data that they do collect, without a warrant, to any one of about 800 official bodies.
CDB, for the first time, would allow government to force ISPs and Telcos to collect specific types of data that the government wants, but which the Telcos and ISPs don't want or need. And then hand it over under similar terms to RIPA, again with no warrant.
Initially RIPA only allowed about half a dozen law-enforcement agencies to demand data, but this list was radically extended by order (i.e. unvetted by parliament) to include job centres, 474 local councils, the Chief Inspector of Schools, Ofﬁce of Fair Trading, Charity Commission, DEFRA, Driving Standards Agency, and Royal Pharmaceutical Society of Great Britain. It looks as though the Home Office has the same game-plan for CDB - initially only a short list of law-enforcers would have CDB powers, but the list could be extended by order. Agencies that have RIPA powers are, of course, queuing up to make the case to get CDB powers.
IMHO the key point to make is that RIPA has been amended to force Councils to get a Magistrate's Warrant before they can use RIPA powers (because of a public outcry). If these safeguards are needed for (elected) councils, surely they're also needed for (unelected) Quangos, HMRC, Police, etc, etc.
If officialdom needs a warrant to search someone's house, it should also need a warrant to search their communications data.