close
close
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
header image

Do Not Sell or Share Opt-Outs: Global Privacy Control Setup

The open standard that honors user-initiated opt-out preferences.

California’s Consumer Privacy Protection Act (CCPA) grants consumers the right to opt-out of the “sale” of their personal information. The Consumer Privacy Rights Act (CPRA) ballot initiative which amends and strengthens the CCPA also expands and clarifies this right. The CPRA introduces a parallel right for Californians to opt-out of having their data“shared” (transmitted actively or collected passively) by providers of “cross-context behavioral advertising”. The goal of this expansion was to close a loophole in the CCPA and its original regulations that allowed certain advertising technology and services providers to sidestep Do Not Sell notice and opt-out obligations.

Notably, the California Attorney General introduced an obligation for businesses to honor user-initiated opt-out preference signals as a frictionless addition to other regulated Do Not Sell or Share opt-out mechanisms. Analogous obligations have been introduced in Colorado and Connecticut under their respective new privacy laws, but not in VIrginia and Utah.