Last week, the California Privacy Protection Agency (CPPA) voted in favor of a legislative proposal that would require web browsers to include a feature that allows web users the ability to exercise their privacy rights under the California Consumer Privacy Act (CCPA) through opt-out preference signals.
Under the California Consumer Privacy Act (CCPA), businesses must adhere to a user’s opt-out web preference signals as a valid request to opt-out of the sale and/or sharing of their information. These signals are supposed to be ‘global’ meaning that through an opt-out preference signal, a user can opt-out of the sale and sharing of their information on all websites that they interact with without having to make separate requests to each website. However, to exercise this right under the CCPA, a user must either use a browser that SUPPORTS these opt-out preference signals or take extra steps to download a browser plugin to support these signals. Currently, only a few browsers offer built-in support for opt-out preference signals: Mozilla Firefox, DuckDuckGo and Brave. That’s only 10 percent of the global desktop market share. But note, that none of these (or any others) are loaded onto devices by default, which means it is not apparent (or easy) for users to take advantage of these built-in protections.
If the California legislature adopts this proposal from the CPPA, it will be the first state to require browser vendors to enable this type of signals.