For at least a decade, privacy advocates dreamed of a universal, legally enforceable “Do not track” setting. Now, at least in the most populous state in the US, that dream has become a reality. So why isn’t Apple—a company that increasingly uses privacy as a selling point—helping its customers take advantage of it?
When California passed the California Consumer Privacy Act in 2018, it came with a large asterisk. In theory, the law gives California residents the right to tell websites not to sell their personal data. In practice, exercising that right means clicking through an interminable number of privacy policies and cookie notices, one by one, on every site you visit. Only a masochist or a die-hard privacy enthusiast would go to the trouble of clicking through to the cookie settings every time they’re looking up a menu or buying a vacuum. Privacy will remain, for most people, a right that exists only on paper until there’s a simple one-click way to opt out of tracking across the whole internet.
The good news is, that ideal is inching closer and closer to reality. While the CCPA doesn’t explicitly mention a global opt-out, the regulations interpreting the law issued by the California attorney general in 2020 specified that businesses would have to honor one just as they do individual requests. The technology for a universal opt-out didn’t actually exist yet, but last fall, a coalition of companies, nonprofits, and publishers unveiled a technical specification for a global privacy control that can send a CCPA-enforceable “Do not track” signal at the browser or device level.