The NAI comments call on the California Privacy Protection Agency to amend their proposed regulations regarding the use of Opt-out Preference Signals, which could be used to unfairly disadvantage businesses across the ecosystem if not deployed effectively. The NAI urged that these Signals clearly represent consumer intent (and not be turned on by default) and that the Agency establish an open and transparent review process for stakeholder input to evaluate any proposed signal mechanisms.
The NAI also encouraged the Agency to harmonize its regulations with other states that have passed broad privacy laws, as the Attorney General of Colorado has committed to do. The differing legal requirements across multiple U.S. states will make compliance difficult to operationalize, particularly for mechanisms such as the opt-out preference signals, and ideally the process for recognizing such signals, which is in greatest need for harmonization and consistency across the country.
This harmonization is especially important for regulations regarding Opt-out Preference Signals, which will be extremely difficult to operationalize according to a patchwork of varied state regulations. Any Opt-out Preference Signal should 1) clearly represent consumer intent (and not be a default); 2) establish an open and transparent review process for stakeholder input to evaluate any proposed signal mechanisms; and 3) recognize that many businesses cannot recognize a consumer’s opt-out request if the signal is disabled or does not transmit after the consumer uses it.