Website operators are faced with new privacy compliance requirements nearly every day, it seems. Although there has not been much in the press about it, one new-ish requirement is that websites be configured to respond to a universal opt-out mechanism that users set in their browser settings. This permits a user to use a website and for the website to understand that the user wishes not to have her data sold or shared for marketing purposes. Many new state laws do or will require compliance with such a mechanism.
Why It Matters
Setting up a website to honor a universal opt-out signal should be a relatively low-friction way for a website operator to process user opt-out instructions. (The alternative is to allow users to contact the site and process their instructions on demand.). Currently, the universal mechanism most in favor – and which will be explicitly deemed compliant in Colorado – is GPC, the Global Privacy Control. Clients tell me it is easy to set up ("like flipping a switch"). Now is a good time to enable GPC on your website if you are covered by state privacy laws…which you very likely are.
Subscribe to Taylor English Insights by topic here.
/Passle/5fe0c4f453548a10fc881e09/MediaLibrary/Images/2025-10-09-14-47-09-526-68e7caed09520928935393cf.png)
/Passle/5fe0c4f453548a10fc881e09/SearchServiceImages/2025-09-30-13-12-56-565-68dbd758f6347a2c4b9a81ab.jpg)
/Passle/5fe0c4f453548a10fc881e09/SearchServiceImages/2025-09-02-15-10-27-674-68b708e3a631091b7967ef21.jpg)