On October 8, The California Privacy Protection Agency (CPPA) announced that Governor Gavin Newsom had signed the California Opt Me Out Act (AB 566) into law following the state legislature’s passage of the bill on September 11. The Act, which will take effect January 1, 2027, mandates that browsers provide a setting “configurable by a consumer that enables the browser to send an opt-out preference signal” to any business the consumer interacts with online, and that this feature is easy for “a reasonable person to locate and configure.”

AB 566’s approach was designed to streamline how consumers exercise privacy rights under the California Consumer Privacy Act (CCPA). Rather than opting out individually at each website, consumers will now be able to use a universal tool built into any browser to limit the sale and sharing of their personal information.

The Opt Me Out Act specifies that browser developers must make clear in public disclosures how the opt-out signal works, what types of personal information it covers, and the intended effect of the signal. Previously, in its announcement following passage in the legislature, the CPPA — which sponsored the bill — said businesses receiving the signal would be required to honor it under the CCPA but may still ask for a consumer’s consent to sell or share data if there is a conflict between the opt-out signal and the consumer’s existing privacy settings.