[boxfire]

Would making all HTTP requests embed a header with a CCPA / GPDR claim be binding? It is as verifiable as any request through their form... its my original connection, so if they associate tracking data with me then they must associate this with me as well. Businesses should agree to my terms to make socket connections to me, else I should be able to see them in court. Proliferation is one way to end the modern shitty tracking madness.

> x-ccpa I do not consent to the sale or disclosure of my personal data and demand the deletion of my personal data per Californa CIV 1798.120, 1798.121, and 1798.105

[mnw21cam]

At a basic level, you shouldn't have to declare that you haven't agreed to something. You have only agreed to it if you actually do something to agree to it. The only advantage this could possibly have is if the web sites stop asking you to agree if you tell them in advance that you won't. However, I can't see that it would be illegal for them to ask anyway, so they will.

Secondly, this is another thing that would be used to fingerprint the web browser.