[tlibert]

To quote our report: At webXray we are experts in tracking technologies, and we work closely with in-house counsel, defense, plaintiff firms, and regulators. However, we are not lawyers ourselves, thus nothing in this report represents a legal conclusion. webXray was not founded to supplant the role of lawyers, courts, or judges. We were founded to provide clear, accurate, forensic data, without fear or favor. We believe that by filling this gap we can enhance outcomes for all consumers, businesses, and regulators.

---

We are filing the gap related to reliable facts not existing. We did a scientifically controlled test with GPC on and off. We presented the results as technical findings along with general background.

We are not lawyers, and we are happy to help others perform their own audits: https://webxray.ai - we have no desire to be lawyers.

We are a hard-tech engineering outfit, we deliver scientific clarity on complex topics.

[warkdarrior]

So you agree that you have no way to confirm whether those websites honor or do not honor the do-not-sell-my-info choice. You are simply checking whether they set cookies or not, without knowing whether the data is sold or not on the backend.

[tlibert]

We run scientific audits that provide evidence of specific data transfers under specific network conditions.

[nostrademons]

Your marketing should specifically say "We track cookies" (or if you wanna get punchy about it, "We track cookies so cookies don't track you") so potential customers know exactly what they're getting. For the purposes of legal compliance, this is pretty irrelevant. There may be people that want to know that the existing laws and company's compliance to them doesn't actually stop the cookies from being sent, but your privacy report says the companies are "Our findings reveal major technology companies simply ignore globally defined opt-out signals, raising the spectre of industrial-scale non-compliance with California requirements", which is untrue and potentially opens you up to libel claims. They are not ignoring the laws, they are complying with the laws in a way that may or may not be what the consumer actually cares about.

[tbrockman]

Do you have any legal experience, evidence, or case history to support your perspective? You assert that the statement "Our findings reveal major technology companies simply ignore globally defined opt-out signals, raising the spectre of industrial-scale non-compliance with California requirements" is untrue -- how do you know? Do you think everything found in the discovery process would agree? Do you think a company with a history of privacy violations would actually go through with a lawsuit where they'd have to definitively prove they don't? What about proving malice, that webXray knew their statements were false or acted with reckless disregard for their truth? What about the risk of filing a suit where California's anti-SLAPP statue would probably apply?