"Opting out" in a legal sense means the same as it does in an everyday sense. To "opt-out" means you are choosing to no longer participate in something.
Opting out becomes significant in a legal sense when you develop a website or app that's legally required to provide a method of opting out to those who use your website or app.
Not all business models are required by law to provide an opt-out method for customers.
An opt-out policy that lets customers know that they have the ability and right to opt out of aspects of your website or app, as well as a clear and easy-to-follow method for actually opting out, are required by law in certain circumstances, discussed below.
Platforms where opt-out is required
Commercial email marketing platforms are required by law to include opt-out or unsubscribe methods.
This law is known as CAN-SPAM (Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003) and is enforced by the FTC (Federal Trade Commission) in the United States.
Email is considered to be "commercial" for purposes of CAN-SPAM if the email messages are sent out with the main purpose of advertising or promoting a commercial product or service.
To be compliant with CAN-SPAM, each commercial email must have the following aspects:
- A working unsubscribe mechanism that's easily visible and noticeable by customers,
- Accurate and relevant "From" lines and subject lines, and
- A physical address present.
Unsubscribe requests by customers must be honored within 10 days.
Remarketing platforms like Google AdWords, AdRoll, and Perfect Audience all provide Privacy Policies where they require users of their services to update their own Privacy Policies to inform their customers that remarketing is taking place, as well as provide a method for customers to opt-out of remarketing if they desire.
This opting out can either take place through the third party that's using the remarketing platform, or the third party can link back to the main remarketing platform's method for opting out.
If you're developing a remarketing platform, you must create an opt-out method for users. You also need to require third parties that may use your service for remarketing their businesses to update their Privacy Policies to inform customers that remarketing is taking place, and that there is a method to opt out and provide that method.
In the United States, CalOPPA (The California Online Privacy Protection Act) requires this, and in Europe, the Data Protection Directive regulates this. Other countries also have similar laws with similar requirements.
Analytics tracking platforms themselves have requirements for websites who use their platforms.
For example, Google states in its Terms of Service for Google Analytics that:
Any other sort of business model that provides a platform where other businesses can collect and use personal information should have Terms and Conditions in place that require these their customers to include an opt-out method and/or policy in their own Privacy Policies.
Consider the case against Nomi Technologies where Nomi had an app that tracked shoppers around their stores so as to better understand consumer behaviors.
Examples of opt-out policies
It's very important, and very easy, to include opt-out policy information and functions in your website or app.
Here are some examples of how other platforms have executed this requirement to inform users about an opt-out method
Examples from email marketing
Remember, an opt-out method for emails is required for all commercial email messages under the federal CAN-SPAM law, as well as by individual email platforms, such as MailChimp.
UpWork's emails all have an Unsubscribe link at the very bottom.
Emails from eBay ask recipients if they don't want to receive emails from eBay and provide a link to click if the recipient wishes to be removed from the mailing list.
Examples from analytics platforms
First, in the "Information Collected Via Technology" section, in the "Cookies" paragraph, a link is included to where users can go if they "would like to opt-out of" the Mixpanel tracking cookie.
There's also a section titled "Your Information Choices and Changes" that includes information on opting out of email communications, a collection of information by the app, and how "do not track" signals affect a user.
Examples from remarketing platforms
AdRoll places a link in the footer of its website that lets a user adjust ad preferences. This makes it very convenient and noticeable for users who wish to opt out either fully or partially from the AdRoll services.
The "Privacy Notice" of AdRoll also includes a section for "Your choices and opting-out." This section lets users know how they can opt out of targeted ads from both AdRoll and other advertising companies.
A specific AdRoll opt-out link is provided, as well as a link to the Network Advertising Initiative opt-out tool.
These opt-out options are easy to spot, and their placement shows how important they are. The breakdown of platform versus partner is also useful so that people are aware that there may be a number of different opt-out actions to take before a user is fully opted out.