I asked them in writing. It will be interesting to see if they comply.

To be clear, the purpose of the post is to understand the law (the forum being !law_us) because I want to fix this problem for everyone not just myself. I believe these digital rights abuses are so rampant because so few people step up to the plate to fix the problem for everyone. Most people just pragmatically fix the problem for themselves and move on. I want to understand the law to get an idea of the legal actionablity so that I can work out whether I have a pathway to force the CU to make their workflow with all customers legally compliant -- which would be a process I can recycle with other similar data abusers (other banks).

I blame Taylor Swift, telling people to “shake, shake, shake it off…” instead of fighting back.

When I visit the opt-out website and it simply prints on the screen “403 Forbidden”. No reason given¹. No recourse given. That is not giving opportunity. When they conceal the URL from some demographics of people, that is also withholding an opportunity to opt-out.

Let’s suppose the opt-out procedure were completely disclosed and fully transparent. Suppose they sent a properly formed email that reveals the opt-out procedure to everyone (inluding those with text-based MUAs). If they were to outright state something like “you must use our preferred network (clearnet, not Tor, not VPN, not CGNAT), you must share your personal IP address with a 3rd party with no expectation of privacy, and you must solve a series of CAPTCHA tests after traversing our cookie wall.” That would still be giving exclusive opportunity. IOW, not everyone has opportunity, just those who are both willing and able to dance for them. When strings are attached to the opt-out, that “opportunity” is conditional. I believe the law would have to specifically state that conditional opportunity is permissable. Otherwise the only valid interpretation of law (IIUC) is that the opportunity be unconditional. Hence my question.

If you believe arbitrarily conditional opportunity is lawful, what’s your limit? What if the procedure requires driving to a remote location, crossing a river with crockodiles, and running through an area with snakes and scorpions in order to reach a form (written in a blend of Mandarin and Apache) that you must fill out requesting an opt-out? Would you still regard that as giving opportunity?

¹ When I say that they are blocking people who are on the Tor network, that is merely my guess. A “403 Forbidden” can manifest for many reasons and in this case the site does not state why a 403 was pushed. But regardless of their undisclosed reason, when they lock someone out of their gate, it is of course denying opportunity to opt out.