AUDITORS found that Google, Meta, and Microsoft around half the time do not honour opt-out requests under California’s privacy law, despite the state’s mandate. According to WebXray, the audit analysed 7,634 popular California websites and found that 194 online advertising services ignore legally defined, globally standard opt-out signals. Google had the highest opt-out failure rate at 86%, followed by Meta at 69%, while Microsoft reportedly honours opt-out signals about half the time.
The report notes that Google sometimes replies with a cookie set to create an advertising ID when an opt-out is received, illustrating non-compliance. So far, Google has faced $2.32 billion in privacy fines, Meta $9.3 billion, and Microsoft $390 million, reflecting ongoing regulatory action alongside a study of broader privacy enforcement. The April 15, 2026, report underscores the need for ongoing testing of opt-out signals and ad‑tech data flows to align with the California Consumer Privacy Act requirements.