I don't see a way to opt-out without plastic surgery.
Make storing personal data like storing hazardous material. Something you absolutely avoid if possible, and treat with extreme care when you absolutely must store it.
Unfortunately the users of this site would rather tell you to move to the woods, go off grid, and paint dazzle camouflage on your face before admitting that a solution has to come from society rather than the individual.
If you want to scare businesses, ban arbitration clauses and other self-absolving Terms of Service. It won't stop Pornhub from getting hacked but it will make their lawyers piss themselves imagining the consequences. Trying to enforce SOC2 on the entire internet is an exercise in futility that will end with Russian hackers selling your credit card to teenagers.
Society really needs to do this as soon as possible. These businesses give themselves the right to do anything they want by putting some clause in some document nobody reads.
https://www.privacy.org.nz/privacy-act-2020/privacy-principl...
The concern is (as always) when the law is not adhered to by those tasked with enforcing it.
I'm tired of hearing minimizing language like "Police now admit their actions were not consistent with the law" and that being the end of the matter.
Not only we have (non-compliant) consent flows that destroyed user experience everywhere (without improving privacy in any way, since again they're not compliant and not actually designed to give you privacy), but the lack of enforcement means companies can now claim various things as GDPR compliant, knowing full well nobody is going to actually examine this claim (and if they do, the resulting consequences will be negligible) to give their users/customers a false sense of security.
Of course it doesn't appear "spontaneously," it's the result of your actions and others' actions, hence the "cabin in the woods" solution. The commenter is implying that expecting each individual to carefully act to preserve their online privacy clearly isn't producing good outcomes, and would like to see collective action through regulation to encourage better outcomes.
> If you want to scare businesses, ban arbitration clauses and other self-absolving Terms of Service.
That is one potential way to implement the suggested "hazardous material" policy. If storage of any data opens a business up to legal action with teeth then they'll stop risking the storage of such data outside of when the benefit to them outweighs the potential risk. Ideally the risk would be such that it becomes standard practice to process data on-device and design protocols and services such that only the absolute minimum required amount of information leaves end-user devices.
Except supporting NGOs fighting against the surveillance: https://eff.org, https://edri.org.