I kind of wonder whether it'd be worthwhile to have a certification agency that just certifies things for privacy and non-cloud-connectivity or the like. Trying to dig through spec sheets and reviews to figure out how a product functions is a pain. I'd rather pay slightly more to just look for some privacy certification on a product. I don't really want to try to keep up with the latest privacy issues present in a given product category, would rather have a specialist do that.
Like, let me just look for a "PC-24-O" (Privacy Certification 2024 Offline) label or something on products. Saves me time. Also would let vendors like Amazon let me filter products for that certification.
I would love something like this. I have to dig through documentation all the time for security reviews for various applications as part of my job and it would be so much easier if all that crap was just standardized.
That's the "licensing" approach, where something is mandatory for all products that may be sold. I don't want to ban cloud-connected products across-the-board; stuff like a Roku, say, fundamentally is bound up with an online service. Or for everyone; some people are more-okay with cloud-connected products than I am.
I'd rather have a "certification" approach, which just makes it easy for people to choose what to get.