It doesn't take a genius to understand that these tools gather data for a multitude of purposes. One search on shoes and every web site you go to has an ad for shoes on it. What the US is trying to avoid is regulation such as General Data Protection Regulation (GDPR). These regulations were implemented in Europe in 2016 to protect the consumer. They are much more stringent in the handling of your personal information. In a GUI driven environment they must identify what they want from you and for what purposes it will be used. The request must be presented to the end user in a question answer format that requires the end user to respond. The end user may at anytime ask for their personal data and may at any time require that their personal data be removed. Also GDPR requires explicit confirmation from end users to share their data with any third party. IE a company cannot collect data on you and share it with anyone else which effectively puts a stop to selling mailing lists. Is GDPR the answer to online protection? Possibly not but it is a huge step in the right direction and one I doubt we will ever see in the US.