How could the upcoming ePrivacy Regulation recognise enforceable privacy signals in the EU?

Privacy signals are digital representations that allow users to communicate their preferences [1] [2][3][4] of how users want their personal data to be processed, e.g. Do Not Track [5][6] for opting out of tracking, Global Privacy Control (GPC) [7] for opting out of third party sharing, IAB’s Transparency and Consent (TCF) signal [8] for communicating decisions), or exercise rights (e.g. Art.21(5) GDPR), and can be automated and customised for the websites they visit. In this paper we discuss requirements that privacy signals must satisfy to be enforceable under the ePrivacy Regulation and enable its real-world application.