01-28-2021 , 10:21 PM
OnOn today’s internet, information is nearly impossible to control. It’s become commonplace for a single website visit to spill over into targeted ads (often for something you’ve already bought) or unexpectedly canny spam emails. It’s assumed that information from your browsing history will be available to target your Instagram ads, and despite nominal commitments to privacy, tech companies have mostly given up trying to stop those data flows.
Privacy groups are hoping that a new standard, called Global Privacy Control, will change that. It’s designed as a global opt out, a general signal that users want as little data collection and sharing as possible. In particular, the GPC standard will let users signal that they don’t want services to share their data with third-party data brokers, something that is outside the reach of most modern privacy tools. The team hopes that this new signal will give users a way to protect their data after it’s been collected and ensure personal information doesn’t travel too far.
“You don’t know if they’re selling data on the back end”
“When you go to a website right now, you don’t know if they’re selling data on the back end,” says DuckDuckGo CEO Gabriel Weinberg, a central player in the project. “But we’re hoping that this signal will stop them from doing that, because it will be legally binding.”
The GPC standard sprang from a powerful but little-noticed provision in the California Consumer Privacy Act (CCPA), which was strengthened further with the passage of the California Privacy Rights Act in November. A provision in the law gives Californians the right to opt out of having their personal information sold by the sites they visit. Crucially, the law interprets “sell” as including any exchange of value, which could include being read broadly enough to go beyond outright data broker sales and into the endemic tracking pixels that power much of the advertising you see online.
“The right is supposed to prevent any third-party tracking,” says Ashkan Soltani, who worked on drafting the CCPA and CPRA and has been a pivotal force in drafting the new standard. “There hasn’t been too much enforcement yet but more importantly, people don’t know about it and can’t find the button, so not many people opt out…But the CCPA also has in it the right for users to opt-out through a global privacy control.”
Global Privacy Control is meant to automate that opt out, letting users click a single button on their browser instead of hunting for the opt out on every website they visit. Starting today, browsers from Brave and DuckDuckGo will send the GPC signal by default, and DuckDuckGo plugins will let you bring the same signal to Firefox and Chrome. Privacy Badger, Abine, and Disconnect.me have made similar moves to build the standard into their products. All told, project organizers estimate that 40 million users worldwide will be sending out the GPC signal through one product or another, giving them surprising political muscle when future privacy rules are written.
Source
Privacy groups are hoping that a new standard, called Global Privacy Control, will change that. It’s designed as a global opt out, a general signal that users want as little data collection and sharing as possible. In particular, the GPC standard will let users signal that they don’t want services to share their data with third-party data brokers, something that is outside the reach of most modern privacy tools. The team hopes that this new signal will give users a way to protect their data after it’s been collected and ensure personal information doesn’t travel too far.
“You don’t know if they’re selling data on the back end”
“When you go to a website right now, you don’t know if they’re selling data on the back end,” says DuckDuckGo CEO Gabriel Weinberg, a central player in the project. “But we’re hoping that this signal will stop them from doing that, because it will be legally binding.”
The GPC standard sprang from a powerful but little-noticed provision in the California Consumer Privacy Act (CCPA), which was strengthened further with the passage of the California Privacy Rights Act in November. A provision in the law gives Californians the right to opt out of having their personal information sold by the sites they visit. Crucially, the law interprets “sell” as including any exchange of value, which could include being read broadly enough to go beyond outright data broker sales and into the endemic tracking pixels that power much of the advertising you see online.
“The right is supposed to prevent any third-party tracking,” says Ashkan Soltani, who worked on drafting the CCPA and CPRA and has been a pivotal force in drafting the new standard. “There hasn’t been too much enforcement yet but more importantly, people don’t know about it and can’t find the button, so not many people opt out…But the CCPA also has in it the right for users to opt-out through a global privacy control.”
Global Privacy Control is meant to automate that opt out, letting users click a single button on their browser instead of hunting for the opt out on every website they visit. Starting today, browsers from Brave and DuckDuckGo will send the GPC signal by default, and DuckDuckGo plugins will let you bring the same signal to Firefox and Chrome. Privacy Badger, Abine, and Disconnect.me have made similar moves to build the standard into their products. All told, project organizers estimate that 40 million users worldwide will be sending out the GPC signal through one product or another, giving them surprising political muscle when future privacy rules are written.
Source