Global Privacy Control
   HOME

TheInfoList



Click Here for Items Related To - Global Privacy Control
OR:
Global Privacy Control on:   [Wikipedia]   [Google]   [Amazon]

Global Privacy Control (GPC) is a set of web technologies that can be used to inform websites of the user's wish to have their information not be sold or used by ad trackers. Unlike the now-deprecated Do Not Track header, which was unsuccessful as it was ignored by third parties, GPC is intended to have legal force under privacy laws. GPC was developed in 2020 by privacy technology researchers including
Wesleyan University Wesleyan University ( ) is a Private university, private liberal arts college, liberal arts university in Middletown, Connecticut, United States. It was founded in 1831 as a Men's colleges in the United States, men's college under the Methodi ...
professor Sebastian Zimmeck and former Chief Technologist of the
Federal Trade Commission The Federal Trade Commission (FTC) is an independent agency of the United States government whose principal mission is the enforcement of civil (non-criminal) United States antitrust law, antitrust law and the promotion of consumer protection. It ...
Ashkan Soltani, as well as a group of privacy-focused companies including the
Electronic Frontier Foundation The Electronic Frontier Foundation (EFF) is an American international non-profit digital rights group based in San Francisco, California. It was founded in 1990 to promote Internet civil liberties. It provides funds for legal defense in court, ...
,
Automattic Automattic Inc. is an American global distributed company most notable for WordPress.com and its contributions to the WordPress system. The company was founded in 2005. Automattic's brands and products include WordPress.com, Akismet, Gra ...
(owner of
Tumblr Tumblr (pronounced "tumbler") is a microblogging and Social networking service, social networking website founded by David Karp in 2007 and is owned by American company Automattic. The service allows users to post multimedia and other content ...
and
WordPress WordPress (WP, or WordPress.org) is a web content management system. It was originally created as a tool to publish blogs but has evolved to support publishing other web content, including more traditional websites, electronic mailing list, ma ...
), and more.


Implementation

GPC has three implementations, two of which allow browsers to communicate preferences to web servers and web content, and the third allowing website operators to signal information about GPC compliance to the rest of the Internet. The first is an
HTTP header HTTP header fields are a list of strings sent and received by both the client program and server on every HTTP request and response. These headers are usually invisible to the end-user and are only processed or logged by the server and client ...
with the form Sec-GPC: 1 The character '1' is the only allowed value for the header. There is deliberately no mechanism for extensibility; the creators of the standard have stated that they will create new headers if extension becomes necessary. The GPC preference may also be signalled by the browser setting the gpcAtNavigation property of the top-level browsing context of loaded pages to the value true. Finally, websites can optionally host a JSON-formatted file at the well-known URI .well-known/gpc.json to indicate how they respond to the GPC signal.


Adoption

GPC has been implemented by
Mozilla Firefox Mozilla Firefox, or simply Firefox, is a free and open-source web browser developed by the Mozilla Foundation and its subsidiary, the Mozilla Corporation. It uses the Gecko rendering engine to display web pages, which implements curren ...
, Brave, and DuckDuckGo Private Browser. GPC is not yet supported by
Google Chrome Google Chrome is a web browser developed by Google. It was first released in 2008 for Microsoft Windows, built with free software components from Apple WebKit and Mozilla Firefox. Versions were later released for Linux, macOS, iOS, iPadOS, an ...
or
Microsoft Edge Microsoft Edge is a Proprietary Software, proprietary cross-platform software, cross-platform web browser created by Microsoft and based on the Chromium (web browser), Chromium open-source project, superseding Edge Legacy. In Windows 11, Edge ...
, despite Chrome still allowing users to enable the Do Not Track header. However, there are third-party extensions available for Chrome that enable sending the GPC header during HTTP requests, including the EFF's Privacy Badger extension and the
DuckDuckGo DuckDuckGo is an American software company focused on online privacy whose flagship product is a search engine named DuckDuckGo. Founded by Gabriel Weinberg in 2008, its later products include browser extensions and a custom DuckDuckGo web ...
Privacy Essentials add-on amongst others. The ''
New York Times ''The New York Times'' (''NYT'') is an American daily newspaper based in New York City. ''The New York Times'' covers domestic, national, and international news, and publishes opinion pieces, investigative reports, and reviews. As one of ...
'' and ''
Washington Post ''The Washington Post'', locally known as ''The'' ''Post'' and, informally, ''WaPo'' or ''WP'', is an American daily newspaper published in Washington, D.C., the national capital. It is the most widely circulated newspaper in the Washington m ...
'' have both implemented the signal. The GPC is supported by
Firefox Mozilla Firefox, or simply Firefox, is a free and open-source web browser developed by the Mozilla Foundation and its subsidiary, the Mozilla Corporation. It uses the Gecko rendering engine to display web pages, which implements curr ...
creator
Mozilla Mozilla is a free software community founded in 1998 by members of Netscape. The Mozilla community uses, develops, publishes and supports Mozilla products, thereby promoting free software and open standards. The community is supported institution ...
as well as the
California Attorney General The attorney general of California is the state attorney general of the government of California. The officer must ensure that "the laws of the state are uniformly and adequately enforced" (Constitution of California, Article V, Section 13). The ...
.


Legal status

Unlike the Do Not Track header, GPC is a valid do-not-sell-my-personal-information signal according to the
California Consumer Privacy Act The California Consumer Privacy Act (CCPA) is a state statute intended to enhance privacy rights and consumer protection for residents of the state of California in the United States. The bill was passed by the California State Legislature and si ...
(CCPA), which stipulates that websites are legally required to respect a signal sent by users who want to opt-out of having their personal data sold. In July 2021, the
California Attorney General The attorney general of California is the state attorney general of the government of California. The officer must ensure that "the laws of the state are uniformly and adequately enforced" (Constitution of California, Article V, Section 13). The ...
clarified through an FAQ that under law, the Global Privacy Control signal must be honored. On August 24, 2022, the
California Attorney General The attorney general of California is the state attorney general of the government of California. The officer must ensure that "the laws of the state are uniformly and adequately enforced" (Constitution of California, Article V, Section 13). The ...
announced
Sephora Sephora is a French multinational retailer of personal care and beauty products, offering nearly 340 brands alongside its own private label, the Sephora Collection. Its product range includes cosmetics, skincare, fragrance, nail color, beauty t ...
paid a $1.2 million settlement for allegedly failing to process opt-out requests via a user-enabled global privacy control signal.


References


External links

* {{official website
Full technical specification
Hypertext Transfer Protocol headers Internet privacy