Announcing Global Privacy Control: Making it Possible for Consumers to Easily Exercise Their “Do Not Sell” Rights Under CCPA
With the introduction of privacy regulations such as the California Consumer Privacy Act (CCPA) and the General Data Protection Regulation (GDPR), consumers have more rights to limit the sale and sharing of their personal data than ever before. CCPA, in particular, gives California residents a legal right to opt-out of the sale of their data and requires businesses to respect user preferences through a signal from their web browser communicating the consumer’s request to opt-out. Various website browsers will also allow users to download browser privacy extension to help communicate their data preferences with participating publishers.
While this is great progress, it doesn’t amount to much if it is hard for people to take advantage of their new rights. Today, there is no defined or accepted technical standard for how such a web browser signal would work. Without that, users don’t have an easy way to express their preferences.
Indeed, in his recent testimony before the US Senate, California Attorney General Xavier Becerra explained:
One provision of our regulations intended to facilitate the submission of a request to opt-out of sale by requiring businesses to comply when a consumer has enabled a global privacy control at the device or browser level, which should be less time-consuming and burdensome. I urge the technology community to develop consumer-friendly controls to make exercise of the right to opt out of the sale of information meaningful and frictionless.
This effort, initially spearheaded by Ashkan Soltani (Georgetown Law) and Sebastian Zimmeck (Wesleyan University) now includes The New York Times, The Washington Post, Financial Times, Automattic (WordPress.com & Tumblr), Glitch, DuckDuckGo, Brave, Mozilla, Disconnect, Abine, Digital Content Next (DCN), Consumer Reports, and the Electronic Frontier Foundation (EFF).
In the initial experimental phase, individuals can download browsers and extensions from Abine, Brave, Disconnect, DuckDuckGo, and EFF in order to communicate their “do not sell or share” preference to participating publishers. Additionally, we are committed to developing GPC into an open standard that many other organizations will support and are in the process of identifying the best venue for this proposal.
We look forward to working with AG Becerra to make GPC legally binding under CCPA. At the same time, we are exploring GPC’s applicability and functionality with regard to other similar laws worldwide, such as the GDPR. We are excited about the prospect of empowering people with an easy-to-use tool to exercise their privacy rights.
Original article: GPC
