Your browser can tell websites how to handle your data. But companies didn’t have to listen – until now


Privacy conscious internet surfers will soon have an additional weapon on their side.

You can’t see it working, but a special signal known as global privacy control instructs every website you visit not to reveal your personal information behind your back.

Global data protection control is already hidden in the Brave web browser and the DuckDuckGo browser add-on. Soon the Firefox browser will add it. However, Chrome users will have to wait further.

This is a big deal because asking websites or apps not to share or sell your personal information involves finding company websites and sending a “don’t sell” request to each individual perpetrator. If you live in California, you have some privacy protection under the California Consumer Privacy Act, and businesses must comply with these requirements. If you live elsewhere, you are often unlucky. But tools like GPC lay the foundation for easier management of personal data as more states consider passing data protection laws.

According to Chief Technology Officer Eric Rescorla, Firefox will roll out the global privacy control signal on its flagship product in the next two or three months. Firefox did not take over the signal immediately, but waited to see what impact it would have in order to avoid data protection promises that are not valid, Rescorla said. But the new privacy control has some teeth, its creators say, and it has the potential to make a real difference in your online privacy by signing you out of data sharing before it does.

Firefox’s move comes after California Attorney General Rob Bonta clarified in July that California’s privacy law requires businesses to treat the signal like any other non-sales request from consumers. Bonta’s stance is significant as many companies have ignored the signal, making it a less effective tool despite its reported 40 million users worldwide.

Enforcement is ongoing, a representative from Bonta’s office said, and companies are required by law to respect signals from California consumers.

What is global data protection control?

Global privacy control is a browser setting that informs companies about your privacy settings, such as: B. whether you would like your personal information to be sold or shared by sending a signal to every website you visit.

A joint effort by privacy-conscious organizations and advocates including the Electronic Frontier Foundation and Consumer Reports, GPC is a successor to the ill-fated “Do Not Track” signal – you may remember when it popped up in browsers in the 2010s, then fizzled out when companies failed to adhere to it. But global privacy control has the law on its side – at least in California.

The CCPA allows California residents to “do not sell” and other data requests to someone communicating with businesses on their behalf or to an authorized agent. This authorized agent doesn’t have to be a person – it can also be a piece of technology. This is where GPC comes in.

Widespread interest in privacy has increased in recent years as shady corporate data practices came to light. Companies take your data and sell it or “share” it in exchange for services, says Don Marti, vice president of ecosystem innovation at CafeMedia, an ad management company and a former supporter of GPC.

“People used to say, ‘Oh, I ordered something from a catalog and then I started getting 50 catalogs,'” Marti said. The same is true today if you order something through a website, he said: Soon dozens of other companies could get their hands on your data.

The type of data sharing that GPC is addressing goes beyond the web, Marti said, so it should help reduce junk mail, calls and faxes. It also theoretically prevents big data companies like Facebook and Google from reusing data collected from one website elsewhere, according to Jason Kint, CEO of Digital Content Next, a trading organization for digital content creators including The Washington Post, contributing to the development of GPC.

That’s not to say GPC is the data protection solution to rule them all, Firefox’s Rescorla said. The tool does not prevent data exchange with official business partners who offer services such as fraud detection or website analysis. And right now, Californians are the only ones in the United States with confidence that GPC is an official opt-out request under their state’s privacy law. To find out if a particular website respects GPC, you can type its web address into a search tool at

Whether Virginia and Colorado, the only other states that have passed comprehensive data protection laws, will get companies honor GPC remains to be seen. But signs that California officials will enforce GPC bode well for the tool’s effectiveness.

Kint said it was “inevitable” that popular browsers like Google’s Chrome will be pressured to do the same. Chrome, which hasn’t implemented GPC, is by far the most popular browser, accounting for 66.7% of global desktop traffic in the first quarter of 2021, compared with 8.1% for Firefox.

“[Chrome] is the market leader and owned by a company that makes most of its money monitoring, targeting and tracking users and collecting as much data as possible, ”said Kint. “The browser itself is a user agent, it should work for the user. That should be a piece of cake. “

A Google spokeswoman said the company is “tracking” GPC but didn’t say whether it would add the feature.

What does that mean for you?

If you don’t want every website you visit to share your information, you can try sending the “don’t sell” signal with GPC.

If you are browsing with Brave, GPC is already running. You can also install a browser extension such as Privacy Badger, Disconnect, DuckDuckGo, Abine, and OptMeowt from the Electronic Frontier Foundation, all of which include GPC. (To find the extension, just search for “Disconnect for Chrome” or whatever browser you are using and download the extension.)

Currently, GPC is only available through Firefox Nightly, the browser’s early testing and development platform, which you can download from But in the next two or three months it will be added to the beta testing browser, then the main browser, Rescorla said. The process for turning on GPC should stay the same in the short term, he added, although Firefox will add a user-friendly interface once enforcement and expectations of GPC solidify.

First open the nightly browser and enter “about: config” in the search bar. Proceed with the warning. Then type globalprivacycontrol in the bar above that says “Search Setting Name” and two options should appear: privacy.globalprivacycontrol.enabled and privacy.globalprivacycontrol.functionality.enabled.

Both settings should be “false”. However, if you go to the icon that looks like two arrows on the right, you can toggle both of them to “true”.

Now open a new browser tab and go to You should see a green light at the top of the page that says “GPC Signal Detected”. That means it worked and GPC is sending out its “Don’t Sell” beacon on your behalf.

Source link


Comments are closed.