What is Global Privacy Control
GPC or Global Privacy Control is a web-tool integrated into web browsers and their extensions that can be used to push out requests like “do not sell” to participating websites while surfing on the web. The GPC currently has some very big names as part of its consortium; the likes of Abine, Mozilla, The New York Times, and many more, with plans to tie up with several more organizations.
Conventionally, a user has to disallow manually the data collection on every site he/she visited and this is what GPC seeks to eliminate. GPC’s effectiveness stems from legal reforms, primarily the CCPA and the GDPR. While the CCPA or the California Consumer Protection Act has helped in strengthening privacy rights by pushing out a ‘do not sell’ request, the GDPR mandates the issue of a general request to limit the sharing of consumer’s online data.
You can download participating web browsers, extensions, or apps and enable Do Not Track. Online Privacy Leaders include Abine, Brave Privacy Browser, DuckDuckGo Privacy Browser, Mozilla Firefox, Disconnect, and Privacy Badger by EFF. Read: Best Privacy and Security Settings in Edge browser. The browser Brave has the GPC feature enabled upon download without an option to turn it off. The other participatory browsers or extensions, when in use, send the GPC information along with the data submitted to the website i.e. letting the website know that you do not want the data it has garnered to be shared with any advertiser. It is, however, not mandatory for websites to abide by this request of their users.
The Problem
Underneath’s GPC’s interest concept lies the problem of its restrictive scope. From the scathingly low number of participants to the fact that its ‘Do not sell’ request is not a through-and-through safety measure, GPC may not be all that we need to protect our online data, at least for now. Whenever a ‘do not sell’ request goes through the GPC website, the details of the person making the said request isn’t made available to the website to which the request’s been made. This restricts them from finding out the identity of the requester, thus restricting the scope of the data to that which is collected in that particular session, when, in turn, the user would like to have all the data that that particular website would have collected till date to be protected.
