Skip to main content
  1. Home
  2. Emerging Tech
  3. Features

The digital switch that blocks all websites from selling your personal data

By
 

Whenever you visit a website, it sets off a chain of modules that are programmed to make the most out of your data. In many cases, that means your personal information is put up for sale and sold to advertisers, marketing firms, and data brokers. Last year alone, U.S companies spent nearly $12 billion on acquiring such third-party audience data.

Recommended Videos

California’s sweeping new privacy law, the California Consumer Privacy Act (CCPA) — which went into effect at the beginning of this year — wants to crack down on this practice by offering Californians the right to opt out of the sale of their data. Businesses under this jurisdiction are also legally required to have an option on their websites that allows visitors to easily exercise this do-not-sell request and those that don’t can face fines and official inquiries.

But of course, no one wants to deal with another button or pop-up each time they visit a website. That’s where the Global Privacy Control (GPC) initiative comes in.

A not-for-sale sign on your private data

The Global Privacy Control, developed by a group of privacy-focused companies and researchers, is a technical standard that will act as a global setting so that you can opt out of the sale of your data everywhere on the internet with a flip of a common switch. This tool will come built into your browser and send a signal to CCPA-compliant websites telling them you don’t want your personal information on sale.

The GPC, which is in beta at the moment, is not yet enforced under the CCPA law. But in recent testimony, California Attorney General Xavier Becerra has detailed a provision in this law that would eventually facilitate a global opt-out switch like the Global Privacy Control. Later, in a tweet and in a statement to Digital Trends, Becerra further acknowledged and expressed support for the Global Privacy Control.

This proposed standard is a first step towards a meaningful global privacy control that will make it simple and easy for consumers to exercise their privacy rights online.
#DataPrivacy is the future, and I am heartened to see a wave of innovation in this space.

— Archive – Attorney General Becerra (@AGBecerra) October 7, 2020

“We believe getting privacy online should be simple and accessible to everyone, period,” Peter Dolanjski, director of products at DuckDuckGo, one of the early backers of the Global Privacy Control, told Digital Trends. “Global Privacy Control adds an additional layer of privacy protection which is simple to enable and intended to be backed by legal enforcement, starting with the CCPA and expanding to other jurisdictions over time.”

Succeeding where Do Not Track failed

“Legally” is indeed the key word here. For years, privacy advocates have been waging a war against internet and data companies to secure fundamental security rights and push back against invasive online practices that commercialize people’s private information. Without a law to back them up, however, most of these efforts have fallen through the cracks or only achieved low-impact results.

The decade-old Do Not Track specification is the epitome of this. Since it was never made mandatory by law, it didn’t actually do anything in reality and businesses simply ignored it and continued to track users as they pleased. Eventually, many tech companies like Apple just gave up and even removed the Do Not Track option from their services.

Even if Do Not Track had passed, it never had the technological infrastructure it needed to be truly effective. Let’s be real: How often do we bother to read the General Data Protection Regulation (GDPR) warnings and confirmations thrown at us by websites? In fact, a study by DataGrail revealed that since the CCPA went live on January 1, 2020, only 82 “do not sell” requests were sent for every million consumer records.

The Global Privacy Control theoretically suffers from none of these concerns. It already has a legal backbone in California, and it’s embraced by a notable cohort of organizations including Mozilla, Brave, the Electronic Frontier Foundation (EFF), Automattic (WordPress and Tumblr), The New York Times, and more.

As the GPC signal runs automatically in the background, people won’t have to hunt down and toggle an option themselves. In its beta release, the Global Privacy Control has been rolled out to a handful of platforms, and you can try it today on DuckDuckGo, Brave, Google Chrome (thanks to the EFF’s add-on, called Privacy Badger), and more.

Privacy Badger Global Privacy Control
Image used with permission by copyright holder

Kelvin Coleman, the executive director of the National Cyber Security Alliance (NCSA), believes GPC’s legal buffers will help it legitimize its goals, as opposed to “Do Not Track” which was “rolled out in a vacuum.”

“With CCPA and GDPR existing as legal precedents, companies are forced to navigate a minefield of compliance issues and heavy fines if they’re not careful about how they handle user data. This creates more incentive to accept GPC in the long run,” Coleman said.

Not the silver bullet yet: The long, grueling road ahead

However, security researchers warn that it will take years before the Global Privacy Control materializes on a wide scale and, even then, it may not be the silver bullet for egregious online data abuses. More importantly, the GPC’s legal scope, assuming it’s bound in the CCPA, is limited to California. On top of that, it doesn’t apply to data shared with nonprofits, government agencies, and businesses that make less than $25 million in revenue.

Sebastian Zimmeck, one of the founding members of the GPC and a computer science professor at Wesleyan University, remains optimistic and argues that while California currently is a major use case, the technology behind it is law-agnostic and can be bent to have varied legal bindings depending on how other jurisdictions draft their privacy legislation in the future.

DuckDuckGo’s Dolanjski adds that the consortium is also talking to “various parties in the European Union” to integrate the Global Privacy Control with GDPR.

The European Data Protection Supervisor, GDPR’s official privacy watchdog, didn’t comment on whether it’s exploring GPC partnerships, but it said in a statement that it welcomes “privacy-oriented initiatives that may have a positive impact on a more sustainable digital economy and that promote competition in the field of technology in an era of growing digitization.”

Another shortcoming that could cripple the GPC’s success is that unless it’s activated on each one of your browsing sessions on all of your devices, it will have little effect on your online privacy. You see, the Global Privacy Control signal is beamed every time you visit a website. It’s not universally activated on your profile.

“Our information is at risk more than ever, and the GPC could be the steppingstone we need for enabling a future where privacy is a legal right, not a personal choice.”

So for instance, you can ask a particular site on your computer to not sell your data with GPC. But when you go to that site again on your phone, where GPC may not be available yet, the business is free to misuse your private information.

Peter Snyder, a senior privacy researcher at Brave, sees the GPC as a floor and hopes that responsible websites, companies, and advertisers will use it “as part of a multifaceted approach to make sure they are ethically and responsibly respecting users and user privacy” including automatically applying it to all sessions if the visitor has an account with them.

Then there’s the conflict question. What if the site already has your consent to sell your private information in its Privacy Policy?

How the GPC adapts to the cobweb of permissions and pop-ups websites requests remains to be seen once more participants get on board. But Zimmeck suggests this will depend on the law. The CCPA, for instance, dictates that businesses must respect the opt-out signal no matter what and, if needed, notify or reach out to the customer to resolve any specific disputes.

Despite its flaws, the Global Privacy Control appears promising and potentially the best shot yet at cutting back data misuse online. Our information is at risk more than ever, and the GPC could be the steppingstone we need for enabling a future where privacy is a legal right, not a personal choice.

“Until there’s a wider collective of participating publishers, businesses, and websites — coupled with sufficient legal enforcement — the GPC will continue to be an ideal with limited range,” said NCSA’s Coleman. “But that ideal shows real promise in the face of greater adoption.”

Topics
Shubham Agarwal
Shubham Agarwal
Former Digital Trends Contributor
Shubham Agarwal is a freelance technology journalist from Ahmedabad, India. His work has previously appeared in Firstpost…
Rivian set to unlock unmapped roads for Gen2 vehicles
rivian unmapped roads gen2 r1t gallery image 0

Rivian fans rejoice! Just a few weeks ago, Rivian rolled out automated, hands-off driving for its second-gen R1 vehicles with a game-changing software update. Yet, the new feature, which is only operational on mapped highways, had left many fans craving for more.
Now the company, which prides itself on listening to - and delivering on - what its customers want, didn’t wait long to signal a ‘map-free’ upgrade will be available later this year.
“One feedback we’ve heard loud and clear is that customers love [Highway Assist] but they want to use it in more places,” James Philbin, Rivian VP of autonomy, said on the podcast RivianTrackr Hangouts. “So that’s something kind of exciting we’re working on, we’re calling it internally ‘Map Free’, that we’re targeting for later this year.”
The lag between the release of Highway Assist (HWA) and Map Free automated driving gives time for the fleet of Rivian vehicles to gather ‘unique events’. These events are used to train Rivian’s offline model in the cloud before data is distilled back to individual vehicles.
As Rivian founder and CEO RJ Scaringe explained in early March, HWA marked the very beginning of an expanding automated-driving feature set, “going from highways to surface roads, to turn-by-turn.”
For now, HWA still requires drivers to keep their eyes on the road. The system will send alerts if you drift too long without paying attention. But stay tuned—eyes-off driving is set for 2026.
It’s also part of what Rivian calls its “Giving you your time back” philosophy, the first of three pillars supporting Rivian’s vision over the next three to five years. Philbin says that philosophy is focused on “meeting drivers where they are”, as opposed to chasing full automation in the way other automakers, such as Tesla’s robotaxi, might be doing.
“We recognize a lot of people buy Rivians to go on these adventures, to have these amazing trips. They want to drive, and we want to let them drive,” Philbin says. “But there’s a lot of other driving that’s very monotonous, very boring, like on the highway. There, giving you your time back is how we can give the best experience.”
This will also eventually lead to the third pillar of Rivian’s vision, which is delivering Level 4, or high-automation vehicles: Those will offer features such as auto park or auto valet, where you can get out of your Rivian at the office, or at the airport, and it goes off and parks itself.
While not promising anything, Philbin says he believes the current Gen 2 hardware and platforms should be able to support these upcoming features.
The second pillar for Rivian is its focus on active safety features, as the EV-maker rewrote its entire autonomous vehicle (AV) system for its Gen2 models. This focus allowed Rivian’s R1T to be the only large truck in North America to get a Top Safety Pick+ from the Insurance Institute for Highway Safety.
“I believe there’s a lot of innovation in the active safety space, in terms of making those features more capable and preventing more accidents,” Philbin says. “Really the goal, the north star goal, would be to have Rivian be one of the safest vehicles on the road, not only for the occupants but also for other road users.”

Read more
Jaguar Land Rover, Nissan hit the brake on shipments to U.S. over tariffs
Range Rover Sport P400e

Jaguar Land Rover (JLR) has announced it will pause shipments of its UK-made cars to the United States this month, while it figures out how to respond to President Donald Trump's 25% tariff on imported cars.

"As we work to address the new trading terms with our business partners, we are taking some short-term actions, including a shipment pause in April, as we develop our mid- to longer-term plans," JLR said in a statement sent to various media.

Read more
DeepSeek readies the next AI disruption with self-improving models
DeepSeek AI chatbot running on an iPhone.

Barely a few months ago, Wall Street’s big bet on generative AI had a moment of reckoning when DeepSeek arrived on the scene. Despite its heavily censored nature, the open source DeepSeek proved that a frontier reasoning AI model doesn’t necessarily require billions of dollars and can be pulled off on modest resources.

It quickly found commercial adoption by giants such as Huawei, Oppo, and Vivo, while the likes of Microsoft, Alibaba, and Tencent quickly gave it a spot on their platforms. Now, the buzzy Chinese company’s next target is self-improving AI models that use a looping judge-reward approach to improve themselves.

Read more