Global Privacy Control functions as a technical specification that issues universal opt-out signals. With GPC, individual people can seamlessly opt out of every data collection request through their preset browser settings. GPC provides multiple advantages in data privacy control, such as:
Empowering user privacy rights, with greater control over personal data
Improving website transparency for visitors
Streamlining compliance by minimizing the risks of policy loopholes
California Consumer Privacy Act: raising awareness for GPC compliance
The California Consumer Privacy Act (CCPA) was passed in 2020 and has remained a cornerstone for organizational privacy practices toward safeguarding consumer privacy rights. Failure to meet the regulations outlined by CCPA and CPRA regulations can lead to costly penalties, along with scrutiny of your company’s operations.
In 2022, the California General Attorney announced a settlement with French cosmetic retail brand Sephora due to the company's lack of disclosure in selling their customers’ personal information. Notably, the Sephora ruling is the first time a modern regulatory body has penalized a business for failing to enforce Global Privacy Control signals in their customer base.
Sephora Global Privacy Control
A third-party standard like GPC can help reduce a company’s risks of privacy violations by automatically conveying a user's opt-out consent signals to websites, providing seamless control over personal data. In this case, the California General Attorney issued Sephora a 30-day window period to resolve the violations, on top of $1.2 million in penalties.
The California Attorney General continues to issue warning letters to companies that fail to meet the CCPA’s strict requirement of providing a clear “Do Not Sell or Share My Personal Information” mechanism for data opt-out processes. Recently affected businesses include companies running mobile apps that appear to have violated CCPA clauses and the California Privacy Rights Act (CPRA), which branches from CCPA regulations.
The GPC team has collaborated closely with California's General Attorney office to make the technical specification legally binding based on CCPA regulations, going one step further than optional DNT plugins. Notably, Sephora's settlement addressed the brand’s lack of mechanisms for supporting user-enabled opt-outs, pointing to tools such as the GPC. The legal outcome of Sephora’s settlement shows that the GPC continues to gain attention as an essential privacy standard for modern governance practices.
Global Privacy Control signal instructions for consumers
Individual consumers can start using Global Privacy Control by downloading a web extension or browser compatible with the GPC signal. GPC directly integrates with Firefox, Brave, Abine, and DuckDuckGo privacy browsers and offers manual downloads of browser extensions. The manual option enables online users of other browsers, such as Safari, to quickly apply and benefit from the privacy protection provided by GPC. At a glance, compatibility with the most common browsers is as follows:
Global Privacy Control Firefox: GPC is directly integrated with Firefox. Get instructions here to enable.
You can check your browser's GPC status by visiting globalprivacycontrol.org, via an indicator at the top of the page that detects GPC activity.
When downloaded, GPC transmits its unique signal to participating websites so you can immediately opt out of any data sharing or selling request. With GPC activated, online users no longer need to manually consent to data opt-outs via individual website links. As such, GPC leads to a more secure, frictionless browsing experience.
Over 40 million users have used browsers or extensions with GPC support, resulting in an increasing number of websites and major publishers recognizing GPC as a legitimate opt-out signal.
Many individuals choose to leverage privacy-focused search engine extensions to protect their data online. One example of this is Privacy Badger, popular privacy extension that includes GPC signaling in their privacy controls for individual consumers.
How to implement Global Privacy Control compliance
Ketch is a Trust by Design programmatic privacy platform that can help you and your team enforce GPC implementation. The Ketch platform can enable you to enforce users’ Global Privacy Control choices in your downstream data systems and applications.
With Ketch in your corner, you can look forward to simplified privacy management that drives uncompromised data governance. The one-stop accessibility and advanced capabilities of the Ketch programmatic platform support privacy orchestration. Orchestration enables you to consistently maintain your company’s privacy posture across every touchpoint, online interaction, and jurisdiction without exception.
Using Ketch to comply with CCPA/CPRA and Global Privacy Control signals [on-demand webinar]
In a recent webinar, the Ketch team demonstrated exactly how to leverage Ketch for GPC signal compliance across your data ecosystem. Watch the video to see Ketch in action:
Begin your Ketch Demo to discover how you can structure your consent collection and enforcement processes to respect Global Privacy Control signals across your entire data ecosystem.
See Ketch in action
Businesses and brands use Ketch to enforce the GPC signal across websites and apps. See a demo today.