This isn’t the first time that a tracking prevention mechanism has reached the W3C and been implemented by browsers.
In 2009 the Do Not Track (DNT) header was created as a way for web users to express their tracking preferences.
While it was widely implemented in browsers, it had a low adoption rate with websites.
The main problem with DNT was the lack of legal and regulatory backing it received.
Website owners could decide if they’d observe the DNT signal and there were no legal repercussions if they chose not to.
This is where GPC is different.
At the time of writing, the Attorney General for California has recommended observation of GPC to comply with CCPA.
There are also intentions to work with the European Union’s GDPR:
The GPC signal will be intended to communicate a Do Not Sell request from a global privacy control, as per CCPA-REGULATIONS §999.315 for that browser or device, or, if known, the consumer.
Under the GDPR, the intent of the GPC signal is to convey a general request that data controllers limit the sale or sharing of the user’s personal data to other da ta controllers (GDPR Articles 7 & 21).
Over time, the GPC signal may be intended to communicate rights in other jurisdictions. – globalprivacycontrol.org/#about
The signal also has support from various browsers and extensions including Mozilla’s Firefox, Brave and DuckDuckGo’s Privacy Browser.
GPC is different from other proposals being discussed and developed in that it gives power to the web user.
Google is working on the User-Agent Client Hints specification in the Web Platform Incubator Community Group, and Bounce Tracking Mitigation is on the Privacy Working Group’s charter.
While both proposals have their merits, neither gives the user a choice in the way that GPC does.
