New Privacy Browser Extension Released under CCPA Global Do Not Sell Rules

Alston & Bird

On October 7, 2020, an organization named Global Privacy Control (“GPC”) issued a press release announcing an initiative to make a new “global privacy control” available to consumers as contemplated by the CCPA Regulations. As analyzed in prior advisories, the CCPA Regulations appear to revive the possibility for Do Not Track technology, albeit in the form of Do Not Sell signals automatically broadcast by user-controlled tools. The CCPA Regulations require businesses operating online to treat “user-enabled global privacy controls” – like “browser plug-in[s] or privacy setting[s]” – as valid Do Not Sell requests when the user controls “communicate or signal the consumer’s choice to opt-out of the sale of their personal information.” However, to date, it has been questionable whether any technology exists that fulfills this requirement. This is particularly the case since, despite years of discussion, an industry standard for Do Not Track does not yet exist.

GPC appears to be endeavoring to introduce the first technology that will enable users to send “global”, CCPA-relevant Do Not Sell signals as contemplated by the CCPA Regulations. In the initial experimental phase of the project, individuals will be able to download browser extensions from Abine, Brave, Disconnect, DuckDuckGo, and the Electronic Frontier Foundation that will communicate their “do not sell or share” preferences. An initial group of participating publishers (which appears to include the New York Times and the Washington Post) and content hosters (which appears to include WordPress), will implement a standard published by GPC that responds to the browser-transmitted Do Not Sell signal.

GPC indicates that it hopes for this project to lead to “an open standard that many other organizations will support.” At the same time, it also states it “look[s] forward to working with [California] AG [Xavier] Becerra to make GPC legally binding under CCPA.”

GPC is potentially an initial step towards global user controls and/or standards that companies may be obligated to implement under the CCPA Regulations. However, the CCPA Regulations do not themselves state how a browser plugin or technology standard will be recognized as a “global privacy control” that businesses are legally obligated to respond to. Industry participants will also recall the complexities that attended discussions to arrive at a universal Do Not Track standard.

Alston & Bird will closely follow this technology and provide updates as it develops.

[View source.]

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Alston & Bird | Attorney Advertising

Written by:

Alston & Bird

Alston & Bird on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide