• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to secondary sidebar

Alston & Bird Privacy, Cyber & Data Strategy Blog

  • Home
  • Services
  • Events
  • Contacts

New Privacy Browser Extension Released under CCPA Global Do Not Sell Rules

October 8, 2020 By Daniel Felz

On October 7, 2020, an organization named Global Privacy Control (“GPC”) issued a press release announcing an initiative to make a new “global privacy control” available to consumers as contemplated by the CCPA Regulations.  As analyzed in prior advisories, the CCPA Regulations appear to revive the possibility for Do Not Track technology, albeit in the form of Do Not Sell signals automatically broadcast by user-controlled tools.  The CCPA Regulations require businesses operating online to treat “user-enabled global privacy controls” –  like “browser plug-in[s] or privacy setting[s]” – as valid Do Not Sell requests when the user controls “communicate or signal the consumer’s choice to opt-out of the sale of their personal information.”  However, to date, it has been questionable whether any technology exists that fulfills this requirement.  This is particularly the case since, despite years of discussion, an industry standard for Do Not Track does not yet exist.

GPC appears to be endeavoring to introduce the first technology that will enable users to send “global”, CCPA-relevant Do Not Sell signals as contemplated by the CCPA Regulations. In the initial experimental phase of the project, individuals will be able to download browser extensions from Abine, Brave, Disconnect, DuckDuckGo, and the Electronic Frontier Foundation that will communicate their “do not sell or share” preferences.  An initial group of participating publishers (which appears to include the New York Times and the Washington Post) and content hosters (which appears to include WordPress), will implement a standard published by GPC that responds to the browser-transmitted Do Not Sell signal.

GPC indicates that it hopes for this project to lead to “an open standard that many other organizations will support.”  At the same time, it also states it “look[s] forward to working with [California] AG [Xavier] Becerra to make GPC legally binding under CCPA.”

GPC is potentially an initial step towards global user controls and/or standards that companies may be obligated to implement under the CCPA Regulations.  However, the CCPA Regulations do not themselves state how a browser plugin or technology standard will be recognized as a “global privacy control” that businesses are legally obligated to respond to.  Industry participants will also recall the complexities that attended discussions to arrive at a universal Do Not Track standard.

Alston & Bird will closely follow this technology and provide updates as it develops.

 

Filed Under: Advisories, California, CCPA, Enforcement, ePrivacy, Privacy, Regulation Tagged With: California Consumer Privacy Act (CCPA)

About Daniel Felz

Daniel Felz is a senior associate with Alston & Bird’s Privacy, Cyber & Data Strategy Team. Dan leverages his extensive international experience to advise clients on global privacy, cybersecurity, technology, and adversarial matters.

[Read Bio]

Primary Sidebar

This blog is a service of Alston & Bird’s Privacy, Cyber & Data Strategy team and focuses on key data privacy and data security issues.


Receive email notifications when new posts are added.

Receive email notifications when new posts are added.


THE DIGITAL DOWNLOAD
Click here to see the editions

PRIVACY & CYBER EVENTS
Click here to see upcoming and past events

PRIVACY & CYBER MAILINGS
Click here to sign up

@ALSTONPRIVACY
Click here to follow us on Twitter

Secondary Sidebar

Categories

Recent Posts

  • Recent Exploits of Blockchain Bridges Highlight Need for Cybersecurity in Crypto and Risk of Liability
  • Germany’s Cyber Threat Landscape – Top 3 Lessons from the BKA Situation Report
  • CPPA Board Opposes American Data Privacy and Protection Act
  • SEC Settles Enforcement Actions with Broker-Dealers and Investment Advisors for Identity Protection Deficiencies
  • UK Information Commissioner’s Office Issues Warning on Ransomware Payments
Copyright © 2022 · Alston & Bird · All Rights Reserved. Privacy.