A group of tech companies, publishers, and activist groups including the Electronic Frontier Foundation, Mozilla, and DuckDuckGo are backing a new standard to let internet users set their privacy settings for the entire web.
“Before today, if you want to exercise your privacy rights, you have to go from website to website and change all your settings,” says Gabriel Weinberg, CEO of DuckDuckGo, the privacy-focused search engine.
That new standard, called Global Privacy Control, lets users set a single setting in their browsers or through browser extensions telling each website that they visit not to sell or share their data. It’s already backed by some publishers including The New York Times, The Washington Post, and the Financial Times, as well as companies including Automattic, which operates blogging platforms wordpress.com and Tumblr.
Advocates believe that under a provision of the California Consumer Privacy Act, activating the setting should send a legally binding request that website operators not sell their data. The setting may also be enforceable under Europe’s General Data Protection Regulation, and the backers of the standard are planning to communicate with European privacy regulators about the details of how that would work, says Peter Dolanjski, director of product at DuckDuckGo. At the moment, the official specification of the standard specifies that it’s in an experimental stage and “currently not intended to convey legally binding requests,” but that’s expected to change as legal authorities and industry groups have time to react to the standard and put it into place across the web, Dolanjski says.
“It’s going to take a little bit of time for them to make the modifications and all that,” he says.
If it becomes widely accepted and helps prevent website operators and companies from building cross-site profiles of their users, the new standard could