Global Privacy Control (GPC)

What is Global Privacy Control (GPC)?

Global Privacy Control (GPC) is a browser specification that allows users to send a universal signal to every website they visit, indicating their preference to opt-out of the sale or sharing of their personal data. Instead of manually clicking "Do Not Sell My Personal Information" on every footer, a user enables GPC once in their browser, and the signal is automatically communicated via HTTP headers.

Why does GPC matter?

GPC is critical for automating privacy compliance. Under the California Consumer Privacy Act (CCPA) and Colorado Privacy Act (CPA), honoring the GPC signal is mandatory. If a website detects a GPC signal, it must legally treat that user as having validly opted out of tracking, regardless of whether they interacted with the cookie banner. Tools like Clym detect and honor this signal automatically.

FAQs about Global Privacy Control

Browsers like Firefox, Brave, and DuckDuckGo have native GPC support. Chrome users typically need to install a browser extension (like Privacy Badger) to broadcast the signal.

Yes. The California Attorney General has confirmed that the GPC signal constitutes a valid consumer request under the CCPA. Businesses that ignore the signal are liable for non-compliance.

Not necessarily. While GPC handles the "Opt-Out" for data sales, websites may still need a banner to inform users about data collection, handle "Opt-In" for sensitive data, or address GDPR requirements.

Global Privacy Control (GPC)

What is Global Privacy Control (GPC)?

Why does GPC matter?

FAQs about Global Privacy Control

Is GPC legally binding?

Does GPC replace the need for a cookie banner?