Advocates believe that under a provision of the California Consumer Privacy Act, activating the setting should send a legally binding request that website operators not sell their data. The setting may also be enforceable under Europe’s General Data Protection Regulation, and the backers of the standard are planning to communicate with European privacy regulators about the details of how that would work, says Peter Dolanjski, director of product at DuckDuckGo. At the moment, the official specification of the standard specifies that it’s in an experimental stage and “currently not intended to convey legally binding requests,” but that’s expected to change as legal authorities and industry groups have time to react to the standard and put it into place across the web, Dolanjski says.
“It’s going to take a little bit of time for them to make the modifications and all that,” he says.
If it becomes widely accepted and helps prevent website operators and companies from building cross-site profiles of their users, the new standard could help bring an element of privacy back to the web, advocates say. Global Privacy Control could not only help internet users avoid ads that seem to follow them across the web but also potentially limit some of the other negative aspects of today’s internet experience, from filter bubbles and misinformation to discrimination based on people’s behavior and perceived demographics, says Weinberg.
“It’s all traced back to the same behavioral data profiles,” he says.