That’s what the Global Privacy Control—or GPG—does.
Surely those should not be in the "other" list?Other supporters of GPC include ..., Brave, Mozilla, ...
This raises the question of what a sensible default is. For Brave, which has privacy as its raison d'être, it's not difficult (though that it would not be configurable feels weird to me), but what is the right answer for Mozilla, or Vivaldi, or—dare I even ask—Chrome? It ought to be private-by-default for any true user agent as far as I'm concerned, but then it should just be illegal to be a privacy-invading monster in the first place, shouldn't it?Once implemented in the release, the control will be “on by default and unconfigurable.”
There's something about this sentence that is both exciting and scary:
"Now, privacy advocates are back with a new specification, and this time they’ve brought the lawyers."
What we need is some court decisions on this (in the US at least) that cause significant financial damages (e.g., in the millions of dollars) for things to truly change, otherwise, paltry penalties just become the "cost of doing business."
Privacy Badger already sends the GPC signal.Great initiative. Looking forward to seeing it in Firefox too.
Meanwhile, Privacy Badger, NoScript and uBlock Origin will have my back (and probably will still, even when GPC is implemented.)
Well you first need to prove that the website you visit is selling your data. Or that the adds happen to be personalized. Wouldn't surprise me at all if Google starts handing out a module that does something to the data locally then have the "anonymized" data shipped of to them in batches.It will require at least one high profile lawsuit by California's AG before it has teeth. But this was exciting news to read on WaPo last night and as always, a more comprehensive report on ars.
There's something about this sentence that is both exciting and scary:
"Now, privacy advocates are back with a new specification, and this time they’ve brought the lawyers."
What we need is some court decisions on this (in the US at least) that cause significant financial damages (e.g., in the millions of dollars) for things to truly change, otherwise, paltry penalties just become the "cost of doing business."
In reality, the court decision will probably be something like "malware is free speech, and so is selling all the data you sucked up."
Privacy Badger already sends the GPC signal.Great initiative. Looking forward to seeing it in Firefox too.
Meanwhile, Privacy Badger, NoScript and uBlock Origin will have my back (and probably will still, even when GPC is implemented.)
Technically they operate in the same way: both DNT and Sec-GPC are simple present/not present mechanisms. DNT could have been re-used, but it's already widely ignored and caries some social stigma, so I guess they figured a new header-field was warranted.If the only difference is (potential) legal enforcement, couldn't they have just reused the Do Not Track header instead of introducing a new one?
This raises the question of what a sensible default is. For Brave, which has privacy as its raison d'être, it's not difficult (though that it would not be configurable feels weird to me), but what is the right answer for Mozilla, or Vivaldi, or—dare I even ask—Chrome? It ought to be private-by-default for any true user agent as far as I'm concerned, but then it should just be illegal to be a privacy-invading monster in the first place, shouldn't it?Once implemented in the release, the control will be “on by default and unconfigurable.”
I'm not sure I see this going any differently than DNT.
Bet they'll still get away with running their malware "ads" somehow.
Hmm, I have Privacy Badger enabled but still get the "red dot" when visiting the GPC website. Is this some regional limitation (I'm in Norway) or are Privacy Badger bragging about this before they've implemented it?Privacy Badger already sends the GPC signal.Great initiative. Looking forward to seeing it in Firefox too.
Meanwhile, Privacy Badger, NoScript and uBlock Origin will have my back (and probably will still, even when GPC is implemented.)
For anyone else not seeing the GPC signal with Privacy Badger in Firefox - it's working for me after updating the addon (go to Addons, click the "Manage Your Extensions" button at the top, then select "Check For Updates").
Bet they'll still get away with running their malware "ads" somehow.
That would be sensible, but this is the Do Not Track, Or Else header, and the extra weight behind that statement makes it incompatible.If the only difference is (potential) legal enforcement, couldn't they have just reused the Do Not Track header instead of introducing a new one?
It definitely works on mobile Firefox with the Privacy Badger extension. That's the one I tested.Hmm, I have Privacy Badger enabled but still get the "red dot" when visiting the GPC website. Is this some regional limitation (I'm in Norway) or are Privacy Badger bragging about this before they've implemented it?
While I'm less concerned about privacy this is interesting to me if it this stops the damn accept cookies pop ups on every site. Does it stop that?
Wikia was the first thing that really made me feel like maybe this whole Internet thing was a bad idea. Rickroll? ActiveX? Flash sites? All bad. Wikia is worse.Bet they'll still get away with running their malware "ads" somehow.
IDGAF. That's what uBlock is for. Haven't felt the slightest bit bad about robbing every single site of their precious revenue since Wikia.com forced me to regain control via hard disk reformat in 2010 with their shitty malvertising.
While I'm less concerned about privacy this is interesting to me if it this stops the damn accept cookies pop ups on every site. Does it stop that?
For that, you should use the amazing "I don't care about cookies" browser extension![]()
By using it, you explicitly allow websites to do whatever they want with cookies they set on your computer
And you don't even need a header to announce it, hoping the website will comply because it is within the reach of law.Great initiative. Looking forward to seeing it in Firefox too.
Meanwhile, Privacy Badger, NoScript and uBlock Origin will have my back (and probably will still, even when GPC is implemented.)
Cookie AutoDelete is probably what you want. As the name says, once auto cleaning is enabled, after closing a tab it will wipe out associated cookies and local storage, except from domains that you explicitly whitelist. A must-have alongside uBlock.While I'm less concerned about privacy this is interesting to me if it this stops the damn accept cookies pop ups on every site. Does it stop that?
For that, you should use the amazing "I don't care about cookies" browser extension![]()
Worth noting in that extensions own wordsBy using it, you explicitly allow websites to do whatever they want with cookies they set on your computer
What I really want is one that does the opposite of that.
It seems like this protocol would have to be written into the law before websites could be legally required to honor it. Otherwise, why would websites be legally required to honor this protocol but not other, competing standards (such as Do Not Track)?
Surely California cannot write a law that says "Websites must honor every privacy-related web protocol, both ones that are in existence now and ones that may come later."
If a user has requested that their data "not be sold or shared" via setting a Global Privacy Control preference, that preference needs to be expressed to all mechanisms that might collect data from or share data with third parties.
If set, this preference is expressed as a single value of 1 or equivalently true according to context, which conveys the fact that a user is requesting a do-not-sell-or-share interaction.
A user agent MUST NOT expose or send a Global Privacy Control preference expression if a Global Privacy Control preference is not enabled.
I just tried EFF's Privacy Badger on Chrome and it seems not to send the GPC signal as checked on globalprivacycontrol.orgPrivacy Badger already sends the GPC signal.Great initiative. Looking forward to seeing it in Firefox too.
Meanwhile, Privacy Badger, NoScript and uBlock Origin will have my back (and probably will still, even when GPC is implemented.)
Gdpr is a pure crap. That why most of the websites do not use it.It seems like this protocol would have to be written into the law before websites could be legally required to honor it. Otherwise, why would websites be legally required to honor this protocol but not other, competing standards (such as Do Not Track)?
Surely California cannot write a law that says "Websites must honor every privacy-related web protocol, both ones that are in existence now and ones that may come later."
I don't know about California's law specifically , although the article specifically says that law contemplated their existence. But from a GDPR standpoint I don't actually think a website can use it even if they want to.
I'd happily throw this on my websites and delete the data processing and cookie notifications etc. and tell users to use their browser setting. But GDPR requires I get opt-in consent and looking at the spec this explicitly can't ever provide opt-in consent (emphasis mine).
If a user has requested that their data "not be sold or shared" via setting a Global Privacy Control preference, that preference needs to be expressed to all mechanisms that might collect data from or share data with third parties.
If set, this preference is expressed as a single value of 1 or equivalently true according to context, which conveys the fact that a user is requesting a do-not-sell-or-share interaction.
A user agent MUST NOT expose or send a Global Privacy Control preference expression if a Global Privacy Control preference is not enabled.
I need a preference that's a 1 if enabled, 0 if not, and not there if not supported. GDPR requires I know the difference between not-supported and opted-in and this explicitly does not do that. So it's a no from me and I imagine from Europe unless they update GDPR to legally write this in.
Privacy Badger already sends the GPC signal.Great initiative. Looking forward to seeing it in Firefox too.
Meanwhile, Privacy Badger, NoScript and uBlock Origin will have my back (and probably will still, even when GPC is implemented.)
Surely those should not be in the "other" list?Other supporters of GPC include ..., Brave, Mozilla, ...
One can hide these with uBlock (right click on page + Block element + select the thing you want gone; might need a bit of practice to find the right layer to hide). If one has a bit of CSS knowledge, Stylus and similar extensions can do the trick too.Privacy Badger already sends the GPC signal.Great initiative. Looking forward to seeing it in Firefox too.
Meanwhile, Privacy Badger, NoScript and uBlock Origin will have my back (and probably will still, even when GPC is implemented.)
Will Privacy Badger stop Reddit from asking to install it's app one link down in comments?
Asking for a friend ;-)
S