Slash Boxes

SoylentNews is people

posted by Fnord666 on Thursday October 08 2020, @09:54AM   Printer-friendly
from the good-luck-with-that dept.

'Do Not Track' Is Back, and This Time It Might Work:

What do you call a privacy law that only works if users individually opt out of every site or app they want to stop sharing their data? A piece of paper.

Or you could call it the California Consumer Privacy Act. In theory, the law gives California residents the right to opt out of any business selling their data. In practice, it hasn't seen much use. Most people don't go to the trouble of opting out of every website, one at a time. One analysis, by DataGrail, a privacy compliance company, found that there were only 82 "do not sell" requests for every million consumer records over the first six months of the year. A study published last week by Consumer Reports helps explain why: Opting out of everything is a complicated pain in the ass.

Change could be coming, however. The CCPA includes a mechanism for solving the one-by-one problem. The regulations interpreting the law specify that businesses must respect a "global privacy control" sent by a browser or device. The idea is that instead of having to change privacy settings every time you visit a new site or use a new app, you could set your preference once, on your phone or in a browser extension, and be done with it.

Announcing Global Privacy Control in Privacy Badger:

Today, we're announcing that the upcoming release of Privacy Badger will support the Global Privacy Control, or GPC, by default.

GPC is a new specification that allows users to tell companies they'd like to opt out of having their data shared or sold. By default, Privacy Badger will send the GPC signal to every company you interact with alongside the Do Not Track (DNT) signal. Like DNT, GPC is transmitted through an HTTP header and a new Javascript property, so every server your browser talks to and every script it runs will know that you intend to opt out of having your data shared or sold. Compared with ad industry-supported opt-out mechanisms, GPC is simple, easy to deploy, and works well with existing privacy tools.

[...] The CCPA and other laws are not perfect, and many of our users continue to live in places without strong legal protections. That's why Privacy Badger continues to use both approaches to privacy. It asks websites to respect your privacy, using GPC as an official request under applicable laws and DNT to express what our users actually want (to opt out of all tracking). It then blocks known trackers, who refuse to comply with DNT, from loading at all.

Starting this release, Privacy Badger will begin setting the GPC signal by default. Users can opt out of sending this signal, along with DNT, in their Privacy Badger settings. In addition, users can disable Privacy Badger on individual first-party sites in order to stop sending the GPC signal to those sites.

Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Insightful) by Rosco P. Coltrane on Thursday October 08 2020, @11:30AM (3 children)

    by Rosco P. Coltrane (4757) on Thursday October 08 2020, @11:30AM (#1062041)

    The problem is that DNT isn't respected. Anybody with two working brain cells knows that. That's why nobody bothers to opt out or set DNT: everybody knows Google / Amazon / Microsoft / CloudFlare / Akamai will spew out some bromide like "we value your privacy", disregard your choice behind your back and track you anyway, and nobody will drag them to court over it.

    Starting Score:    1  point
    Moderation   +4  
       Insightful=4, Total=4
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   5  
  • (Score: 2) by DannyB on Thursday October 08 2020, @02:11PM

    by DannyB (5839) Subscriber Badge on Thursday October 08 2020, @02:11PM (#1062082) Journal

    There needs to be a statutory penalty that is high enough to make the Google / Amazon / Microsoft / Apple / CloudFlare / Facebook / Twitters of the world take note.

    It should be a simple procedure to file a complaint and have the penalty enforced.

    How would one discover that these companies are violating the law? Some periodic audit requirement? Some requirement to periodically file a sworn declaration?

    Trump is a poor man's idea of a rich man, a weak man's idea of a strong man, and a stupid man's idea of a smart man.
  • (Score: 0) by Anonymous Coward on Thursday October 08 2020, @02:16PM

    by Anonymous Coward on Thursday October 08 2020, @02:16PM (#1062086)

    The point here is that the law will be on the side of those being tracked.

    Its a paper shield, but a shield nonetheless.

  • (Score: 2) by JoeMerchant on Thursday October 08 2020, @03:18PM

    by JoeMerchant (3937) on Thursday October 08 2020, @03:18PM (#1062108)

    The only way to get respect is with credible penalties. If the value of collected information exceeds the potential cost of violations, violations will happen almost as frequently as if the toothless regulations didn't exist. PR and goodwill have value too (witness Apple's attempts to appear to protect customer privacy), but... PR tends to be a short lived single point value source, whereas broadly collected consumer information across large populations has much larger and longer lasting value.

    🌻🌻 []