“Global Privacy Control” – browser signal against data trading

A new alliance around the New York Times wants to give users the opportunity to avoid data trading for advertising purposes via browser settings.With a kind of reduced Do Not Track standard, a new industrial Allianz give consumers an opportunity to evade the global trade in personal information. The “Global Privacy Control” group formed around the New York Times and Washington Post has presented specifications that website operators and browser manufacturers are supposed to integrate into their products. The browser manufacturers Mozilla and Brave are also there.


Alliances in the advertising battle

The new initiative is part of the battle for the future online advertising, which has been fueled by Google’s withdrawal from third-party cookies. While the adtech industry and advertising customers try to maintain the status quo as much as possible, publishers see the opportunity to reduce their dependence on large advertising networks and set up their own advertising programs.

Don’t miss any news! With our daily newsletter you will receive all the news from heise online for the past 24 hours every morning.

The initiative primarily relates to the California Consumer Privacy Act (CCPA), which expressly provides that users have their personal Being able to mark data with a “Do not sell” note. With this, tracking for advertising purposes would still be generally possible – however, the disclosure of profile information should be prohibited. Global Privacy Control wants to seek official recognition by the Californian authorities so that companies from Silicon Valley would be forced to respect this signal.

Standard for the USA and Europe

Also under the European one General Data Protection Regulation (GDPR), the new GPC signal should apply as a binding declaration by consumers. However, the legal regulation is still pending. The GDPR provides for corresponding consumer declarations. But what specific form this declaration of intent can take is not regulated here. The ePrivacy Regulation, which was three years overdue, could clarify this. In the most recent drafts under the German Council Presidency, “Personal Information Management Services” are expressly provided for. However, the federal government is apparently thinking more of login alliances such as NetID or Verimi, which would continue to allow the economy to collect millions of user profiles in silos.

Now it is time to spread and test the standard. If you want to try out the new standard, you can install a plug-in from various providers such as the privacy-oriented search engine DuckDuckGo or the American civil rights organization EFF. In addition to the New York Times and the Washington Post, the Financial Times and Automattic also want to respect the new signal with the WordPress and Tublr platforms.

Conflicts about standards

The first Attempts to establish a “Do Not Track2” standard had failed after publishers and the advertising industry simply refused to respect the signal sent by browsers. Not trading in data would have cost publishers a large part of their advertising income, as line items were in the Almost completely shifted to data-driven channels in the past ten years.

With the new privacy laws behind them, Global Privacy Control is attempting a new compromise between user interests and advertising funding: For example, the Washington Post, under the aegis of Amazon founder Jeff Bezos, developed the Zeus system, with which im Editorial system itself, user profiles can be generated, which can be used for content and advertising display. The New York Times and now also German publishers want to jump on this bandwagon. The catch: Even if the publishers can advertise with a large user base free of fake news and bots, large advertising customers are currently still tending towards even larger networks and insist on implementing their own tracking technology in order to guarantee the exact billing of advertising costs 59>

Standards and power

The GPC signal could put an obstacle in the way of this business model, so that smaller market participants also have a chance to market their own solutions. The conflict will soon be resolved in the standardization committees. The New York Times joined the W3C about a few weeks ago in order to have a say as to which technology should replace the third-party cookie. In the web standardization committee, Google’s proposal Turtledove is currently being discussed, in which the user profiles should be stored in the browser. A third approach, the Rearc project of the IAB advertising association, relies on a new identifier that should continue to enable user profiles to be compared across company and national borders.

In addition to the technical debates about standards, it is also about the sheer power on the net. Apple was able to enforce its own privacy standards largely without considering other interests – and is now facing headwinds from competition and government regulators.