What is Global Privacy Control?
A browser signal that tells websites you don't want your personal data sold or shared, legally enforceable under CCPA and recognized by some GDPR implementations.
Also known as: GPC
GPC is the successor to Do Not Track, designed with legal enforcement from the start.
How It Works
- Your browser sends a
Sec-GPC: 1header with every request - Under CCPA, businesses must treat this as a valid opt-out of data sales
- Under GDPR, some interpretations treat it as withdrawal of consent
Browser Support
- Brave: Enabled by default
- Firefox: Enabled by default
- DuckDuckGo: Enabled by default
- Chrome: Not supported natively (requires extension)
How It Differs from DNT
- DNT had no legal backing — websites could ignore it
- GPC has legal force under CCPA (California Consumer Privacy Act)
- The California AG has confirmed GPC is a valid opt-out mechanism
- Enforcement actions have been taken against companies ignoring GPC
Limitations
- Only legally binding in jurisdictions that recognize it
- Doesn't prevent tracking — only the sale/sharing of collected data
- Not all websites honor it (enforcement is ongoing)
Related Terms
CCPA
The California Consumer Privacy Act grants California residents rights over their personal information, including the right to know what data is collected, delete it, opt out of its sale, and not be discriminated against for exercising these rights.
Do Not Track (DNT)
An HTTP header that requests websites not to track the user, which is almost universally ignored and can actually make you more identifiable.
GDPR
The General Data Protection Regulation is a comprehensive data protection law in the European Union that gives individuals control over their personal data. It establishes strict requirements for how organizations collect, process, store, and transfer personal information.
Have more questions?
Use our guided flow to get the right next privacy step for Global Privacy Control.
Open Guided Flow