What are Do Not Track and Global Privacy Control Signals?

What are do-not-track (DNT) and Global Privacy Control (GPC) signals?

Do Not Track and Global Privacy Control are Webbrowser and device settings to opt-out of or limit the tracking with analytics services, advertising networks, sharing for personal data and other privacy threats.

How does it work?

Do-not-Track

When you browse on the Internet, multiple requests and responses happen between your browser and the website you are visiting. These are called HTTP 2 headers, and Do Not Track signals are part of them. They have three different values:

• 1: The user does not wish to be tracked

• 0: The user consents to tracking

• No header field: The user didn’t set a preference

When the website recognises the DNT header, it may stop third-party tracking.

Global Privacy Control

GPC works in a very similar way.

Are websites legally compelled to respect these signals?

Do-not-Track

Currently, there aren’t any common laws regulating responses to do-not-track. Therefore turning on this setting isn’t a guarantee at all: most websites simply ignore the request and track visitors anyway. However, websites’ Privacy Policies usually have to explain how they interact with the signal.

Global Privacy Control

GPC is partially binding in some jurisdictions like the EU under GDPR and California under CCPA. We recommend to read further here.

Sources

• https://underspy.com/blog/what-is-do-not-track-and-how-does-it-protect-you/ - Meaning

• https://www.eff.org/issues/do-not-track - How it works and purposes

• https://en.wikipedia.org/wiki/Do_Not_Track - General Information

• https://www.privacypolicies.com/blog/privacy-policy-dnt-do-not-track/ - Privacy Policies Legislation