Skip to content

CPRA Step 04

Respect the GPC or Global Privacy Control

Although not directly a part of the CPRA, California’s regulator, the CPPA has made clear that it will prosecute businesses that do not comply with the GPC. The GPC or Global Privacy Control is a global signal, set in a consumer’s browser that allows the user to opt out of data sharing for the purpose of marketing.

Given this, it is the same as a user opting out on your website and is a signal you must respect.

In order to comply with the GPC you can implement the GPC directly using the GPC's own specification and implementation guide. You also can implement via the IAB’s USP API.

If you're interested in learning more, you can read our privacy engineering tutorial on what the GPC is and how to support it now.

If you're unsure how to suppor the GPC, you can ask a question on the Fides Slack Community, or get Privacy Engineering Intelligence from Ethyca now.