Thanks for doing this! On Thu, Jan 8, 2026 at 1:02 PM Mike West <[email protected]> wrote:
> I think prototyping a GPC implementation in the Blink and //content layers > of Chromium is quite reasonable. A number of embedders implement the > feature, and shifting those to a common implementation would likely be best > for the project at large. Have you talked to any other Chromium based > browsers about their implementations? It would be ideal to ensure that the > implementation we land on is compatible to the extent reasonable with > existing implementations (e.g. global flag vs content setting if any > embedders have chosen to allow users to make more granular decisions about > the scope of the signal). > Just chiming in case it's helpful, this is the pull request that added GPC support in Brave: https://github.com/brave/brave-core/pull/6743/. There were a couple of follow-ups, an important one being exposing navigator.globalPrivacyControl to workers: https://github.com/brave/brave-core/pull/17474. The HTTP header implementation was done using a network delegate helper: https://github.com/brave/brave-core/blob/master/browser/net/global_privacy_control_network_delegate_helper.cc. This was all back in 2020 though so probable that best practices have changed. > > That said, you raise some important questions about the UX, both in terms > of the settings necessary and the explanatory text around them. It seems > likely that different embedders will make different decisions about how the > feature should be represented to users, and that those decisions could be > interpreted as having legal and policy implications. I'd suggest that it > would be best to allow each embedder to implement their own settings and > explanations for the moment rather than baking one interpretation into > //chrome. > > Thanks for taking this on! > > -mike > > On Tue, Jan 6, 2026 at 7:49 PM Maciej Czarnecki <[email protected]> > wrote: > >> CL with initial implementation: >> https://chromium-review.googlesource.com/c/chromium/src/+/7319383 >> >> It has no user-facing settings, as I would need some decisions in regards >> of the place it should be put and its labels. Also Do-Not-Track toggle has >> a modal with an explanation what it does. Should GPC has it as well? >> >> wtorek, 6 stycznia 2026 o 16:38:41 UTC+1 Maciej Czarnecki napisał(a): >> >>> *Contact emails* >>> [email protected] >>> >>> *Specification* >>> https://w3c.github.io/gpc >>> >>> *Summary* >>> Implementation of Global Privacy Control (GPC) signal to enable users to >>> communicate their preference for privacy protection across websites. This >>> feature implements the W3C GPC specification ( >>> https://github.com/w3c/gpc/blob/main/explainer.md) and includes: (1) a >>> user preference setting to enable the Global Privacy Control signal, (2) >>> automatic transmission of the Sec-GPC HTTP header with a value of "1" on >>> all outgoing requests when enabled, and (3) JavaScript API exposure via the >>> navigator.globalPrivacyControl property allowing websites to detect the >>> user's GPC preference. When enabled, this signal indicates the user's >>> request to limit the sale or sharing of their personal information with >>> third parties. >>> >>> *Blink component* >>> Blink>Loader >>> <https://issues.chromium.org/issues?q=customfield1222907:%22Blink%3ELoader%22> >>> >>> *Web Feature ID* >>> gpc <https://webstatus.dev/features/gpc> >>> >>> *Motivation* >>> The signal is already implemented by other browsers and Chrome should >>> catch-up with this privacy setting. This year California signed a bill >>> under the CCPA/CPRA that obligates the browsers to provide ability to >>> communicate do-not-sell-or-share preference before 2027. Currently, Chrome >>> allows to send GPC header only via an extension which may be not sufficient >>> to be compliant with the bill. >>> >>> *Initial public proposal* >>> *No information provided* >>> >>> *Search tags* >>> gpc <https://chromestatus.com/features#tags:gpc>, global privacy control >>> <https://chromestatus.com/features#tags:global%20privacy%20control>, >>> Sec-GPC <https://chromestatus.com/features#tags:Sec-GPC>, CCPA >>> <https://chromestatus.com/features#tags:CCPA>, CPRA >>> <https://chromestatus.com/features#tags:CPRA> >>> >>> *Requires code in //chrome?* >>> False >>> >>> *Tracking bug* >>> https://issues.chromium.org/issues/40745270 >>> >>> *Estimated milestones* >>> >>> No milestones specified >>> >>> >>> *Link to entry on the Chrome Platform Status* >>> https://chromestatus.com/feature/5137324344213504?gate=5161638758055936 >>> >>> This intent message was generated by Chrome Platform Status >>> <https://chromestatus.com/>. >>> >> -- >> You received this message because you are subscribed to the Google Groups >> "blink-dev" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion visit >> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/2b54581d-fae3-4909-b2d8-55411fbe7dben%40chromium.org >> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/2b54581d-fae3-4909-b2d8-55411fbe7dben%40chromium.org?utm_medium=email&utm_source=footer> >> . >> > -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAAoq_usTaF3cDvXh%2BUsgsjd1dLF4fzbB__F%2B26K%3DYhr4MwHMGg%40mail.gmail.com > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAAoq_usTaF3cDvXh%2BUsgsjd1dLF4fzbB__F%2B26K%3DYhr4MwHMGg%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CANk9Ha1s_bq17n2U7%3DVQXp%2BYXzamDUUGBDHA5nJ2ws0TOaP%2BPQ%40mail.gmail.com.
