To exercise their privacy rights, individuals express preferences to organisations that may collect their data. However, individuals undertake hundreds (if not thousands) of electronic interactions each day.
Just as our technological tools gave us the ability to reach so far, we should have tools that enable us to exercise our rights to the same extent. In the Mid-Atlantic Privacy discussion of Interoperability, we identified this need for global standards for compliance between multiple legal regimes and for cooperation between technical platforms.
Earlier today, a group of stakeholders consisting of technologists, media organisations, and technology companies announced an example of just such a tool: the Global Privacy Control (GPC). In addition to describing the concept of a simple signal that a web browser could communicate to sites, they also posted technical specifications and identified web browsers that have already agreed to participate.
This effort is still in its trial phase, but it shows the power of interoperability - if GPC were to be technically adopted and deemed to fit global legal requirements. With this in mind, how might this standard align with the Personal Information Protection Act (PIPA)?