Websites' Global Privacy Control Compliance at Scale and over Time
Katherine Hausladen
34th USENIX Security Symposium (USENIX Security '25) · Day 3 · Privacy 2: Consent, Compliance, and Provable Privacy
In an era dominated by the "data for content" business model, where users often exchange personal information for access to online services, the right to opt out of data sharing and sales has become a critical privacy safeguard. However, exercising this right is frequently hampered by overly complex and opaque consent interfaces, leaving many users frustrated and their privacy preferences unheeded. This talk, presented by Sebastian Zc from Wesleyan University, introduces and rigorously evaluates the real-world adoption and effectiveness of **Global Privacy Control (GPC)**, a standardized mechanism designed to simplify and automate the process of opting out.
AI review
Competent empirical privacy research with genuine value for regulators and policy researchers — it's rigorous, longitudinal, and open-access. But this is measurement science, not security research in any meaningful offensive or defensive sense, and the findings (roughly half the web ignores a voluntary opt-out signal) won't surprise anyone who's spent five minutes thinking about adtech incentives.