The policy states that Verizon processes the Global Privacy Control browser signal as an opt-out of sale or sharing of personal information for residents of states that legally require GPC recognition. The technical implementation in the page source confirms GPC detection logic is present.
This analysis describes what Verizon's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision establishes Verizon's stated approach to automated opt-out signals, which is a compliance requirement under CPRA for California residents and under similar statutes in other states. The qualifying language 'where Verizon is able to do so' and 'for residents of states that require recognition' introduces scope limitations that compliance teams should evaluate.
Interpretive note: The provision limits GPC processing to states that 'require recognition,' creating jurisdiction-dependent outcomes; the specific states covered and the technical scope of the opt-out are not fully enumerated in the policy text.
Current version adds conditional language 'where Verizon is able to do so' and expands scope from California residents only to 'residents of states that require recognition' of GPC signals, weakening the commitment.
View full change record →Under this provision, users with the Global Privacy Control signal enabled in their browser will have that signal treated as an opt-out of sale or sharing of personal information, subject to applicable state law requirements. The policy limits this processing to states that legally require GPC recognition.
How other platforms handle this
enableGpcSdk: true, gpcSetting: { privacyPolicyLink: '/Privacy-Security-Policy-a-282.html' }
We process Global Privacy Control signals as opt-out requests for the sale or sharing of personal information.
The Service is intended for general audiences and is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe that your child under the age of 13 has provided us with personal information without your cons...
Monitoring
Verizon has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"We process the Global Privacy Control signal where Verizon is able to do so. If you have a GPC signal enabled on your browser, we will process it as a request to opt out of the sale or sharing of personal information for residents of states that require recognition of this signal.— Excerpt from Verizon's Verizon Privacy Policy
1. REGULATORY LANDSCAPE: CPRA requires businesses to recognize the Global Privacy Control signal as a valid opt-out of sale or sharing of personal information for California residents. Colorado, Connecticut, and other states with active privacy statutes have similar requirements. The California Privacy Protection Agency is the primary enforcement authority for GPC compliance in California. 2. GOVERNANCE EXPOSURE: Medium. The qualifying language in the provision, limiting GPC processing to states that 'require recognition,' may mean that users in states without explicit GPC mandates do not receive this opt-out treatment even if GPC is enabled. Compliance teams should assess whether this limitation is consistent with applicable law. 3. JURISDICTION FLAGS: GPC recognition is required by California under CPRA and by Colorado, Connecticut, and other states with enacted privacy statutes. The provision's state-conditional framing creates jurisdiction-dependent outcomes for GPC users. 4. CONTRACT AND VENDOR IMPLICATIONS: Advertising and analytics vendors receiving data from Verizon should be informed of GPC-triggered opt-outs to ensure downstream data flows are appropriately restricted when a GPC signal is processed. 5. COMPLIANCE CONSIDERATIONS: Compliance teams should audit the technical implementation of GPC processing across all Verizon digital properties to confirm that the signal is recognized and processed consistently with CPRA and other applicable state requirements. The scope of data uses suspended upon GPC recognition should be documented.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision establishes Verizon's stated approach to automated opt-out signals, which is a compliance requirement under CPRA for California residents and under similar statutes in other states. The qualifying language 'where Verizon is able to do so' and 'for residents of states that require recognition' introduces scope limitations that compliance teams should evaluate.
Under this provision, users with the Global Privacy Control signal enabled in their browser will have that signal treated as an opt-out of sale or sharing of personal information, subject to applicable state law requirements. The policy limits this processing to states that legally require GPC recognition.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Verizon.