What is device and browser fingerprinting?

Device fingerprinting can follow you around the web without you even knowing. How can you stay private?

Browser fingerprinting is a tracking method that allows websites to identify and track users by collecting information about their web browser and the device they are using. This information can include the version of the browser being used, the type of device, the operating system, the language preference, the time zone, and other details.To prevent browser fingerprinting, you can use a privacy-focused web browser that blocks or disguises this information, such as Mozilla Firefox with the Privacy Badger extension or the Tor Browser. You can also use a virtual private network (VPN) to mask your IP address and encrypt your internet connection, making it more difficult for websites to track your online activity. Additionally, you can use browser extensions that block tracking cookies and other forms of tracking, such as Ghostery.It's also a good idea to keep your web browser and operating system up to date, as this can help prevent vulnerabilities that could be exploited for tracking purposes. You can also clear your browser's cache and cookies regularly, as this can help prevent websites from tracking your browsing history and preferences.Finally, be cautious when sharing personal information online, as this can be used to identify you and track your online activity. Consider using a pseudonym or fake name instead of your real name, and be selective about the information you share on social media and other websites.

Is it legal for services to collect browser or device fingerprints?

In most countries, browser fingerprinting is not explicitly illegal. However, the use of this technique for tracking and identifying users without their knowledge or consent may be considered a violation of privacy laws, depending on the jurisdiction and the specific circumstances.For example, in the European Union, the General Data Protection Regulation (GDPR) requires that companies obtain explicit consent from users before collecting and processing their personal data, including information collected through browser fingerprinting. In the United States, the California Consumer Privacy Act (CCPA) and other state laws place similar requirements on companies that collect personal data from users.It's important to note that laws and regulations regarding the use of browser fingerprinting and other tracking technologies are constantly evolving, and it's always a good idea to stay informed about the legal landscape in your jurisdiction. If you have concerns about sites that use device fingerprinting or other tracking techniques, you may want to consider using privacy-focused tools and practices to protect your online privacy.

Preventing fingerprinting

There are several ways that devices and web browsers can prevent various fingerprinting techniques:

Use a privacy-focused web browser: Some web browsers, such as Mozilla Firefox with the Privacy Badger extension, Brave Browser, or the Tor Browser, are designed to block or disguise the information that is typically collected for fingerprinting purposes. These browsers may also include features like tracking protection, cookie blocking, and anti-fingerprinting technologies to help protect users' privacy.
Use a virtual private network (VPN): A VPN can mask a user's IP address and encrypt their internet connection, making it more difficult for websites to track their online activity or identify their device.
Use browser extensions: There are various browser extensions that can block tracking cookies and other forms of tracking, such as Ghostery. These extensions can help prevent websites from collecting information about the user's browsing history and preferences. You could even disable client-side JavaScript, but this may prevent many sites from working and cause an unusable user experience.
Keep your web browser and operating system up to date: Keeping your web browser and operating system up to date can help prevent vulnerabilities that could be exploited for tracking purposes.
Clear your browser's cache and cookies regularly: Clearing your browser's cache and cookies can help prevent websites from tracking your browsing history and preferences.
Be cautious when sharing personal information online: Be selective about the information you share on social media and other websites, and consider using a pseudonym or fake name instead of your real name to protect your privacy.

By using these methods, you can help prevent fingerprinting and protect your online privacy. It's important to note that no single method is foolproof, and it may be necessary to use a combination of these techniques to effectively protect yourself from fingerprinting and other forms of online tracking.

Comparing fingerprinting with tracking cookies

Fingerprinting and tracking cookies are two techniques that are commonly used by websites to identify and track users online. Both methods have the potential to compromise users' privacy, but they work in different ways and have different implications for users and website owners.Fingerprinting involves collecting information about a user's web browser and device, such as the version of the browser, the type of device, the operating system, the language preference, and other details. A lot of this information comes from a “user agent” string, which contains a string of browser and type information for internet users (such as Chrome, Apple, etc.). This information is then used to create a unique fingerprint for the user, which can be used to identify and track them as they browse the web. Fingerprinting can be difficult to detect and block, as it does not rely on the use of traditional tracking technologies like cookies - and is even possible in private browsing or incognito modes.Tracking cookies, on the other hand, are small pieces of data that are stored on a user's device when they visit a website. These cookies can be used to track the user's online activity, including the pages they visit and the actions they take on a website. Tracking cookies can be deleted by the user or blocked by their web browser, but they are generally easier for users to detect and manage than fingerprinting.One key difference between fingerprinting and tracking cookies is that fingerprinting does not require the user's consent, while tracking cookies typically do. Under privacy laws like the General Data Protection Regulation (GDPR) in the European Union and the California Consumer Privacy Act (CCPA) in the United States, websites are required to obtain explicit consent from users before collecting and processing their personal data, including information collected through tracking cookies. This means that users have more control over the use of tracking cookies than they do over fingerprinting.Another difference is that fingerprinting is generally more accurate and harder to evade than tracking cookies. While cookies can be deleted or blocked, it is much more difficult to change the characteristics of a user's browser or device that are used for fingerprinting. This makes fingerprinting a more reliable way for websites to track user visits, but also a more invasive one.In conclusion, both fingerprinting and tracking cookies can be used to track and identify users online, but they work in different ways and have different implications for privacy. While tracking cookies require the user's consent and can be more easily managed by the user, fingerprinting is more accurate and harder to detect. Both techniques can compromise users' privacy, and it is important for users to be aware of these technologies and to take steps to protect their online privacy if they are concerned.

What are canvas and WebGL fingerprinting?

Canvas fingerprinting is a technique used to track and identify web users by using the HTML5 canvas element in the user's web browser. The canvas element is a feature of modern web browsers that allows developers to draw graphics and render text on a web page using JavaScript.Canvas fingerprinting works by rendering a hidden graphic on the user's canvas element and then collecting information about the user's device and web browser, such as the screen resolution, browser version, and font list. This information is then used to create a unique "fingerprint" or device ID for the user, which can be used to identify and track the user across different websites.WebGL fingerprinting is a similar technique that uses the WebGL (Web Graphics Library) feature of modern web browsers to create a digital fingerprint for a user. WebGL is a JavaScript API that allows developers to create interactive 3D graphics on a web page. Like canvas fingerprinting, WebGL fingerprinting works by rendering a hidden graphic on the user's web page and collecting information about the unique user's device and web browser.Both canvas fingerprinting and WebGL fingerprinting are controversial because they can be used to track users without their knowledge or consent. Many web browsers, such as Brave, now offer privacy settings that allow users to block or limit the use of these techniques, or to use browser extensions that block them.

Using Skiff Mail for private mail without tracking

If you’re frustrated by constant tracking and invasions of privacy, you should switch to Skiff Mail - a private, end-to-end encrypted email product with a built in calendar, end-to-end encrypted file storage, and aliases for tracking protection. The product is free and easy to use with apps available on macOS, iOS, Android, and more.If you have any questions on privacy, avoiding tracking, and preserving freedom online, contact us on Twitter, join our Discord, or write to us at [email protected].