Browser Fingerprinting

Google has created your permanent trackable browsing identity during your daily use of the web. That identity follows you to each site you visit. Every. Single. Day!

Like it or not, Google has implemented browser digital fingerprinting as of February 16, 2025. This means that your browser has been uniquely identified, stored in a Google database, and sold to advertisers. You can now be identified by each web site that uses Google's platforms and analytics tools to have advertisements specifically targeted to you. If you are logged in to an Amazon, Facebook, Google, or Microsoft account with your identified browser, your logged-in account data is also tied to that unique browser.

Search for doughnuts? You'll see more ads for doughnuts. Click on an item while online window shopping, receive ads for that or similar items at other retail sites or in search results. Search for medicines or medical conditions? Receive ads for drugs or treatments.

While the database is usually used for ads, it is potentially a nightmare for political activists and journalists. The government can currently subpoena your Google Account and search history. Now data can be specifically tied to the browser and you as part of the subpoena. What could go wrong?

Google is not the only storage location for your browser fingerprint and identity. There is a vast Data Surveillance Industrial Complex that has grown out of the online advertising industry whose sole purpose is to track, categorize, and package groups of similar identities to sell to advertisers, governments, corporations, and anyone else willing to pay their fees. The U.S. Government routinely purchases data and profiles for intelligence gathering and law enforcement. Profile databases are also gold mines for those organizations attempting to shape public opinion and, combined with voter registration records, are used to promote political outcomes, as was the case with Facebook and Cambridge Analytica.

Google Chrome's tracking and fingerprinting capability generate a vast array of user behavior and insights. Customer online behavior has become so important that some sites are designed to collect the maximum tracking data available within Chrome. Those sites will present reduced functionality or may not function at all when using an alternative browser. If such a site is important for you, then an informed decision must be made to use Google Chrome to purchase those products or services. Otherwise, an alternative site, product, or service may be in order, if privacy is a higher priority than the purchase.

Google reCAPTCHA

Have you ever been prompted by a web site with a visual puzzle to identify all the squares with a bicycle in them prior to being allowed access? This is Google reCAPTCHA. Your browser is being fingerprinted.

Here is how Google reCAPTCHA works:

1. Cookie tracking: reCAPTCHA drops its own cookie (tiny software file) into your browser, which identifies your specific device. The cookie is stored in your browsers local storage designed for this type of file.

2. Pixel-by-pixel fingerprinting: reCAPTCHA takes a pixel-by-pixel snapshot of your browser window, capturing information such as:

• Your network address

• Browser type and version

• Screen resolution and size

• Operating system and version

• Language and locale settings

• Browser plugins and extensions

• Mouse and keyboard behavior

3. Risk analysis engine: reCAPTCHA uses a risk analysis engine to evaluate your behavior and device characteristics. This engine assesses the likelihood of you being a human or a bot.

4. Score-based verification: reCAPTCHA returns a score to the website owner, indicating the risk level of your interaction. If the score is above a certain threshold, you are considered human and are allowed to proceed.

It's worth noting that reCAPTCHA also uses other methods to verify human users, such as:

• Account verification: If you are currently logged in to your Amazon, Facebook, Google or Microsoft account, reCAPTCHA uses this information to verify your identity by reading their cookies in your browser's local storage.

• Browser behavior analysis: reCAPTCHA analyzes your browser behavior, such as mouse movements and click patterns, to determine if you are a human or a bot.

After having your browser fingerprint stored, the cookie dropped into your browser identifies you and your browser with that fingerprint. You can return to the site and, if your browser cookie and fingerprint matches the ones stored online, you are allowed access without solving the puzzle again. Subsequent fingerprint and cookie lookups take mere milliseconds, short enough to be imperceptible to humans.

How can you protect your privacy?

Clear Browser Cookies

The first way to protect your privacy is to adjust your browser settings to clear all cookies during your session or upon browser exit. This does not erase your fingerprint and you will likely be required to solve the visual reCAPTCHA puzzle at next login to any sites using them.

Disrupt Fingerprint Databases

We cannot prevent browser fingerprinting but we can make it less reliable to advertisers and data brokers. We do this by switching from Google Chrome or Microsoft Edge to a browser with built-in fingerprint resistance. Microsoft Edge has some fingerprint resistance, however, it does store browser behavior information in Microsoft's databases.

The objective of fingerprint resistance is to disrupt fingerprint databases by presenting a unique browser fingerprint to each web site encountered, thereby filling databases across the web with unreliable data. The result: Garbage in, garbage out. How many web sites do you visit in a week? With a fingerprint resistant browser, each of those sites thinks you are a unique user. This makes it much more difficult to track your daily browsing activity across the web resulting in fewer "relevant" advertisements and less reliable data stored by data brokers.

Several browsers and extensions have been developed that are specifically designed to present random fingerprints to sites, also known as fingerprint resistant or fingerprint defenders. Examples are Firefox, Brave, Opera, and several others.

Choosing a Fingerprint Resistant Browser

Google Chrome is an open source browser. Google allows anyone to download and modify its Chrome source code for free. This has led to a plethora of Chrome-based browsers that have removed Google's tracking code then substituted fingerprint resistance. The public benefits by modified browsers retaining the ability to access and use a wide array of Chrome extensions available in the Chrome Web Store. Chrome extensions are used to "extend" browser functionality beyond what is provided by Google and software modifiers. Examples of common extension plug-ins are password managers, privacy enhancements, disabling automatic playing of audio and video screen capture, and a host of other capabilities.

A Note on the Firefox Browser

Mozilla Foundation's Firefox browser has been behind Google Chrome market share for several years. Firefox's major attraction has been its focus on privacy and security. Firefox has well developed fingerprint resistance. Mozilla operates as a nonprofit organization and funding has been challenging. In late February 2025, Mozilla created a public relations nightmare by walking back its promise to not share user browsing data. Many people are abandoning Firefox for Chrome-based browsers and Firefox's reputation has been damaged.

• Firefox has faced reputation issues primarily due to its historical performance compared to Chrome. When Chrome was first introduced, Firefox was perceived as slower, contributing to Chrome's rapid rise in popularity. Additionally, some users remember Firefox from its earlier days when it was part of Netscape, which may influence their perception negatively.

• Another factor affecting Firefox's reputation is some modern websites are optimized for Chrome, leading to performance issues when accessed with Firefox. This perception can persist even if Firefox's speed and security remain competitive.

• LibreWolf: LibreWolf is a privacy-focused fork of Firefox, which can be used with the Chrome engine. It includes a feature called "ResistFingerprinting" which aims to prevent fingerprinting by standardizing certain browser characteristics.

Fingerprint Resistant Chrome-Based Browsers

Here are some Chrome-based browsers that offer fingerprint-resistant features:

• Brave Browser: Brave is a popular Chrome-based browser that offers fingerprint-resistant features, including a fingerprint randomizer and tracker blocker.

• SRWare Iron: SRWare Iron is a Chrome-based browser that offers fingerprint-resistant features, including a fingerprint blocker and tracker blocker.

• Comodo Dragon: Comodo Dragon is a Chrome-based browser that offers fingerprint-resistant features, including a fingerprint blocker and tracker blocker.

• Tor Browser (with Chrome engine): The Tor Browser is a privacy-focused browser that uses a modified version of the Chrome engine. It includes fingerprint-resistant features, including a fingerprint randomizer and tracker blocker.

• There are several more available not included in this write-up.

Browser User Profiles

One useful feature of most browsers is the concept of user profiles. Profiles allow different browser configurations for different purposes. For example, profiles can be configured for:

• Online financial services

• Shopping

• Bill payments

• Children's activities

• School or work

• Gardening

• Entertainment

• Health & Wellness

• Hobbies

The degree of separation of internal functionality differs between each browser. Google Chrome itself expects to be logged in to a single account on a single site. Browser developers have adjusted Chrome internals and fingerprint resistance to allow multiple logins to one site, each with a different site account, and remain internally separated within each profile.

For example, I have two Substack publications, each with a different associated email address: Paul's Visual Arts and Essential Risk Management. I set up a profile for each account with different bookmarks and extensions. I use 1Password password manager and Malwarebytes Browser Guard in both profiles. I can then login to Substack with each profile using the appropriate account email address. My Chrome-based browsers internal separation makes its presence known to Substack as two unique browsers, without any internal session overlap. In this scenario, standard Google Chrome is unable to present as two unique browsers due to its internal tracking mechanisms.

My use case for being logged in to Substack with two separate accounts is to enable me to apply automation using the Scheduled Notes Extension for Google Chrome in my Chrome-based browser. I can write several Notes in advance, for each account, then schedule posting them throughout the day or week. This frees me to work on higher priority issues.

Brave Browser Option and Profiles

I gave up Firefox years ago due to reputation issues and web site optimizations for Chrome noted above. After reviewing multiple Chrome-based browser comparisons, my choice has become Brave browser.

Brave Profiles for Techies

To create Brave profiles, follow these steps:

• Open Brave and click on your avatar in the top-right corner, click "Settings", click "Profile name and icon", then select "Get started"

• Click on "Profile name and icon" in the window to create a new profile.

• Name your profile

• Pick themes and colors

• Done

• Click on the upper right avatar to select the desired profile and a new window appears for for action

Each profile maintains separate bookmarks, extensions, browsing cookies and history, allowing you to compartmentalize your browsing for privacy. Add the bookmarks, extensions, and themes desired for the new profile.

Brave Profiles for the Non-Technical

There are many amazing and brilliant people, just like you, who read this article. For example, Words, Cooking, The Arts, or Body/Mind/Spirit may be your expertise. Your encounters with technology are avoided when possible, yet necessary for daily life. You implement the steps above, then feel lost or want a helping hand to get your profiles up and configured properly.

• Do you find that tinkering with technology settings is more akin to a root canal?

• Are you frustrated with how much data is collected about your web browsing?

• Does making informed choices about how much browsing data to give up in order to purchase a product or service make you feel like an empowered consumer?

• How would it feel to play your part, however small, in disrupting the Data Surveillance Industrial Complex every day?

If any of those questions speak to you, then a solution is at hand. I've written a 26 page illustrated PDF guide that will guide you to install Brave and start setting up secure browser profiles:

Conclusion

You now have an understanding that your web browsing is tracked everywhere you go. Your tracking data is collected, stored in multiple databases, sliced, diced, and sold to advertisers, marketers, corporations, political organizations and operatives, and governments, both domestic and foreign. There is no way to escape having your web browsing tracked. You also have learned that you can retain more control of your tracking data by using a web browser that is fingerprint resistant, that defends against trackers and browser surveillance. There are many Chrome-based browsers and extensions available that defend your browsing activities. I chose the Brave browser and it has worked well for me. Choose one that works for you.

By installing and using a fingerprint resistant web browser, you will be able to:

• Create profiles for home, school, work, et cetera

• Customize each profile with activity-appropriate bookmarks and extensions

• Present unique browser fingerprints at each site you visit to reduce your tracking across the web

• Use automation tools for multiple accounts per web site

• Control when and and to which sites you exchange your private data for access to products and services

• Preserve more of your privacy

Make an informed choice when to use the fully trackable Google Chrome browser when required by a web site and when not to do so. Do your part to disrupt the Data Surveillance Industrial Complex.