Google now allows digital fingerprinting of its users
In the ongoing saga that is Google’s struggle to replace tracking cookies, we have entered a new phase. But whether that’s good news is another matter.
For years, Google has been saying it will phase out the third-party tracking cookies that power much of its advertising business online, proposing new ideas that would allegedly preserve user privacy while still providing businesses with steady revenue streams.
But it’s not been straight forward for Google. As we reported in July, 2024, the tech giant said that due to feedback from authorities and other stakeholders in advertising, Google was looking at a new path forward in finding the balance between privacy and an ad-supported internet.
The announcement read:
“Instead of deprecating third-party cookies, we would introduce a new experience in Chrome that lets people make an informed choice that applies across their web browsing.”
It’s not hard to see why this is scary. Apple’s App Tracking Transparency (ATT) feature caused a significant upset in the mobile advertising industry. When introduced in April 2021, it allowed users to opt out of being tracked across apps and websites. This led to an estimated 96% of US users choosing to opt out of tracking. With three billion Chrome users around the world, that might easily be an advertiser’s worst nightmare.
Google promised to kill tracking cookies by introducing a one-time global prompt upgrade that would present users with the choice of being tracked or not. By third-party cookies that is.
But ahead of fulfilling that promise, Google has introduced digital fingerprinting. Digital fingerprinting is like creating a unique digital ID for you or your device based on various pieces of information collected when you browse the internet, like:
- Operating System (OS): Windows, Android, iOS, etc.
- Browser type and version
- IP address
- Installed browser plugins
- Time zone
- Language settings
- …and so on.
With all these pieces of information, it’s possible to create a unique fingerprint by which websites can recognize you, even if you clear your cookies. They will even be able to make an informed guess if you visit the same site with a different browser.
Google itself, at one point, said that fingerprinting was undesirable:
“Unlike cookies, users cannot clear their fingerprint and therefore cannot control how their information is collected. We think this subverts user choice and is wrong.”
But, per Google’s announcement on December 19, 2024, organizations that use its advertising products can use fingerprinting techniques from last Sunday, February 16, 2025. Well, as far as Google is concerned that is.
The UK information commissioner’s office (ICO) reminded businesses they do not have free rein to use fingerprinting as they please. Like all advertising technology, it must be lawfully and transparently deployed – and if it is not, the ICO will act.
But the OK from Google is likely the start of an intermediate period where we will be bothered with both fingerprinting and third-party cookies until the advertising industry has had the time to transition.
What can I do?
Countering fingerprinting is a lot harder than keeping cookies at a minimum. But there are some things you can do to make it harder to get your fingerprint taken.
- However hard it may be, the time may have come to consider switching to a browser that provides built-in features to resist fingerprinting
- Or look for anti-fingerprinting tools in the form of browser extensions
- Use a VPN that can mask your IP address and location, which are very significant pieces of information for fingerprinting
- Keep your browser updated, so your old version will not give away your data
- Disabling JavaScript can break a website’s functionality, but it also significantly reduces the data websites can gather about you.
We don’t just write about privacy, we can help you improve yours. Try Malwarebytes Privacy VPN.
