How to fight back

Fingerprinting isn’t like other online snooping. We can’t entirely stop it by blocking cookies or making other simple changes to our browsers. The tactics keep evolving.

The good news is that there are gradations of certainty in fingerprinting — not all devices and browsers are equally easy to detect.

Vasilyev, who created fingerprinting software, said it is still possible to make yourself hard to fingerprint by using software such as Tor. It’s a privacy-first browser that goes to great lengths to make each user’s device look the same — but only useful for highly technical people because it breaks common websites.

You can also get some protection from more consumer-friendly software.

Apple iPhones, iPads and Macs running the company’s Safari browser are among the hardest to fingerprint. That is, in part, because Apple has a relatively limited product line and those devices tend to be standardized — so they look more similar to fingerprinting software (compared to the zillions of variations in Android phones and Windows laptops out there). It’s a kind of online herd immunity.

Apple’s Safari also has been tackling fingerprinting directly by reducing the amount of information it shares, such as a list of built-in fonts (instead of custom ones). Safari also asks you for permission before handing over information about your device orientation and motion, two more potential data points for fingerprinters. You don’t have to adjust any settings to turn these protections on — they’re the default.

However, most people in the world do not own Apple devices. Everyone else should consider the Firefox browser, which I’ve recommended before because of its aggressive default protection from tracker cookies. It’s in the final stages of adding some default fingerprinting protections, too, based around blocking traffic from known fingerprinting addresses — which, it acknowledges, fixes only part of the problem. You can turn on an early version of these protections now by going to the “Custom” tab under privacy and security settings.

Google’s Chrome browser currently doesn’t do much to stop fingerprinting by default. You can add browser privacy extensions such as uBlock Origin, the Electronic Frontier Foundation’s Privacy Badger or Jackson’s Disconnect to help stop some fingerprinting. But beware this software might break some of the sites you want to visit.

In May, Google promised it was going to join the fingerprinting fight — an important move because Chrome is by far the most-used browser. It says its plans include reducing the way browsers can be “passively” fingerprinted, so that it can detect and intervene against “active” fingerprinting efforts as they happen.

When these changes arrive on Chrome in the first half of 2020, they should make a difference. That is, until it’s time for the next round of battle against the snoops.