Imagine you’re a pilot, calmly flying along. Suddenly, alarms blare that a heat-seeking missile has locked onto you. How hard do you think it would be to get rid of a missile that’s tracking you?
Now imagine that you’re calmly browsing the Web. Did you know that you’re being tracked here? You won’t hear any alarms to tell you about it.
Fortunately, there are several ways you can prevent tracking, or limit what information trackers are able to collect. Let’s dive into what trackers are, how they track you, and what you can do about it.
Note: This page contains affiliate links. As an Amazon Associate I earn from qualifying purchases. Please see Affiliate Disclosure.
Google trackers are present on 82% of the web traffic.
25% of the web has a hidden Facebook tracking pixel. Facebook knows more than what you just do on Facebook
1881 out of 6000 top websites have more than 10 trackers per page.WhoTracks.me
Who is Tracking You?
Advertising companies such as Google and Facebook make up a large share of trackers. They track advertisements, to learn when they’re seen and clicked, and details about who sees and clicks them.
Many organizations use analytics (such as Google Analytics) to learn how their websites are being used, and details about who uses them.
Social media companies such as Facebook and Pinterest integrate with websites to show like and pin buttons, and to track sites you visit.
You’ve probably noticed that if you’re looking at a product on Amazon or some other shopping site, you start to see ads for that product on other websites. That’s made possible by tracking.
How Are You Being Tracked?
You’ve probably heard of cookies, and they’re still being used. But other methods have arisen in recent years.
Cookie: A file that contains information which identifies you to a website, so that it can keep track of who you are. Cookies are simply part of how users interact with websites, and aren’t inherently a privacy risk. But when cookies are used to track users around the Web, they are considered a privacy risk. A first-party cookie comes from the site you’re on. A third-party cookie comes from a different website; this is the type used for tracking across websites.
Internet Protocol (IP) address: The Internet address given to your device by your network or Internet Service Provider (ISP). If you’re at home, your home’s IP address comes from your ISP, and can reveal your general location.
Fingerprinting: Identifying users based on the characteristics of their device or browser, such as operating system (OS), browser extensions, language, and installed fonts. You can see details about your fingerprint at AmIUnique.
Supercookie or evercookie: A file that’s stored in a different place than normal cookies, making it harder to detect and remove them.
Beacon (AKA tag or pixel): A small, usually invisible object embedded into a webpage or email. When you view the webpage or email, the beacon is loaded, and your activity is recorded.
How to Increase Your Privacy
There’s a setting in many browsers called Do Not Track. This was supposed to be an easy way to opt out of tracking, similar to how the National Do Not Call Registry was supposed to be an easy way to opt out of telemarketing calls. Unfortunately, both efforts have failed to deliver.
There’s no enforcement for Do Not Track. A website can choose to honor your setting or not, and you don’t know if they are. So, we need to take other steps to limit tracking.
You may hear that you should delete all cookies or prevent your browser from accepting cookies to block trackers. This isn’t the solution, because companies are increasingly using methods other than cookies for tracking. Also, preventing or deleting first-party cookies (a cookie from the website you’re using at the moment) can break basic website functionality like the ability to be logged in to a site, or to keep a product in your shopping cart.
Third-party cookies (a cookie from a website other than the website you’re using at the moment) are less-frequently used for functionality and more-frequently used for tracking, so blocking them is a different matter.
Configure Your Browser to Limit Tracking
The place to start in blocking web tracking is your browser. Most browsers have settings that can limit tracking, and some browsers offer more settings than others.
I’ll explain some settings to look for in the desktop versions of these browsers. There are often similar settings in the mobile versions of these browsers.
I recommend that you use one of the browsers that offers better privacy-protection, such as Safari, Firefox, and Brave.
Safari makes it harder for you to be fingerprinted by websites.
… whenever you visit a webpage, Safari presents a simplified version of your system configuration. Your Mac looks more like everyone else’s Mac, which dramatically reduces the ability of trackers to uniquely identify your device.Apple
In Safari Preferences, click the Privacy tab, then check the box to Prevent cross-site tracking.
Safari uses machine learning to identify advertisers and others who track your online behavior, and removes the cross‑site tracking cookies and website data they leave behind.Apple
Learn more about increasing Safari security and privacy.
In Firefox Preferences, click Security & Privacy. You can choose the level of Enhanced Tracking Protection: Standard, Strict, or Custom. If you choose Custom, you can choose what to block. I recommend choosing Custom and checking all the boxes, and setting Cookies to Third-party trackers.
Lower on that page, set Send websites a “Do Not Track” signal that you don’t want to be tracked to Always.
You can change Enhanced Tracking Protection on a per-site basis. When you’re on a website, just click the shield icon in the address bar to see your options.
In Chrome, click the More icon (3 vertical dots), then click Settings. The settings screen will appear, with several sections of settings. At the bottom of the Settings screen, you can click Advanced to see more settings.
Under Advanced, in the Privacy and security section, enable Send a “Do Not Track” request with your browsing traffic.
Click Site Settings, then Cookies and site data. Enable Block third-party cookies. Chrome will show a cookie icon in the address bar. You’ll be able to click it and then choose to allow that site to set cookies in the future. When you do, you can also click Show cookies and other site data and then the Blocked tab to see which cookies are being blocked. You then have 2 options (buttons): Allow and Clear on Exit. Allow allows those cookies in the future. Clear on Exit stores the cookie only until you close/quit Chrome, then the cookie is deleted.
Learn more about increasing Chrome security and privacy.
Note: these instructions are for the Chromium-based version of Edge, released in January 2020.
In Edge, click the 3 dots (…), then Settings. On the left, click the menu icon (3 horizontal lines), then Privacy and services. Toggle Tracking prevention to on. Then, choose the level of tracking prevention you want: Basic, Balanced, or Strict. I recommend choosing Strict.
On that same screen, scroll down to the Privacy section, and toggle Send “Do Not Track” requests to on.
If you need to change the tracking prevention settings for a particular site, when you’re on the site, click the padlock or i symbol to the left of the web address (URL), and below Tracking prevention, change the dropdown to On or Off.
Learn more about tracking prevention in Edge.
Brave blocks trackers by default. You can change your settings in Settings > Shields. I recommend enabling Block cross-site trackers and setting Cookies to Only block cross-site cookies. Learn more about Shields settings.
At the bottom of the Settings screen, click Advanced to see more settings. In the Privacy and security section, enable Send a “Do Not Track” request with your browsing traffic.
You can change the Shields settings for particular sites. Just click the Shields icon (the same lion head logo as Brave uses), then toggle Shields on or off, or toggle particular protections. Learn more about using Shields while browsing.
If you want to go the extra mile in protecting your privacy while browsing, look at Tor Browser. It routes your traffic through the Tor network, which hides your real IP address. It’s designed to foil fingerprinting attempts. By default, it doesn’t keep browsing history, and cookies are only valid for a single session. It’s like using private browsing all the time. You can choose between 3 security levels: Standard, Safer, and Safest.
Because of how it works, you probably wouldn’t use Tor Browser as your main browser, but if there are certain situations where you need to ratchet up your privacy, it’s worth considering.
You shouldn’t install extensions in Tor Browser, because they can conflict with its privacy protections.
Private browsing (AKA Incognito mode, AKA InPrivate browsing) by itself doesn’t block tracking, but it’s slightly helpful because of how it handles cookies. It doesn’t share cookies with the regular browsing mode, and it doesn’t preserve cookies once you close it.
Firefox is an exception to the norm, in that it includes tracking protection in its Private Browsing.
Anti-Tracking Browser Extensions
Once your browser is set to limit tracking as much as possible, it’s time to add one or more anti-tracking browser extensions.
The extensions available to you depend on the browser you use. They have varying levels of configurability, ranging from few settings to a mind-boggling number.
In general, you can use more than one tracking-blocking extension, but you should check the documentation of any extensions you use for any warnings against this. For most people, one extension will be sufficient.
I’m going to cover extensions for desktop browsers. Several of these have related mobile browsers which can usually be set to block trackers.
This is my top recommendation because of its balance of power and simplicity. It blocks third-party trackers and shows a privacy grade for websites. If you notice that it prevents a website from working properly, you can whitelist that site, temporarily or permanently.
This is basically a set-it-and-forget-it option. There’s nothing to configure, because it learns as it goes.
If as you browse the web, the same source seems to be tracking your browser across different websites, then Privacy Badger springs into action, telling your browser not to load any more content from that source. … If it observes a single third-party host tracking you on three separate sites, Privacy Badger will automatically disallow content from that third-party tracker.Electronic Frontier Foundation (EFF)
Download for Chrome, Firefox, Opera.
This is another blocker with fairly simple options. It also anonymizes your data, and lets you customize blocking.
Because of Apple’s restrictions on Safari extensions, Ghostery isn’t available, but Ghostery Lite is. It lets you block trackers in 8 categories. I check all the boxes except Advertising, because I don’t want to hurt sites that rely on ad revenue. You can also individually trust websites, to allow all trackers from a particular site to load.
Download for Chrome, Firefox, Edge, Opera, and Ghostery Lite for Safari.
This is another one that can function as set-it-and-forget-it, but you can configure it if you’d like. By default, it blocks a wide range of trackers. You can manually allow certain trackers, or all trackers on a website.
Disconnect’s Visualize page feature is unique; it shows a graph of third parties that Disconnect is blocking. This is only available on Chrome and Safari.
Download for Chrome, Firefox, Safari, Opera.
This could be a fit if you’re technical and want something with more controls. It can use a large number of filter lists (lists of domains), which you can enable or disable. For example, I disable advertising-related lists, because I don’t want to hurt sites that rely on ad revenue. It only takes a couple clicks to enable or disable uBlock Origin on a particular website.
I like that uBlock Origin automatically blocks known malware sites.
Note: this is not the same as uBlock (without “Origin” behind it).
This paid software feeds fake data to trackers, so they don’t see your true digital fingerprint. It also deletes tracking cookies and other tracking data. It says it does all this without breaking sites, which can happen when blocking trackers.
Download for Chrome, Firefox, Safari, Edge, Internet Explorer, Opera.
A VPN (virtual private network) provides some tracking protection, because you get a different IP address, sometimes every time you connect to the VPN. For sites that track by IP address, that will throw them off the scent. Another advantage is that the IP address you get usually points to a different geographic location than you’re actually in.
Other than changing your IP address, a VPN doesn’t provide other protection against trackers. But, it will protect your data when you’re on public Wi-Fi.
Some anti-malware has anti-tracking technology. If your anti-malware software does, you can learn more about it, and decide whether to use it.
I don’t recommend choosing anti-malware software based on how well it blocks web tracking; instead, focus on how well it prevents and removes malware.
Note that some anti-malware claims to block tracking, but all it does is delete cookies. This isn’t an effective way of blocking tracking, and it can make browsing a pain.
Most people think of blocking web tracking and blocking ads as the same. And web advertising often uses tracking, so it’s understandable to lump them together. But it’s possible to block some tracking without blocking all ads. Why would you do this?
It’s an ethical issue rather than a technical one. Many websites rely on advertising as a source of revenue. Sometimes it’s the main, or only, way they earn money! If those websites don’t earn, they can’t pay their employees, pay for web hosting, etc. These sites (and the people behind them) are financially harmed by ad-blocking.
For this reason, I try to configure my browsers and extensions to allow ads, but block other tracking. I encourage you to do the same.
What You Should Do
- Choose a privacy-protecting browser. I recommend Safari (only available on Apple devices), Firefox, and Brave.
- Configure your browser to limit tracking. See the instructions in this post.
- Install at least one anti-tracking browser extension. If you want the simplest, set-it-and-forget-it option, I recommend Privacy Badger. If you want something with a few more options, I recommend DuckDuckGo Privacy Essentials. You can consider the others I covered in this post.
- For the next few days, pay attention to your browser and any extensions you installed. This will help you learn how they’re blocking trackers, and will help you fine-tune your settings.