The Best Private and Secure Web Browsers

Using the best private browser can go a long way in protecting you from online tracking, WebRTC leaks, and browser fingerprinting.

There isn’t a single best privacy browser, though, because privacy needs and preferences will differ between users.

All the private browsers we recommend here are open-source. They offer minimal-reliance on big tech companies, custom settings, and active protection against online tracking.

1. Mozilla Firefox: Best ‘Mainstream’ Private Browser

Once configured properly, the Firefox browser is the best private browser available in terms of performance, ease-of-use, and privacy.

You can read the Firefox privacy policy here.

Firefox has two great advantages. The first is that it is completely open-source. The second is that it is highly customizable.

Because it is open-source, Firefox forms the basis for lots of other privacy-focused browsers. You can also inspect the code to make sure Mozilla is honest about the way the browser behaves.

Unlike Chrome, Opera, or Microsoft Edge, Firefox lets you customize its privacy settings to exclude all telemetry (sending data back to Mozilla) and third-party add-ons.

This means even the standard version of Firefox is a potentially great private browser.

In the past, we’ve seen some VPN extensions suffer WebRTC leaks in Firefox. See how to solve this further down the page. Or, use one of the VPNs we recommend for Firefox..

How to Optimize Firefox for Privacy

The most important thing to remember when using the basic version of Firefox is that you optimize your settings for privacy.

The first and most important change you need to make when optimizing Firefox for privacy is to disable telemetry – the setting which allows your browser to send technical data back to Mozilla.

Firefox has an interactive development process which uses feedback from users and includes experimental builds like Firefox Nightly and Firefox Developer Edition. These are great if you want to help contribute to Firefox’s development, but they aren’t private.

To disable telemetry in Firefox:

1. Select the preferences or settings menu in the top right hand corner of your screen.
2. Navigate to Preferences > Privacy & Security > Firefox Data Collection and Use.
3. Uncheck every box in this section.

Firefox also has a feature which can block trackers, cookies, fingerprinters and cryptominers, called Enhanced Tracking Protection.

To enable Enhanced Tracking Protection in Firefox:

1. Select the settings menu in the top right hand corner of your screen.
2. Navigate to Preferences > Privacy & Security > Enhanced Tracking Protection.
3. Choose your protection mode: strict, standard, or custom.

In our experience the ‘strict’ mode will break some webpages, but is generally quite stable.

If you encounter a problem, you can always disable content blocking for specific sites by pressing the “shield” symbol to the left of the URL bar.

You can also change your default search engine from Google to a more private alternative.

To change your default search engine:

1. Select the settings menu in the top right hand corner of your screen.
2. Navigate to Preferences > Search > Default Search Engine.
3. Choose your preferred search engine from the drop-down menu.

Advanced Firefox Privacy Settings

Finally, there are some important advanced settings that can be accessed in Firefox’s advanced preferences menu.

To change these settings, just type about:config into your address bar. Press enter and then click “Accept the risk and continue“. This will take you to the Firefox browser’s advanced configuration menu.

Search for the name of the preference you’d like to change and simply double-click on it to change from true to false or vice versa. This will enable or disable the specific setting.

Here is a list of the most important advanced Firefox privacy settings, and whether it should be enabled for disabled for maximum privacy:

Preference Name	Set To	Effect
media.peerconnection.enabled	FALSE	Disables WebRTC — a real-time communication protocol that can leak your true IP address.
privacy.resistFingerprinting	TRUE	Enables Firefox’s native fingerprint protection.
privacy.trackingprotection.fingerprinting.enabled	TRUE	Enables additional fingerprint protection.
privacy.trackingprotection.cryptomining.enabled	TRUE	Provides extra protection against cryptominers.
privacy.firstparty.isolate	TRUE	Enables first-party isolation. This means cookies, cache, and much more are prevented from tracking you across multiple domains.
privacy.trackingprotection.enabled	TRUE	Enables a filter list to block known third-party trackers.
geo.enabled	FALSE	Firefox uses Google Location Services to find your location. In the process, it sends it your IP address, client identifier, and information about nearby WiFi networks. You can turn this off entirely by selecting false.
media.navigator.enabled	FALSE	Prevents websites from tracking information about your camera and microphone, which is used in fingerprinting.
network.cookie.cookieBehaviour	4	This setting runs from 0 to 4 and controls the browser’s cookie policy. Setting it to 0 would allow all cookies. The highest level of protection, 4, enables New Cookie Jar.
network.cookie.lifetimePolicy	2	This setting controls how long cookies are stored. Set this to 2 to delete cookies at the end of each session.
network.dns.disablePrefetch	TRUE	Prevents Firefox from prefetching DNS. Prefetching DNS can speed up load times but has some small privacy risks.
network.prefetch-next	FALSE	Prevents Firefox from prefetching pages it thinks you may visit. This has similar privacy risks to prefetching DNS.
webgl.disabled	TRUE	Disables WebGL. WebGL can be used in advanced browser fingerprinting techniques, and also represents a potential security risk.
dom.event.clipboardevents.enabled	FALSE	Prevents websites from knowing when you copy, cut, or paste content.
media.eme.enabled	FALSE	Disables DRM-controlled HTML5 content.

It’s important not to confuse Mozilla Firefox with Mozilla VPN – a true independent VPN released by the company behind the browser and currently being rolled out worldwide. It is not a browser, and does not even have an extension for Firefox. We were impressed by it in our Mozilla VPN review, though.

2. Firefox Focus: Best Private Mobile Browser

Mozilla has been working on its mobile Firefox apps for a while now, and Firefox Focus is the result. Firefox Focus is tailored towards ad-blocking and tracking prevention by default. It’s also really easy to use.

You’ll find a comprehensive set of privacy options including the ability to block trackers of different kinds, block fonts, disable JavaScript, and even customize what kind of cookies are blocked.

The app can be set to block screenshots and obscure your browser’s contents when you switch between tabs. You can even set it to unlock with your fingerprint.

If you want to delete the history and cookies from your current session you simply press a trash-can symbol at the bottom of the page.

Firefox Focus only lets you have one tab open at a time, which means the browsing experience is quite different from what you may be used to. Because it is so stripped down, Focus also allows for a very fast browsing experience.

Overall, Firefox Focus offers a focused experience with great privacy — but you may not want to use it all of the time.

How to Optimize Firefox Focus for Privacy

Firefox Focus has telemetry turned on by default. You should navigate straight to the settings to turn it off.

While you’re there, customize the level of privacy to your preferences. As you’ll find with any super-private browser, turning all of the protections on has a habit of breaking some websites or making them display strangely.

3. LibreWolf: A Reliable Firefox Alternative

An alternative to optimizing your Firefox browser’s settings is to use a ‘Firefox fork’ — a browser separated from Firefox’s open-source code at some point in its development history.

LibreWolf is a community-maintained Firefox fork available for Windows, macOS, and Linux. The browser’s primary focus is privacy, security, and user freedom.

LibreWolf is pre-configured to protect against tracking, browser fingerprinting, and data collection, which makes it a great choice if you don’t want to change Firefox’s settings yourself.

LibreWolf uses DuckDuckGo as the default search engine, collects no telemetry, filters content, and blocks ads using uBlock Origin.

LibreWolf is always based on the latest version of Firefox, but it’s a separate browser from Firefox and does not have auto-update capabilities.

If there’s an urgent Firefox security patch, it will only be released on LibreWolf a few days after, and you will have to manually update the app. This means it isn’t always as secure as Firefox itself.

4. GNU IceCat: Built Entirely from ‘Free Software’

Built on the principle of ‘free software’, IceCat is a part of a full rework of the Mozilla suite which prioritizes privacy and transparency.

Because of its commitment to free software, IceCat is only available for Linux. This means it isn’t an option for Windows or macOS users.

IceCat has been developed based on an ethical commitment to making and using software which is free for anyone to inspect, edit, and reproduce, even at the expense of utility.

It comes with several add-ons designed to maximize your privacy, including HTTPS Everywhere, SpyBlock and Fingerprinting Countermeasures. These ensure your connection to websites is secure whenever possible, and prevents third-party tracking and even fingerprinting.

IceCat also comes with LibreJS, an add-on designed to prevent proprietary javascript from running in your browser and extracting data without permission.

Because IceCat is not just Open Source but also free, you can inspect all elements of its code and even modify it to suit your preferences. You can also be sure that all future versions or variants of the browser keep the same commitment to transparency.

5. The Tor Browser: Fully Anonymous Browser

The Tor browser is a modified version of Firefox which grants you access to the Tor Network and comes optimized for your privacy and anonymity.

The Tor network has some similarities to a VPN. Unlike a VPN, however, it is decentralized — so you never have to trust a private company with your data.

If you aren’t careful with Tor, you can risk undermining your anonymity and leaving yourself vulnerable to direct criminal or government surveillance.

For an added layer of encryption, you can combine Tor with a VPN to improve your safety on Tor. If you connect to a VPN server before connecting to Tor, this is known as Onion over VPN.

In addition, the Tor network can be quite a bit slower than using a simpler privacy-focused browser.

When used correctly, Tor is one of the best tools for online anonymity. That said, we recommend doing some research before using Tor to make sure it’s the right choice for your privacy. You can find full details about the Tor Browser in our Tor vs. VPN guide.

How to Stay Anonymous When Using Tor

Using Tor correctly isn’t difficult, but it isn’t always intuitive. It has two big weaknesses:

1. A tendency to leak identifiable information when not used properly.
2. Public exit nodes which may allow strangers to eavesdrop on your traffic.

To maintain your anonymity, follow these basic steps:

• Never log in to social media or email accounts that are associated with your internet use outside of Tor.
• Don’t post details about your real-life identity.
• Always use secure HTTPS sites.
• Don’t use mobile two-step verification.
• Never torrent on the Tor Browser. This risks IP address leaks, but also drastically slows the network for everyone involved.
• Stay away from Google (alternatives include DuckDuckGo, Searx.me, Qwant, and Start Page).

If you’re extremely privacy conscious it is also recommended that you avoid full-screen. When your browser window is fullscreen it can reveal information like your screen resolution and size, which distinguishes your session from other Tor users and can help with browser fingerprinting.

6. Brave Browser: An Alternative Approach to Advertising

Built by the developer of JavaScript after he left Mozilla, Brave is a privacy-focused browser that aims to rework traditional online advertising.

Normal adverts and trackers are blocked by default. Instead, Brave shows its own advertisements and rewards users with its own native cryptocurrency called BAT. If you want to claim these rewards you will need to supply an email address.

These adverts are customized based on your browsing history, which is stored locally in the browser, not sent back to Brave. For true privacy enthusiasts, even this local storage may overstep the mark.

The Brave Browser can also be optimized for blocking ads on the Twitch platform.

The Brave browser also has its own customizable “shields” system, which allows the user to quickly toggle security and privacy measures such as script blocking, device recognition blocking and cross-site cookie blocking.

Brave is free and open-source, which is encouraging from a transparency perspective. You can see the source code on Github.

Brave isn’t without controversy though. The browser’s foundation is in Google Chromium — the open-source project behind the Google Chrome browser and Google Chrome OS. This is a point of anxiety for many users.

Being based on Chromium comes with some privacy downsides. It isn’t possible to disable WebRTC, for instance. While Chromium is open-source now, there is no guarantee it will continue to be in the future.

Unlike most of the other browsers on this list it is also produced by a company looking to make money from advertising, not a group of volunteer privacy enthusiasts. Brave automatically pockets 15% of the revenue from its ads. We’ll let you decide whether this undermines the project or not.

Brave collects some anonymized information about its users, and this cannot be turned off. It claims this information isn’t telemetry, but the lack of user control is concerning from a privacy perspective.

If you buy into its vision for advertising and trust the company to deliver on it, Brave could be a good choice. However, there are better options if privacy is your main point of concern.

How to Optimize Brave for Privacy

Brave can be a secure, privacy-focused browser if you avoid its advertising arm. Even if configured properly, it is still not as effective as browsers based on Firefox.

Stay away from the BAT reward feature if you’re concerned about privacy. It’s turned off by default and we recommend you keep it that way.

If you’ve already turned on the rewards system, it’s easy to turn off by clicking the triangular ‘rewards’ button in the top right hand corner of the browser.

7. ‘Ungoogled’ Chromium: the Closest Option to Google Chrome

Ungoogled Chromium is exactly what it sounds like: Google Chrome with every possible bit of Google taken out or turned off.

The Chromium Projects are the open-source projects behind the Google Chrome browser and Google Chrome OS. While they are open-source, they are still made by Google.

Chromium browsers send information back to Google by default. Even with ‘Ungoogled’ Chromium, it is hard to confirm that this feature has been turned off completely.

Ungoogled Chromium gives you access to add-ons designed for Chrome. While this is useful, it’s worth remembering that more add-ons make your browser easier to identify. In addition, every add-on you install is a potential way for Google and other third parties to collect your data.

In short, only use add-ons you completely trust. You can learn more about browser add-ons and extensions later in this guide.

There are also other Chromium based browsers to consider including Iridium. Iridium has a similar set of goals to Ungoogled Chromium, but is generally updated less frequently.

Your choice of browser will have a huge impact on your online privacy and anonymity. Using the wrong browser will put you at risk of:

• Data collection. Despite the claims from some VPN companies, your IP address is not the only way you are tracked online. Even when your VPN is active, your browser could be sending your activity data straight into the hands of Google, Apple, Microsoft, and hundreds of third-party advertisers.
• IP address leaks via WebRTC. WebRTC — a browser-based technology used for real-time communication like audio, video, and live streaming — can also leak your IP address if not configured properly. WebRTC is enabled in most browsers by default.
• Cookies & tracking scripts. Cookies and tracking scripts are another risk which most standard browsers won’t protect you from. These cookies can be used to follow you and record your behavior as you travel from site to site.
• Browser fingerprinting. Even if you’ve blocked third-party trackers and hidden your IP address with a VPN, most browsers can still reveal information about your unique settings to every page you visit. This information is used to build a digital fingerprint which advertisers and authorities can use to track your movements.

All this information is sold to advertising companies, and used to build a personalized profile of you, your interests, and your behavior.

It’s incredibly easy for authorities to get their hands on this data if they want to. If you apply for a job at Apple, it may even impact your employability.

The Problem With ‘Normal’ Web Browsers

Advertisers, governments, tech companies, and even criminals can collect a range of sensitive data from an unprotected browser over time. This can include:

• Account details
• Autofill information
• Purchases made
• Messages sent
• Websites visited
• Videos watched

While it’s well-known that your data is bought and sold by hundreds of secretive companies, it’s less clear to the average user exactly who these organisations are, what information they store, and who they share it with.

There’s nothing wrong with allowing a company to access your data to perform a service. However, most of this data is collected by tracking scripts and cookies without people’s knowledge or consent. Often, companies justify this practice with services that users may not even want or use.

There is a significant risk that your data will be misused, abused, or shared without your consent

Third-party data brokers use this information to create billions of user profiles with thousands of data points per person. These profiles are then sold and used for advertising, changing the terms of loans, informing insurance premiums, restricting services to certain demographics, and much more.

Many brokers maintain a comprehensive shadow profile of unwitting consumers. Reams of personal data are also flowing to political parties attempting to influence voter behavior, as well as intelligence agencies tracking potential suspects.

Browser cookies and trackers are a major part of this infrastructure. Most websites rely on them to serve custom content and ads, and much of the resulting data is up for sale.

Of course, there are inherent risks involved in the collection, storage, and sale of consumer data on such a large scale. More than anything, it infringes on an individual’s right to know and control the information stored about them.

Fortunately, a properly-configured private browser combined with a VPN is the first step towards taking back control of your online privacy. There are even VPNs that come with anti-tracker and ad blockers. To find out which private browser to choose, you can skip straight to our best private browser recommendations.

What’s the Difference Between a Private and a Secure Browser?

1. Secure Browser

A secure browser will protect you from targeted attacks and malware. It may stop a dedicated attacker from stealing your account details or cookies, but it will not stop you from leaving a trail of data behind your online activity.

Google Chrome, for example, is a browser that is secure but not private.

2. Private Browser

A private browser is designed to limit the information you leave behind. A private browser will not send your information back to a large tech company or government, and will include several measures that make it harder for you to be singled out or tracked online.

Transparency and versatility are central to a good private browser. Open-source software — which allows the public to inspect the browser’s behavior — is a must-have.

However, open-source software and smaller development teams means the software behind some private browsers can be updated less frequently, leaving more room for security vulnerabilities.

Iridium is an example of a browser that is private but less secure.

3. VPN Browser

There are a few browsers that brand themselves as “VPN browsers” — the most popular being Opera.

So-called “VPN browsers” are normally proxies, not full VPNs — which means they don’t offer the best levels of protection.

There are no regulations for what can or cannot be called a VPN browser, so you shouldn’t assume a VPN browser offers you privacy.

The Opera browser is a good example. It’s a “VPN browser” that undermines your privacy by giving up your data to a large array of third parties, including Facebook and Google. In other words, Opera VPN is not safe to use.

Generally speaking, any product marketing itself as a “VPN Browser” won’t be the most effective solution. If you’re seeking privacy, combine a trusted VPN with a truly private browser.

Some of the most popular browsers on the market are also the most invasive. If you’re looking to browse privately, avoid the following browsers at all costs:

1. Google Chrome

Google Chrome is the most popular browser in the world. It may be easy to use, but if you care about your privacy at all then you should not use Google Chrome.

Google makes money through personalized advertising. This requires huge amounts of data in order to target the right people with the right adverts. Chrome is a key source of this data, and it keeps a record of pretty much everything you do, even in Incognito Mode.

The biggest problem with Chrome is that it forms part of the wider Google ecosystem in which a huge amount of your data is subject to observation and logging. You can find the worrying details for yourself in the Google Chrome privacy policy.

“Sync” is the setting responsible for integrating most of your data. If you’re logging into a Google Account it will be on by default and will save all of this information to Google’s servers:

• Browsing history
• Bookmarks
• Passwords and Autofill information
• Browser settings and extensions

You can choose whether or not to use sync. However, even when it has been turned off, Google’s surveillance remains extensive. Google’s eyes are everywhere: in Google searches, in your email, on YouTube, in third-party services and in analytics on almost every website you visit.

With Google Chrome, it’s harder than any other browser to maintain your privacy.

Google’s company-wide privacy policy states that they collect data to improve their services:

“We collect information to provide better services to all our users — from figuring out basic stuff like which language you speak, to more complex things like which ads you’ll find most useful, the people who matter most to you online, or which YouTube videos you may like”

Most of this is worded like data collection is an act of benevolence, but the truth is that it’s an advertising company that can make more money by leveraging the data of its user base. In short, Google is absolutely relentless about collecting data from you in any way it possibly can.

Even when you aren’t signed into a Google Account, Google uses unique identifiers tied to your browser and device. This is supposedly to maintain features like language preferences, but in reality, it simply allows Google to track you even when you aren’t signed in.

Whether you’re signed into your Google account or not, Google can collect the following data across all of its platforms:

• Browser type & settings
• Device type & settings
• Operating system
• Mobile network name
• Phone number
• IP address
• System activity
• Purchases
• Date & time of interaction
• Search terms
• Videos you watch
• Voice and audio (from audio features)
• A list of the people with whom you communicate and share content
• Activity of third-party sites or apps that use Google services*
• Google Chrome browsing history
• Call & message logs from Google Services

^{*Includes any website using Google apps or files hosted in Google Hosted Libraries.}

All of this data is collected across platforms and analysed to detect “spam, malware and illegal content”. It is then used to serve highly detailed and personalized adverts. You can see just how long Google keeps all of this information here.

Google also uses this information to develop its translation program and voice recognition software, among other projects.

How to Download Your Google Data

1. Click on your user profile and select ‘Manage Your Google Account’.
2. Select the ‘Data & Personalization’ window on the left.
3. Scroll down to ‘Download or Delete Your Data’.
4. Select ‘Download Your Data’ and follow the instructions.

If it wasn’t already clear, we recommend you avoid Google services as much as possible. This is especially true of the Google Chrome browser.

If you want to use Chrome because of its ease-of-use and speed, then we recommend using it alongside a trusted Chrome VPN at the very least.

2. Microsoft Internet Explorer & Microsoft Edge

Since the advent of Edge, Microsoft has done a good job of modernizing its browser’s performance and user interface. Unfortunately, the same cannot be said for its privacy features and customization options.

Microsoft’s data gathering practices don’t compare to Google’s, but it still isn’t a safe haven for your data.

Edge stores information about your browsing habits in the cloud, as well as other information like passwords and form entries. That said, it also offers simple instructions on how to view and purge this data.

Microsoft Edge also has some integrated DRM (Digital Rights Management) technology, which automatically detects media licences on your device and stops you accessing content if these licenses are absent. This is unnecessary and intrusive from a privacy perspective.

There is also some minimal and ineffective anti-tracking technology in place.

As a company, Microsoft has done very little to earn the trust of its users when it comes to privacy.

3. Safari Browser

Safari offers some protection compared to Chrome and Edge, but it is still not a good choice for privacy.

Safari blocks third party cookies by default and also has some protection against cross-site tracking. While these are both useful tools, they do not make Safari a safe private browser.

There are several reasons why you should not trust Apple with your data. Firstly, Apple is a partner of the NSA’s PRISM program, which means it freely hands information over to government surveillance.

It has also been caught hoarding supposedly “deleted” Safari browsing data and collecting browsing history while users were in private mode.

Apple’s privacy policy states that it gathers the following personal information from its users:

• Name
• Device IDs
• IP address
• Phone number
• Email address
• Mailing address
• Contact preferences
• Location information
• Credit card information
• Social media profile information
• Information about family & friends
• Content shared from Apple products

This information is then used when the company has “assessed it is necessary for the purposes of legitimate interests pursued by Apple”.

The full list of circumstances in which Apple uses your data includes:

• To help create, develop and improve internal products, services, and advertising
• For loss prevention and anti-fraud
• Pre-screening of uploaded files for illegal content
• To assist in age verification
• To contact you about purchases or changes to terms and conditions
• For internal audits, data analysis, and internal research

There are also some genuinely shocking uses:

“If you apply for a position at Apple or we receive your information in connection with a potential role at Apple, we may use your information to evaluate your candidacy and to contact you.”

This suggests that if you work at Apple or plan to work at Apple, it may use your data to surveil your activities.

This is a notable example of how important it is to insist on your privacy — at some point even basic things like your employment may depend on it.

Safari has a reputation for being more private than other browsers, and this isn’t entirely unfounded. Apple guarantees not to share your information with third parties for marketing purposes, which is more than Google does. You can also opt out of Apple’s tracking ads on all of your devices.

This doesn’t mean that third-party trackers can’t collect your data, though. Apple’s dubious internal use of your data and cooperation with the US government alone should be enough to keep you off of their devices and platforms.

If you’re using Safari we strongly recommend you download a more private browser.

4. Opera Browser

Opera is built from a mixture of closed and open-source components. Thanks to some clever marketing as a “VPN Browser”, many people think that Opera is a private browser. This isn’t the case. You can find out exactly why in our detailed guide to Opera VPN’s safety.

Despite claims to the contrary, the Opera browser is actually just a proxy, not a VPN. It was also hacked in 2016 — exposing users’ personal information and passwords. Opera has also had some historical issues with WebRTC leaking IP addresses.

Most importantly, Opera’s privacy policy reveals a complete disregard for genuine privacy and anonymity. The privacy policy states that third parties may process user data, but gives very little information about what data is handed to third parties or how it is processed.

However, it does list the third parties involved:

• Facebook SDK
• AppsFlyer
• DU Ad Platform
• Yandex AppMetrica
• Google AdMob
• MyTarget
• Outbrain
• Google Geolocation API
• Infra
• Leanplum

This list includes several large data companies — namely Google and Facebook — as well as some no-name companies whose websites aren’t even running on HTTPS.

You cannot trust these companies with your data privacy or security. Opera’s reliance on these third-party data processors completely undermines any claims it may have to privacy.

5. UC Browser

Developed by the Alibaba Group, UC Browser is a hugely popular mobile browser in countries like China and Indonesia. It even outperforms Google Chrome in some of these markets — yet it is practically unknown to users in Europe and America.

There is plenty of evidence that UC Browser is not at all secure. While most of the browsers on this list do dubious things with your data or share it with other organizations, UC Browser makes it easy for criminals to get their hands on it.

In June 2020, the Indian government decided to ban UC Browser, claiming that it posed a risk to India’s sovereignty and security. However, reports suggest that the browser is still available to download in the App Store and Google Play Store.

If you have the option, don’t use UC Browser.

If your browser doesn’t include native privacy protections like script blocking or third-party tracker protection, there are lots of free, trusted extensions that can help you achieve a similar goal.

There are some browser extensions you can’t trust. This includes Adblock Plus, which takes money from websites to put them on a whitelist.

All the add-ons we recommend are transparent, community-maintained, or developed by not-for-profit organizations like the Electronic Frontier Foundation.

We always advise using a VPN browser extension to mask your IP address and encrypt your browser-based data transfers.

There is no perfect model for online privacy, so you need to work out the best approach for you.

That said, it’s a good start to consider downloading the following browser extensions for safety:

Extension Name	Function
uBlock Origin	uBlock Origin doesn’t just block ads, it blocks trackers and malware sites as well. It is easily accessible for non-tech savvy users, and makes your browsing experience safer and more private.
HTTPS Everywhere	Maintained as a collaboration between the Tor Project and the Electronic Frontier Foundation (EFF), this extension pushes sites to use HTTPS wherever possible.
Privacy Badger	Another extension developed by EFF, Privacy Badger identifies invisible trackers and blocks them automatically. It’s designed to be as easy as possible for the user, and will block non-consensual trackers without the need for any manual configuration.
Decentraleyes	It’s not unusual for websites to include files hosted by third-party CDNs (Content Delivery Networks). Because websites rely so heavily on these resources, many pages won’t display correctly if they are blocked. Decentraleyes helps you avoid these third-parties while preventing these pages from breaking.
Cookie AutoDelete	This extension will automatically deletes cookies whenever you close a tab.
uMatrix	uMatrix is a firewall that allows you to switch every kind of connection your browser makes on a webpage on or off. This includes Javascript, cookies, and plug-ins.
NoScript	This is a Firefox extension that prevents Javascript, Java, Flash, and other plug-ins from running unless you are on a trusted website. This add-on makes Firefox more private and secure, and is endorsed by the likes of Edward Snowden.
Chameleon	Developed for Firefox, Chameleon is an open-source user-agent spoofer that gives websites and trackers random information to make it harder for them to track you between different websites.
CanvasBlocker	This extension blocks Javascript APIs, one of the many ways websites can identify you through your browser. It’s worth noting that blocking some APIs may make you stand out from the crowd even more than allowing them.
Trace	Trace is designed to fight against a variety of advanced fingerprinting techniques based on audio, WebGL, WebRTC, user-agent tracking, hardware fingerprinting, and much more.

These browser extensions can help protect your privacy if chosen and configured correctly.

However, it’s important to be aware of the following general safety tips:

1. Be careful which extensions you choose. Browser extensions downloaded from an unreputable source or developer can be loaded up with spyware and data collection scripts. Always do your research before downloading a browser extension — particularly a free one — even if they have a high rating. Read our article on how to tell if someone is spying on your phone, if you think you may have downloaded spyware on your device.
2. Don’t overload your browser with extensions (even good ones). The more add-ons or extensions you install, the easier it becomes for third parties to identify you online. This is because of a process called browser fingerprinting, which we cover in more detail in the next chapter. In short, the more customized your browser gets, the more you’ll stand out from everyone else online.

The best compromise is to choose one trusted extension for each element of privacy that is most important to you. This could mean one extension to block adverts, and another to block tracking scripts or CDNs.

Try not to pick extensions with overlapping utilities, and stick to two or three in total.

If you have lots of different privacy priorities, a useful approach may be browser compartmentalization.

Firefox WebRTC leaks

Following recent updates of Firefox, many VPN browser extensions have difficulty preventing WebRTC leaks.

This issue has affected popular VPNs like:

• HideMyAss
• Hotspot Shield
• Private Internet Access
• Tunnelbear
• Windscribe

At the time of writing, the only VPNs we’ve seen without this issue are ExpressVPN and NordVPN. Thankfully, disabling WebRTC in Firefox is quick and easy. Follow these steps to disable WebRTC in Firefox:

1. In the navigation bar at the top of your browser, enter about:config


Firefox warns its users when changing preferences.

2. Click Accept the risk and continue.
3. In the search bar below, enter media.peerconnection.enabled.
4. Set the value to false by double clicking on it.


We disable media peer connections to prevent WebRTC leaks.

Your device provides the websites you visit with detailed information about your operating system, browser, and hardware. Together, this information can be used to create a unique “fingerprint”. The use of this data to identify and track users is known as browser fingerprinting.

Authorities, advertisers, and trackers can use browser fingerprinting or “device fingerprinting” techniques to to trace your activity across the web.

Most of the information included in your browser fingerprint is innocuous. However, when this information is put together it can be used to identify you with worrying precision. Once assembled, your digital fingerprint is consistently accurate.

With recent developments in cross-browser fingerprinting, the technique is now capable of successfully identifying users 99% of the time. That means even if you were to employ multiple privacy precautions — including using a VPN and blocking cookies — trackers can still use your fingerprint to re-identify and re-cookie your device whenever you visit a website.

Audio fingerprinting is another emerging fingerprinting method, which tests the properties of your machine’s audio-stack to provide yet more identifiable information.

Once cross-referenced, all this information can be brought together to form a unique profile of every web user.

You can visit deviceinfo.me for a full rundown of all of the information that websites and the cookies they load can see about you.

How to Prevent Browser Fingerprinting

If you want to be truly anonymous online, you want to look like as many other users as possible.

Websites like AmIUnique or Panopticlick can give you an idea of how unique your fingerprint is.

These services are great for getting an idea of how powerful browser fingerprinting is, but you shouldn’t use them as a definitive answer to whether or not you can be fingerprinted. They will compare your browser to a different, more outdated data sample, and will not always be 100% accurate.

Fortunately, most of the recommended private browsers mentioned in this guide include some degree of protection against browser fingerprinting. These browsers try to make you stand out as little as possible by simply denying trackers the information they desire.

It’s worth remembering that giving trackers no information at all can be even more identifiable than revealing something relatively common. In addition, every extension you install makes you stand out from the crowd a little more, and makes it easier for trackers to identify you.

For this reason, using Safari on an Apple iPhone is actually one of the best ways to beat fingerprinting, as iPhone configurations tend to be very similar. There is a clear trade-off to using an iPhone, though: you’ll be handing Apple your personal data instead.

Using a privacy-focused browser with just a few well chosen add-ons is the best method for minimising the risk of browser fingerprinting without giving up other forms of privacy.

Users undermine their online privacy by repeatedly logging into multiple accounts in the same browser. This allows sites to build up a much more detailed profile of you, and even lets them relate your online browsing habits to your real life identity.

Browser compartmentalization is when you use different web browsers for different kinds of activity online. This allows you to keep different activities separate and customize each browser to different threat models.

An example setup for browser compartmentalization is:

• Browser 1 (e.g. Firefox): logged into your online accounts. Used for accessing anything that needs a password and nothing else.
• Browser 2 (e.g. Firefox Focus): set up do delete all cookies and history after each session. Used for general browsing.
• Browser 3 (e.g. Tor): set up for total privacy and anonymity.

If you want the best possible privacy, consider using different browsers for different activities.