Vivaldi to stop using unique user IDs in upcoming versions of the browser
Vivaldi's Julien Picalausa revealed in a new post on the official Vivaldi Blog that the company will stop using unique user IDs in upcoming versions of the web browser.
The company uses the unique user ID for user counting; the use if unique IDs, regardless of the purpose of using it, is always met by privacy concerns. The main reason for that is that unique IDs may be used to create user profiles, track users, or identify users especially if other data is available.
Companies like Vivaldi rely on data for a variety of reasons: from prioritizing development to better understanding the user base. Vivaldi is open about its business model and accurate user numbers help with the company's main monetization model partner deals.
Tip: check out our review of the Vivaldi browser here.
Vivaldi has been aware of user concerns in regards to the use of a unique ID to count users and started to work on an alternative user counting function several months ago which it plans to use in desktop versions of the Vivaldi browser and the upcoming Android version.
The process to migrate away from using the unique ID begins with the release of the next stable version of the web browser, Vivaldi 2.7. Vivaldi Technologies won't remove the unique ID in that build as it still needs it to verify that the new implementation is as accurate as the old.
Vivaldi 2.7 introduces the new counting method that does not use a unique ID. The company plans to remove the old user counting request from the browser "a few versions later" and remove the unique ID entirely "even later". Vivaldi notes that the browser will continue to generate a unique ID but that it will be used locally only to count on computers with several installations. The company plans to release the source code of the new method.
The new user counting method in a nutshell
Vivaldi plans to use the following method instead to count users:
- Send a request once per day to the server to count user numbers for 24 hour periods.
- Send requests once per week or month to get weekly or monthly numbers.
The Vivaldi browser will send additional information that Vivaldi requires next to that:
- When new users run the browser for the first time to get new user numbers.
- The number of days in which Vivaldi was prevented from reporting (e.g. not run) to get a better picture of returning users.
- The CPU architecture and screen resolution.
Closing Words
It will take months before Vivaldi will stop submitting the unique ID to company servers. Vivaldi 2.7 will be out soon but the ID won't be removed until a "couple of releases later". New releases need between one and two months of development time suggesting that the change might make it in a Vivaldi version released at the end of the year or beginning of next year.
Now You: What is your (general) take on the use of unique user IDs? (via Techdows)
Martin, further to @Klaas Vass’s post, could you please update us on the current situation with Vivaldi’s Unique IDs?
It’s now been another two years since @Klaas Vass’s post, and I still don’t know what the situation is.
If I don’t know, I will have to change to Firefox, but I like Vivaldi’s configurability very much.
Martin, it might be worth updating this article. Vivaldi are still using the unique ID, as per their own privacy policy page. And since we are now more than 2 years further from when you wrote the article, it seems they won’t stop using the unique ID
Vivaldi does’nt only have a user id file, it also has a user ID built into its installation. Take a look in your Registry…absolutely locked-in User Indentification. So everytime you open the browser, you can be identified anywhere on the net.
I considered using Brave in place of Vivaldi. But few annoying things about Brave:
1. No offline installer (have to go to their github releases page)
2. No vertical tabs bar!
I don’t understand why browser developersd refuse to include a vertical tab bar as standard feature. It makes perfect sense to considering almost everyone use wide screen monitors.
I used to like Vivaldi as a my go to browsing. Now I’m switching to Brave and looking at Yandex on my initial test on my resurrected laptop. Testing Linux Lite OS on after updating the blasted thing and several other tests.
Barry
Can the usercounting be disabled in vivaldi? That would be worth an article.
+1
What other browsers use an unique ID for their telemetry ? Or the cross-applications unique advertising ID provided by the Microsoft, Google or Apple operating system ? I know that the mobile Firefox’s privacy policy says they send the Google advertising ID, I don’t know about the others.
https://www.mozilla.org/en-US/privacy/firefox/#referraltracking
In Firefox you can disable the ID sending by simply telemetry disabling.
Can telemetry be disabled in Vivaldi ? Is it only counting users or is it as extensive as in Firefox, sending data about every user action ?
BTW telemetry can’t be fully disabled in Firefox. For example they made telemetry on the number of users who were not using telemetry.
It can be fully disabled but not with GUI but with about:config page and some text file configurations. To disable ID sending you no need these text configurations, it’s enough to use GUI telemetry disabling.
> It can be fully disabled but not with GUI but with about:config page and some text file configurations.
If you need to follow technical news closely and reactively to know what new about:config options you must change to fully disable telemetry because they added a new component that’s enabled by default even if you already opted out of what’s called “telemetry” in the GUI, I’m inclined to say that it can’t reasonably be fully disabled. And even if you do that, I doubt that it’s fully disabled anyway. They have proved enough that they can’t be trusted with this.
Supercookies. I stopped using Vivaldi because of the user ID and the installation of so called supercookies. Privacy cleaner always found them on my machine. Firefox, by the way does the same.
This website as an example is also using user ids to list its authors and commenters.
Even though this is a handy feature to have as a website owner, are these ever used to list the exact amount of people here?
No. It’s the amount of unique IP addresses used by people commenting. Or the amount of different email addresses. Or, at other websites, the amount of unique telephone numbers, bank details, etc.
Almost every website is using Google Analytics to manage some of these results. It’s also using user ids. Do they ever use these?
Why even bother when they can track which websites have been visited previous, or which websites have been visited per IP address.
Now think about your internet service provider. Or your bank able to list where you’ve been shopping. Or when many companies are sharing these results together.
Short version of this ramble. Try to compartmentalize your behavior on the internet and everywhere else.
But also try to blend in to not attract. Don’t be the single person in the street primarily using a VPN, etc.
Also, report but don’t listen to mayor companies talking privacy. As it’s as said handy, but mostly a sales pitch.
Martin, please post Yandex Browser again so everybody knows that it is the only Chromium browser that is with DNS-over-HTTPS feature.
DNS-over-HTTPS feature that controlled by Yandex. And Yandex is the biggest russian search engine plus many other services like online market, taxi, email. It’s like Baidu in China. Yandex has a reputation as a main IT partner of Federal Security Service of the Russian Federation (FSB). If you use Yandex then by sure that all your statistic will be send and proceed by Russian government. And unlike Google, Yandex has no any control by a society or human rights organizations.
@notAUser: Excellent points well-said–thank you!
Let’s be honest, and resist the urge to false equivalencies: big Yandex in the Russian dictatorship, like big Baidu in the Chinese dictatorship, have ZERO accountability. They are locked in and utterly beholden to the very darkest parts of where they come from. Google and Microsoft–whom I dislike in the extreme and avoid at every turn–have at least SOME accountability.
But these false equivalencies bringing in Google and Microsoft are irrelevant to the original point about Yandex, and actually, funnily enough, are themselves a perfect example of Russian “whataboutism.†If you cannot see the logical problems with that form of “argumentation†then I do understand, and it’s best to stop here. I do however always heartily and sincerely encourage a rigorous course in informal logic to all–it helps enormously in seeing through the copious specious statements of politicians and online posters alike, and sophists of all stripes… :)
Once again, what accountability ? Zero arguments as to why Google is anything more humanist than Yandex except the fallacious “USA leader of the free world has the right to fuck you vs Russia and China dictatorships”.
But surely lots of words like “false equivalencies”, “whataboutism”, “logical problems”, “specious statement”, “sophists” to back that single shitty argument. And of course, enemies of Google or USA government’s oppression are Russians.
Hint: every time you see “whataboutism” initially in a post these times, suspect the worst from the poster.
How is that any different compared to firefox/google sending all your DNS to USA?
Same shit different package.
DNS tunneling only makes sense in case you can tunnel to an actually trusted server (like CCC DNS).
Large corporations from any country are not trustable as their home governments have already declared themselves as owners of all data under corporate control.
This is why German data protection authorities don’t consider office 365 and win10 as illegal choice for those handling private data.
I wouldn’t say either that society has control over Google. First it’s a private company, not a public service under democratic control. Second, Google and companies with similar interests are a powerful enough lobbying force to make laws, judges decisions and press coverages be just what they need them to be. Third, if they break privacy laws anyway like the EU GDPR, they can get away with it. Fourth, they are an invaluable tool for the police mass surveillance machine, making them even more untouchable. Fifth, they’re almost monopolistic so it’s hard to escape their rule by just using something else.
Google is approved by human rights organizations ? Please expose the name of those for public shaming then.
Google, Microsoft and other are always criticised by EFF, these companies confess that they listen users’ voices, they pay fines and other. Yandex does nothing, no body care what Yandex collects and what it does with user data.
> Google, Microsoft and other are always criticised by EFF, these companies confess that they listen users’ voices they pay fines and other. Yandex does nothing, no body care what Yandex collects and what it does with user data.
Google and others are criticized a lot but they only become worse with time, they don’t listen to us or rights organizations. They get negligible fines for privacy violations, more serious ones for monopolistic behavior occasionally, granted, but it’s still merely tickling the behemoths.
it’s ok, but for basic user, i care more about the speed of browser and other practical features, like a better adress bar like other chromium browsers.
I believe the next stable (2.7) version of Vivaldi will include improvements to the address bar. I agree that improving the address bar has been a long-standing issue for Vivaldi and I am glad they are finally doing something about it.
Too late! I stopped using Vivaldi months and months ago, long before they’ll stop using this privacy-busting “unique user ID†garbage. Switched to Brave as the only Chromium-based browser on my system, as a backup browser, and for me anyway, Brave beats Vivaldi resoundingly at every turn. I don’t miss Vivaldi one whit– not the privacy risks, the clunky interface, the lack of basic functionalities along with the concurrent strange “features†which seemed to make it in to nearly every release. (“Philips Hue Theme Integration†anyone?)
P.S. “Now You: What is your (general) take on the use of unique user IDs?â€
Deeply offensive and positively repugnant; absolutely unacceptable, especially for a browser.
Brave was interesting, but I uninstalled it as it phones home constantly to update (like Chrome). There was no way to turn it off. There are discussions on this on their forum. They refused to give the user an option to control this behavior. Vivaldi at least lets you turn off the “check for update” thing. Hopefully with Vivaldi’s changes the user will still be in control of that behavior.
Not sure why a browser checking for updates causes you to uninstall it (?). Every browser requires updating, and I generally want mine to be updated as soon as vulnerabilities are made public and thus exploitable. I’ve no idea how often Brave checks for updates–from what I can see it’s once a day, not “constantly‖but the more frequently the better. I want my browser patched against the latest vulnerabilities.
Software should always give to the users the option not to update and not to connect to the mothership.
Vivaldi there unique user ID is the main reason why I never consider there browser as the valid replacement for the Google Chrome browser, who I am still being busy with ditching.
This because I never was pleased with Google but the upcoming changes ( Think ad block controversy, still not enough action on deceptive add-on in side even, privacy concerns, the list goes on and one) have pushed me off the with cliff”s of Dover.
Still any browser will be playing a second Fidel next to main Mozilla Firefox.
I am using Brave besides FF. It is quiety nice and has a built-in ad block and other bells and whistles.