Google updates Chrome's Incognito Mode disclaimer to admit it is tracking users
Google is rolling out a change to the Incognito Mode disclaimer of the company's Chrome web browser. It admits in it that it is tracking users even while the mode is active. The company settled a $5 billion privacy lawsuit over tracking in Incognito Mode in December 2023.
The lawsuit accused Google of tracking Chrome users across Google and non-Google websites while Incognito Mode was active. Google operates some of the world's largest Internet sites, but these pale when it comes to the company's access to data on non-Google properties. Google ads and analytics are widely used on the Internet.
DuckDuckGo estimates that Google has access to 93 sites out of every 100 sites that users visit on the Internet.
Google Chrome Incognito Mode
Google has updated the disclaimer in Google Chrome Canary already. To better understand the difference, here is the current Disclaimer when users launch Incognito Mode.
You may launch Incognito Mode by selecting Menu (three dots) > New incognito window, or through the keyboard shortcut Ctrl-Shift-N on desktop systems.
Here is the relevant part of the old disclaimer: "Now you can browse privately, and other people who use this device won’t see your activity. However, downloads, bookmarks and reading list items will be saved."
Here is a screenshot of the new Incognito Mode disclaimer.
It contains the following text: "Others who use this device won’t see your activity, so you can browse more privately. This won't change how data is collected by websites you visit and the services they use, including Google. Downloads, bookmarks and reading list items will be saved."
Basically, what Google did is clarify what Incognito Mode does and does not do for the privacy of users. Users who use the same browser on the device using the same user account won't see activity that happens in Incognito Mode.
The second sentence of the new disclaimer admits that Google and other websites will still see the activity and may still track users because of that, even while in Incognito Mode. Ads and trackers collect data and communicate with company servers. The data is not blocked by Incognito Mode.
Long-time readers here on this site knew that already. Private browsing modes, including Incognito Mode, are only of use when a single user account is shared across multiple users. Only then can it be used to hide certain activity from other users. A better solution is to create individual user accounts on a device to avoid any privacy issues regarding activity in the first place.
Google is merely adjusting the description to highlight that Incognito Mode does nothing against website tracking.
Chrome users may install content blockers and enable them for use in Incognito Mode to limit this form of tracking. Extensions are only supported on desktop platforms in Chrome, however.
Google launched the first phase to end third-party cookies in Chrome. About 1% of all Chrome installations have third-party cookies disabled by default. The company calls the feature Tracking Protection and users should see a prompt in Chrome when they are selected.
All Chrome users may disable off third-party cookies already. Just load chrome://settings/cookies in the browser's address bar and switch the "Default behavior" setting to "Block third-party cookies" on the page.
The chance to run into compatibility issues is small, but it exists. You may add sites that misbehave to the allow list on the same page.
Now You: do you use Incognito Mode / Private Browsing? (via MSPoweruser)
What a clickbait ignorant article…
The reason they changed it was because some clowns made a lawsuit to get easy money from a big company…
They obviously have to ‘change’ things because if not they might get fined by hunger lawyers, judges, ‘justice’ system and politicians and anyone involved on it.
What they did to Google is pretty much a legal extorsion, nothing more and nothing less, and people who support that only because it is “google” are just braindead.
It is obvious why Incognito mode is for, it is not about websites, only about the data written by the websites or permissions or something, where you can change stuff but it gets removed once you close the window.
That’s all it means, it doesn’t mean somehow it will remove Telemetry from browsers, or the ads will disappear.
This like every lawsuit in history where stupid was rewarded because they obviously probably give money to these judges under the table. Just look at most lawsuits how ridiculous they can be.
People wonder why these packages contain dumb warnings like “batteries are not edible” or “don’t touch this, or you will get electrocuted” etc etc, because some people have done it to get money from lawsuits.
This is no different and people supporting the creation of precedents from these clowns judges and politicians, are giving power to a more terrible monster than Google. You can avoid Google, just don’t use Google and their services (nobody is really doing it) instead of giving more power to government, and a flawed ‘justice’ political system where only a group of people, not you, will get benefit by the billions lawsuit against these companies, especially if we talk about Governments who are the worst when it comes to trying to control everyone and private companies’ lives.
Yawn, fake news / clickbait / it’s my football… Google had it coming. HaHaHa!
Private Browsing / Incognito Modes are primarily for cleaning browser caches rather than for preventing tracking.
I use and recommend FF ESR in permanent private browsing mode with uBlock Origin as a minimum. I also use Cookie Auto-Delete (which deals with a lot more than just cookies, if set accordingly), although it’s now at least partially redundant given FF’s Private Browsing, Total Cookie Protection and FPI (or whatever “site isolation” is called now) being available.
“Settings – privacy and security – always use private browsing” and “settings – privacy and security – strict mode” activate the first two; the 3rd is getting baked in. I don’t use FF containers any more as the benefit they provided is now largely covered by the above.
I also recommend DNS-level filtering from a trusted VPN or DNS provider. For me, that’s Mullvad; you can use their DNS free even if you don’t use the VPN.
I also keep a copy of ungoogled Chromium in Incognito Mode around for the rare sites that don’t play nice with the above.
I hope they receive another massive fine for breaking Adblockers and making Chrome so ugly.
Brave, Firefox, and Tor browsers are all better at privacy than Chrome or Edge. Incognito mode has always been nothing more than the equivalent of cleaning your local browser history.
For what it’s worth, Firefox on Android 14 does not allow messages to be posted on ghacks, for me. I need to use Brave here.
Apparently, the issue with Firefox must have been yesterday only, as my first message, posted on Firefox on Anfroid, showed up after a few minutes. My apologies for the duplicate posts.
Brave, Firefox, and Tor browsers are all better at privacy than Chrome or Edge. Incognito mode has always been nothing more than the equivalent of cleaning your local browser history.
Worth noting, this website is one of those “non-Google properties” mentioned.
I’ve never used Private Browsing.
I exit a site and let the ‘CookieAutodelete’ extension remove cookies, cache, indexeddb, localstorage, pmugin data and service workers. May fine-tune per-site.
I’ve recently added the ‘Temporary Containers’ extension which “easily opens disposable containers that isolate attached data and are deleted after usage: Fully automatic, based on navigation-target, for certain websites, with configured mouse clicks on links or just by using the toolbar icon.” rather than Firefox containers which are deleted only after exiting the browser.
For the very few sites for which I wish to keep data (cookie and/or localStorage) I have dedicated userscripts which insert cookie(s), localStorage on site opening, accordingly, so no need for site-specific ‘Allow cookies’ and default is session only…. though moreover WIPED on site exit. What the heck? All sites nowadays set cookies, even for a simple touch ‘n’ go, they stick a note on your back, ID, time, date …. GOOD LORD!!! I am so fed-up with all this craps.
Private Browsing has always been a misleading terminology and Google took of course full advantage og this misinterpretation. Now they have to be explicit about their vicious tracking policy regarding their ‘Incognito’ mode, at least within Europe. Fot those who care, great, for others won’t change their slavery to trackers.
I’ll be in hell or paradise presumably in-between the day if ever humanity starts to understand what Google is, what all of GAFAM companies are, and behave accordingly. Google perhaps is the worst as it is called as 3rd-party by many, too many sites, for a font, for a script when not deliberately for advertisement, which allows the user be tracked from every site. Alternatives exist, none of GAFAM here and we surf flawlessly.
@TomHawack : I’ve been using Temporary Containers for years and still loving it. However, note that its developer passed away in January 2023 (https://github.com/stoically/temporary-containers/issues/618) so this add-on is no longer maintained. I hope that someone else will eventually adopt it.
I open sites for which I want to keep data in specific “Firefox Multi-Account Containers”, so there is no need for any userscripts. I’ve added those containers in Temporary Containers to Isolation -> Global -> Exclude Permanent Containers.
Anyways, Temporay Conatiners is great – CookieAutodelete is not needed anymore.
@linuxfan, I didn’t know that the developer of the ‘Temporary Containers’ had passed away in January 2023. All comments regarding the perpetuation of his work appear therefor somewhat secondary. May he rest in peace.
Yet, I do hope of course that his achievements and ‘Temporary Containers’ will be maintained, continued by co-workers.
The “Firefox Multi-Account Containers” extension (developed by Mozilla and advised by the developer himself of ‘Temporary Containers’) is indeed a way to go, especially when the user has a substantial number of site data he wishes to keep beyond session ; personally I have very few of such sites so keeping/injecting such data on site opening has my preference. Also, integrates in my policy which is to aim no site data when exiting the browser, but this is very personal, trans-rational so to say, and perhaps quasi paranoid :)
Concerning the ‘CookieAutodelete’ extension, it appears obsolete in regard of ‘Temporary Containers’, I’ve been aware of that since the start, its ‘List of expressions’ is empty here now, yet I’ve kept it because I was unsure that ‘Temporary Containers’ would handle beyond cookies-localStorage-indexedDB, cache, plugin data and service workers as well : if you have confirmation it does then thanks for letting me know :)
“Let’s do it to them before they do it to us” as they would say in a 1980′ US TV series taking place in a New York police department (forgot the name!)
@TomHawack > “I’ve never used Private Browsing.”
According to your explanations, you use a better level up private browsing indeed.
@TomHawack: what is isolated in containers is explained on https://wiki.mozilla.org/Security/Contextual_Identity_Project/Containers#Implementation_Details
In order to know what is covered by „ Any other areas supported by originAttributes“ one has to dig a bit deeper. I must admit that I haven‘t done that yet.
@linuxfan, that clarifies somewhat my doubts, but not fully. Perhaps the “Any other areas supported by originAttributes” remains vague in my understanding and fits with CookieAutodelete’s plugin data and service workers which would fill the gap, at least of my uncertainty.
Separated by containers : Cookies, localStorage, indexedDB, HTTP data cache, Image Cache : OK
Thanks for the link.
They should really just call it “Keep this activity from your spouse” mode since that’s the only person who won’t know exactly where you went.
It’s fun to watch all of the stuff we were warning people about all along, gradually becoming mainstream knowledge.
When it comes to big tech, there isn’t a “No, stop” switch, and if there was, it wouldn’t work.
Well, didnt you just write an article about how Google is removing the option to disable third-party cookies? No point in flicking that switch, since Google WILL track every move people make anyway. Yet another reason to switch browser. To what? To Ungoogled Chromium until it will be destroyed by the new adblock-block virus by Google, then switch to Firefox.
I know so many people who expose their entire lives every day on all types of massive social networks. And then they say without shame that they are “losing privacy” because the cookies and tracking methods of some browser. This is the level, do you know? This is the damn level.
Yes, the “I don’t have anything to hide”-people. Maybe you don’t. Until the day you do, and then you’re screwed. The powers that be hide behind the “pedophiles and terrorists”-agenda, but the individual’s right to privacy is more important than that. Privacy violations are nothing more than harvesting data and selling it, and yeah the find some dad that had a picture of his kid in the bathtub with a rubber duck and bubbles on the kids head and throw him in jail. Then claim their pedo-filters are effective. Besides, isn’t it weird they catch pedophiles and terrorists AFTER their crimes… Same thing with WhatsApp and their ENCRYPTED messages..yeah, read any criminal case and there’s probably a line there that says: police found evidence in the accused individuals WhatsApp conversations. Privacy is a lie, you should fight it any way you can. Ungoogle your life. Unmicrosoft your life. Unmeta your life. There are sane workarounds for everything. Things you think you can’t live without you CAN. How on earth did you survive up until now otherwise? Nobody dies without google maps. Nobody dies without instagram. In fact, instagram is where peoples lives die.
Google and Microsoft, AKA partners in crime