Every day when you browse the internet, you share identifiable information about your device and browser that companies use to target you with advertising and track your activity across the web. In this video interview with Ruihildt from the Mullvad Browser team, we uncover how this tracking technology works and how you can fight back!
You may have noticed that this is a different video to what we usually do, I hope you like this new interview style! We hope to also include others in our future content that we produce here at Privacy Guides.
Thank you to @ruihildt and Mullvad Browser for participating in this interview! Like all Privacy Guides content, the information in this video was independently researched and validated, and this video was not sponsored by any of the projects mentioned.
Can’t wait to hear what you all think of the video!
Excellent video! Very informative and was great to see industry voices explain things too. This video’s production felt better - great to see the improvements!
Are there major examples where the content provider/hoster has relaxed privacy-invasive measures rather than locking content behind accounts/verification/fingerprintable software configurations?
If the primary reason for tracking users is data for targeted advertising/profiling, what avenues do people have to support alternative advertising methods that don’t involve invasive targeting? What promising options are there for alternative funding models for the web? How private are they by comparison?
Unless this is at least combined with good private authentication schemes I can only see use of anti-fingerprinting browsers (Mullvad and Tor Browser) shrinking while people claim that their ‘threat model’ allows for accessing YouTube, Instagram, TikTok and so on. I can only expect more and more human time to be spent looking at https://anubis.techaro.lol/ or other captcha schemes on sites trying to protect themselves from bots and AI-driven scraping.
If the advice to people is using fingerprinting-resistant web browsers, what does a prospective healthy web with billions of people using fingerprinting-resistant browsers look like?
Are there major examples where the content provider/hoster has relaxed privacy-invasive measures
I can speak from my personal perspective here: Rtings.com has moved from using Google Analytics to Plausible a few years ago, which is much more privacy-friendly. We can do that since we don’t rely on Ads to be sustainable. We use affiliate links and paid membership, which brings in the money needed to operate.
If the advice to people is using fingerprinting-resistant web browsers, what does a prospective healthy web with billions of people using fingerprinting-resistant browsers look like?
I wouldn’t trust a website that relies solely on Ads not to rely on trackers though. Targeted Ads make way more revenue that generic ones. That said, the web has survived Ad blockers. I’m sure it can survive private browsers as well. There are other options like good old membership, patreons and straight up donations for website to continue to operate.
That said, Ads can make a lot of money… so any companies operating with investors are bound to be going for the big numbers and use Ads. That’s my rule of thumb at least. If targeted ads become problematic in generating money, they’ll need to find a way. But I don’t think we’ll reach a point where enough of the population will use private browsers that this will be a problem soon for the big websites out there.
Rtings.com has moved from using Google Analytics to Plausible a few years ago, which is much more privacy-friendly.
I don’t really care though, as it still a form of tracking, and Plausible is part of mainstream DNS blacklists for that reason. In fact, I go further and I have my browser set up to automatically block all third party content. That content is almost inevitably malicious, in the sense that it is not there for my benefit. I sometimes have to manually enable CDNs or allow third party content that I actually want (rarely), but I consider the modern Internet in its unfiltered form to be basically unusable in 2025.
You are right, it is still tracking and it is not to your personal benefit. The data gathered let us know which page gets visited more, so we can make better decisions on how we operate.
That said, you are very welcome to browse the website with tracker blocker, private browsers, etc. You’ll still have access to the content. We don’t need to know anything about you personally, we just need the trends.
This is where malicious website will differentiate: They want to target you. If content gets blocked or locked behind accounts when visiting them privately, then you know they are targeting you.
For me, this is the key issue. I can think of many ways the mainstream web may worsen if a minority is using these kinds of web browsers. I can’t think of many ways it will improve.
I really wish there was a knowledge base article about this (I prefer reading over watching). I would love to see Privacy Guides as something like Wikipedia but for privacy. I see good articles on Wikipedia like
but I can’t help but feel that they are missing something (which Privacy Guides could very well provide), which is what should we do with the information, given a particular threat model? Wikipedia feels too descriptive and to-the-point for beginner privacy advocates to learn anything useful. But if Privacy Guides were to make these kinds of articles with the added goal of providing solutions, that would really be informational.
What are the community opinions about the latest news from Windscribe? Can this extension actually do what it says and would it be worth installing and using?
The current PrivacyGuides recommendation is essentially only to use uBlock extension and nothing else. I believe a lot of us would also, at least, have password manager extensions installed as well. There is justified fear of rogue extensions capturing our data or making our browsers unique. As @Carey discussed in one of the more recent podcast episodes, it’s best to think of extensions as essentially apps - avoid as best as you can.
Say, I believe and trust Windscribe with their claims and install this extension, would it not by default make me more unique as I would have my current extensions + 1. What happens if there are bugs in their code etc.?
Essentially, is this extension a useful way to counteract browser fingerprinting and should it be more widely promoted?
I had the same thoughts, but the proactive defense or rather data poisoning measures are intriguing. I do think they will be more relevant in the future and maybe worth discussing. I think what Mullvad Browser or Tor do now is to make everyone the same. They address fingerprinting by trying to blend in. Issue is that ultimately a number of people using Tor or Mullvad browsers is not that large and that, in itself, could be a form of fingerprinting (by correlating other data)
Why spend all the effort trying to blend in and be the same, when the opposite can be as beneficial. Per their article, “Instead of leaving the same digital trail, your fingerprint changes every time you use the browser. Think of it like showing up to the club in a new disguise each night. You are still unique, but no one can link today’s version of you to yesterday’s.”
It’s not something I will install immediately but will keep an eye on it and look at how it works more from a technical perspective.
I recently did a fresh install of iode 6.6 on an XA2 and blocked all access to 3rd party servers only to find that I’m cursed with fire hydrants and motorcycles that need identifying. What’s worse is that some of these Captcha’s are not allowing me in even when my amazing abilities to identify them prove to be correct. TBH I’m all captch’d out at the mo’ but I refuse to capitulate.
I’ve been doing same , as I said earlier I refuse to give in. I have had some success getting around it on my droidian phone but finding it much harder to find a fix on Android.