Tracking You Can't Escape: Google's Latest Privacy Shift

Fingerprints over cookies

The headlines keep haunting me:

- “Profit over privacy? Google gives advertisers more personal info in major ‘fingerprinting’ U-turn” - source
- “Google is giving away even more personal data in exchange for profits” - source
- “Critics say new Google rules put profits over privacy” - source

Clearly there is major privacy news the past couple days, and I would be remiss not to understand it a bit. Generally, I take the “Google is evil” headlines with a grain of salt, since I think at this point, it’s pretty widely known that you are basically trading your digital footprint for free online services, like photos, mail, and drive. But this felt different. The consistent references to not being able to opt out of whatever the heck Google is doing now is what made me give this a second glance. Allow me to explain:

What is device fingerprinting?

Think of device fingerprinting like a digital version of your actual fingerprint. Just as your finger leaves behind unique marks that can identify you, your devices leave behind unique digital traces when you browse the internet. These traces include things like what type of device you're using, your screen size, your computer’s battery level, what fonts you have installed, and even how your device processes certain graphics. When websites collect all these little details together, they create a special "fingerprint" that can recognize your device even if you're trying to stay anonymous.

Device fingerprinting collects data through web scripts that gather info your device shares automatically - like your browser type, screen size, installed fonts, how your device processes graphics and audio, and your system settings. While each piece of info is not all that telling on its own, the combination creates a unique "fingerprint" that can identify your device.

Google: changing its stance on fingerprinting

As of February 15, 2025, Google said that it will begin using device fingerprinting. This is a U-turn from their stance in 2019, when they said:

Unlike cookies, users cannot clear their fingerprint, and therefore cannot control how their information is collected. We think this subverts user choice and is wrong.

The big deal about fingerprinting? There is no opt put. You know that often very annoying cookie pop-up that every website shows you? That is offering you a choice about whether you want those cookies to live in your browser. And at least you can view the cookies, and manually delete them if you want to. Fingerprinting? It’s just done. No explicit opt in, no explicit opt out. Google has the composition of your device fingerprint, and it will do with that as it pleases (read: sell it to advertisers).

Example of a cookie consent. At least you have the option to “Reject All” or “Customize”. Fingerprinting has no such choice.

What can be done?

Google will be fingerprinting when you are consuming their services - so, the more you can divest from Google, the less information you will be giving them. This is true of their services even if they weren’t fingerprinting - it’s just that now, they will be collecting additional information. Let’s not let good be the enemy of perfect. This isn’t an “all or nothing” type of scenario where you either have to completely cut Google related products out of your digital life, or hand it all over. A few simple actions you can take:

1. Switch browsers. Chrome is Google’s worst offender when it comes to collecting data about you. Fingerprinting will only add to that. Better choices? Firefox and Arc.

2. Opt out of the ecosystem. If you’re going to use Google products, fine. I use them myself. But the more you can water down the data they have about you, the better. For example, if you use a Chromecast, Pixel, Chromebook, and Chrome…you will give Google way more information than someone who uses Arc, a Macbook, and an iPhone.

3. Use Private Browsing / Incognito Mode. It’s not a perfect solution, but it’s better than nothing. Using private browsing modes on your browser blocks some of the fingerprinting data from reaching our big tech overlords.

Conclusion

Google using device fingerprinting and selling that to advertisers is crappy, no doubt, but I’m not surprised. Device fingerprints can be a helpful tool against fraud, so it’s not all bad. But Google capturing your device fingerprint data is another example of, “when you aren’t paying for the product, you ARE the product.” As long as we go into this with eyes wide open and understand the truth, it is up to every individual on how they want to handle their relationship with Google and its products. As for me, I will continue to use non-Chrome browsers, never purchase a Pixel (even though the camera is amazing), and be aware of the tradeoffs when using Google’s suite of products.

I’d love to hear if the latest Google U-turn on device fingerprinting has changed anything for you. Leave a comment and let me know!