Cookies are dying. Browser fingerprinting is taking their place — and it's harder to block.

The third-party cookie is finally being deprecated. After years of delays, Google began disabling third-party cookies for Chrome users in 2024 as part of the Privacy Sandbox initiative. Safari and Firefox had already blocked them by default. The advertising industry, having known this was coming for years, has been building its replacement. The leading candidate isn't a privacy-preserving alternative. It's fingerprinting — and it's raising serious concerns among privacy researchers and regulators.

What browser fingerprinting is

A browser fingerprint is a probabilistic identifier assembled from dozens of attributes visible to any website you visit, without your consent and without setting any cookie. The attributes include:

• User agent string: browser name, version, operating system
• Screen resolution and color depth
• Timezone and language settings
• Installed fonts: queried via Canvas API text rendering
• WebGL renderer and vendor: the GPU model and driver version
• AudioContext fingerprint: imperceptible audio processing produces device-specific floating-point output due to hardware and driver differences
• Canvas fingerprint: a rendered canvas element, invisible to the user, produces pixel-level output that varies by GPU, OS rendering engine, and driver version
• TCP/IP stack behavior: network fingerprinting based on how the operating system handles packet timing and ordering

The combination of these attributes — even without any single attribute being unique — creates a fingerprint that is unique for a large majority of users. The EFF's Cover Your Tracks project (formerly Panopticlick) has consistently found that over 99% of browsers have unique fingerprints when enough attributes are combined. That number decreases as more users adopt fingerprinting-resistant browsers, but the underlying technique remains effective against the general population.

The canvas and AudioContext combination

The two most reliable fingerprinting vectors exploit the fact that the same mathematical operations produce slightly different floating-point outputs on different hardware combinations. GPU model, driver version, and OS rendering engine all introduce micro-variations in how graphics and audio are computed.

A canvas fingerprint script draws text and shapes to an invisible canvas element, then reads the pixel values via toDataURL(). The pixel values are deterministic for a given device configuration but differ across devices — sometimes at the sub-pixel level, due to differences in how GPU drivers implement anti-aliasing and subpixel rendering.

An AudioContext fingerprint runs an oscillator through a compressor and reads the processed output buffer values. The floating-point rounding behavior varies with the hardware's implementation of IEEE 754 arithmetic. Both of these are side effects of normal browser APIs that exist for legitimate purposes — canvas for graphics rendering, AudioContext for audio processing. There's no permission prompt. Nothing is stored. The extraction happens invisibly during a normal page load.

Why fingerprinting is harder to block than cookies

Cookie blocking is architecturally simple: the browser can refuse to store or send third-party cookies entirely without breaking any web standards. Fingerprinting is different because it exploits the observable side effects of APIs that have legitimate purposes.

If you block canvas readback entirely (toDataURL() returns an empty string), you break legitimate canvas applications — image editors, design tools, graphics-heavy web apps. If you block WebGL, you break 3D applications, browser-based games, and maps. If you silence the AudioContext, you break web-based audio production. The fingerprinting surface is baked into the APIs that make the web functional.

The alternative defense — randomization — adds noise to the values returned by these APIs, so the same device returns different fingerprint values on different sites or sessions. But this creates its own problem: a canvas that renders differently every time is itself a signal. Machine learning-based fingerprinting systems can detect randomization and adjust their models.

What browsers are doing

Firefox: Fingerprinting protection mode (available in Enhanced Tracking Protection Strict mode) randomizes canvas, WebGL, and AudioContext outputs per site and per session. It also limits font enumeration and reduces the precision of certain timing APIs that can be used for timing attacks.

Brave: The most aggressive fingerprinting protection of any major browser. Brave randomizes canvas, WebGL, AudioContext, font list, screen resolution, hardware concurrency, and device memory per site and per session. It also blocks the Battery API entirely and caps JavaScript timer precision to prevent timing-based fingerprinting. Brave's approach is to make every browser instance look statistically similar rather than unique.

Safari: Intelligent Tracking Prevention focuses primarily on cookie-based and URL-based tracking, but also restricts some fingerprinting surfaces. Safari limits font enumeration to a system default set, restricts canvas readback in third-party contexts, and caps certain hardware-identifying APIs.

Chrome: The Privacy Sandbox includes a User-Agent reduction that ships the same truncated user agent string to all Chrome users, removing OS version, Chrome minor version, and hardware-identifying details. The Privacy Sandbox's Protected Audience API and Attribution Reporting API are designed to replace some cookie functionality without cross-site tracking — but critics have documented that Privacy Sandbox APIs themselves can be fingerprinted via their timing and response patterns.

The legal landscape

The GDPR treats fingerprinting as processing of personal data wherever the fingerprint is used to identify or track an individual — which is its only practical purpose in advertising contexts. The European Data Protection Board's guidance is clear: fingerprinting used for advertising requires explicit consent, the same as cookies. The difference is enforcement.

Standard Consent Management Platforms — the cookie consent dialogs you see on every European website — typically don't cover fingerprinting at all. Most ad tech companies have deployed fingerprinting without the explicit consent required by law, on the implicit assumption that regulators cannot detect it. Unlike cookies, which leave traceable artifacts in browser storage and network requests, fingerprinting leaves no stored identifier to audit.

The French data protection authority CNIL fined Google €150 million and Facebook €60 million in 2022 for cookie consent violations. Fingerprinting enforcement at scale has not materialized yet, largely because detection is technically difficult and requires active monitoring of ad tech JavaScript behavior. The UK's ICO and Germany's DSK have published guidance stating that fingerprinting is covered by cookie law requirements, but enforcement resources are limited.

California's CPRA defines a right to opt out of personal information used for advertising. Fingerprinting data falls within the CPRA's definition of personal information. The California Privacy Protection Agency is building enforcement infrastructure, but the technical complexity of detecting fingerprinting deployments across thousands of ad tech vendors is significant.

The arms race dynamic

A 2024 paper by Laperdrix et al., "Browser Fingerprinting: A Modern Survey," documented that machine learning-based fingerprinting systems achieve over 95% accuracy in re-identifying users across sessions even against browsers with active randomization, by correlating multiple attributes whose noise patterns are correlated — canvas noise added to the red channel correlates with noise added to the green channel in predictable ways, for example.

The fundamental asymmetry: fingerprinting defenders need to make every attribute unpredictable independently and uncorrelated with every other attribute, which is computationally expensive and often breaks legitimate functionality. Fingerprinting attackers need only find one stable attribute or correlation pattern. The defender's position is structurally weaker.

What users can do

Practically: Brave offers the strongest fingerprinting protection of any mainstream browser. Firefox in Strict mode is a meaningful step up from Chrome. Using a VPN masks the network fingerprinting component (IP address, TCP/IP stack behavior). Disabling JavaScript entirely blocks canvas and AudioContext fingerprinting but also breaks most of the modern web.

The more important point is that individual technical countermeasures are inherently reactive. The fundamental solution is regulatory enforcement of existing law — the GDPR already prohibits unconsented fingerprinting for advertising; CPRA's text supports the same interpretation. The gap is not legal ambiguity; it's detection capability and enforcement resources. Data protection authorities that invest in ad tech auditing infrastructure — crawling sites, monitoring JavaScript behavior, documenting fingerprinting deployments — could enforce at scale. The question is whether that investment materializes before fingerprinting becomes so deeply embedded in the ad tech stack that remediation is politically infeasible.