SAN FRANCISCO, April 17, 2026, 10:38 PDT
Google Chrome is facing renewed privacy questions after a series of reports Friday pointed out the browser still doesn’t have native protections against browser fingerprinting—a tracking tactic that picks up on details like fonts, screen size, and graphics hardware to identify users. According to The Register, which referenced privacy consultant Alexander Hanff, Chrome remains vulnerable to “at least thirty distinct fingerprinting techniques.” The Register
Timing is key here—Chrome commands 66.7% of the global browser market, per Statcounter’s March data. That kind of reach means any privacy gap, no matter how slim, could impact a massive chunk of web traffic.
The squeeze comes on the heels of Google’s decision to walk away from its multi-year push to overhaul tracking in Chrome. The company announced this April it would stick with its current policy on third-party cookie options. Then in October, Anthony Chavez, Google’s vice president for Privacy Sandbox, confirmed several associated technologies are on their way out following what he described as “low levels of adoption.” Privacy Sandbox
This time, the backlash centers on privacy concerns, not the usual browser security. Google continues to tout Chrome as “secure by default,” pointing to features like Safe Browsing, site isolation, and sandboxing that protect users from phishing, malware, and stolen accounts. Still, those tools don’t actually prevent sites from assembling a long-term device fingerprint. Safety Center
Chrome trails a handful of competitors here. By default, Firefox blocks fingerprinting. Edge touts Tracking Prevention, saying it catches and stops trackers using fingerprinting techniques. Brave, for its part, points to “farbling”—tiny, intentional tweaks to signals that frustrate fingerprinting—as a key feature in its baseline defenses. Firefox
The story moved fast, breaking out from security circles in less than 24 hours. Over at Neowin, the spotlight landed on Chrome’s missing privacy feature—a gap not found in Edge, Firefox, or Brave. Forbes and PCWorld, meanwhile, broadened the scope, flagging Chrome as a risk for users wary of background data collection. By Friday, PCWorld was out with a hands-on guide for dialing back telemetry, tweaking ad settings, and managing cookies, making it clear: Chrome’s privacy still leans heavily on what users change, not on the default state.
Back in 2019, Google made a similar argument. Justin Schuh, Chrome engineering director at the time, called fingerprinting a technique that “subverts user choice and is wrong.” He pointed out that users can’t just wipe away a fingerprint the way they do with cookies. Blog
It’s not a single explosive flaw in Chrome, but a scatter of minor exposures that add up. According to The Register, sites can stitch together browser and device characteristics, creating a persistent identifier. Reports surfacing this week point to a mix of signals—canvas rendering, WebGL, audio output, header information—all in play.
Still, anti-fingerprinting tools aren’t without drawbacks. Brave noted its stricter mode occasionally broke websites, and the handful of users who turned it on could actually become more identifiable—a key reason the company moved most protections to its standard mode instead.
Chrome commanded 66.7% of worldwide browsing share in March. So, what started as a spat over fonts and small graphics details now cuts to a much bigger issue: just how much of the web gets to track users automatically.
