Anonymous Browsing Guide: Silent Online Runnings in 2020
As our world of tech becomes more interconnected, and messier as a result, privacy becomes a bigger concern. With tech titans such as Facebook playing fast and loose with people’s data, the integrity of the companies we trust with our data has to be questioned. That’s even ignoring the obvious privacy issues that come with internet service providers and government spying, too.
In this anonymous browsing guide, we’re going to arm you with the knowledge and tools to protect your personal data from dubious collection practices and shady sales. After taking the steps we suggest, you’ll not only be able to enjoy a more open internet, but also one in which you don’t have to look over your shoulder.
Before diving into the specifics, you need to know this: there is no bulletproof way to be anonymous online. Though we’re here to help protect you from the malicious data collection and exploitation that exists in our online world, the fact that you’re using the internet means that you can’t be safe from everything.
If you want true anonymity, close your browser and throw away your computer.
Though you can’t be safe from everything, you can be safe from most things. True anonymity is a pipe dream, but you can block malicious advertisements, tracking beacons, network snooping and more. The purpose of this guide is damage control.
Why You Should Browse Anonymously
Though it’s easy to chuckle at the ridiculous questions congressmen and women ask tech titans, such as Mark Zuckerberg and Sundar Pichai, they aren’t on Capitol Hill without reason. Most websites, including Facebook and Google, use trackers to log how you interact with them. Those trackers can even follow you across websites.
Companies use the data to better sell advertisement space, get a hold on their demographic or just see what features may be useful on their website. Of course, the collection is usually outlined in the privacy policy and you’re agreeing to the privacy policy by using the service.
It seems wholesome when put in that light. The line between simple audience research and malicious data mining is blurry, though. A viral story on Forbes, for example, shared how Target knew a young girl was pregnant before her father did.
After shopping online and buying certain products from Target, its automated system determined the girl may be pregnant and started sending advertisements to her home, where she lived with her father. Outraged, the father stomped down to Target, claiming its marketing team was encouraging his daughter to get pregnant. It turned out that she already was.
That type of data mining and profile attribution is underscored in the New York Times article “how companies learn your secrets.” Marketers want the dirty details about you and they want to gather them without your knowledge. Privacy policies are hard to decipher, rife with legalese and designed to let organizations build as detailed a marketing profile about you as they want.
That’s a clear violation of privacy, but it’s not as egregious as the tracking the government does. In the U.S., the PRISM project caused a stir back in 2013, but no one has held the U.S. National Security Agency accountable during the six years since. Some European countries have better privacy laws, but many are just as bad if not worse.
Plus, it’s creepy. Even without the world of Philip K. Dick looming above, data collection and tracking is immoral and gross. To make matters worse, even your browser tracks more data than you may think.
How Browsers Track You
Most people are familiar with cookies. On the web, cookies are meant to provide a mechanism for websites to remember information about a user and log their browsing activity. For example, cookies are used to store your email address at login or remember certain attributes about when you last browsed the website.
First-party cookies, which are made and implemented by the website you’re browsing, are exclusive to the party that runs the website. That said, you’ll also find cookies from third parties that track you across multiple pages. Usually, they are injected through ad networks.
For example, let’s say you go to a website that had Google AdSense ads in the sidebar. You then leave that website and go to one that sells audio equipment. That company sells advertisements to Google AdSense, so, for a week afterward, you see a sale from that company before every YouTube video you watch.
In a study by Prince University, researchers found that 482 of the top 50,000 websites recorded every detail about your browsing data. That includes your name, credit card information, address, age and much more. If you want to know the details about what your browser sends, we recommend running a scan with Panopticlick.
Even without giving away personal data, you can be identified through browser fingerprinting. Your browser sends a lot of metadata with each request, including your operating system, browser plugins, screen resolution, language, platform, system fonts, time zone and more. Combined with your IP address, that can be used to determine where and who you are.
We ran a test with all privacy protection turned off for this guide. Panopticlick found that our browser fingerprint was unique among the 154,045 tests ran during the prior 45 days.
Securing Your Browser
The first step toward browsing anonymously is securing your browser. Though doing so won’t protect you from the spying done by the government and your ISP, it can protect you from the malicious data collection by websites around the web.
Block Browser Data
If you want to go easy mode, it’s worth it to ditch your browser and use a secure one, such as Brave. However, Chrome is still the most secure browser out of the big three, and there are tools you can install to help make it even more so.
The first tool is an ad and tracker blocker. You can read our guide to the best pop-up blockers for a full list, but we recommend uBlock Origin. It’s an open source ad blocker that can be found in the Chrome, Firefox, Edge and Opera web stores. Though it does what it does well, uBlock Origin also shows the fewest number of privacy leaks out of top ad blockers.
uBlock Origin isn’t the prettiest or easiest ad blocker to use, though. If you’re looking for more options, read our piece on 99 free tools to protect your privacy.
There are a few other extensions you can install besides an ad blocker. For example, Privacy Badger is a tool for blocking invisible trackers across websites. It was developed by the Electronic Frontier Foundation — the creator of Panopticlick — and sends a Do Not Track signal whenever a cookie attempts to track you.
EFF also provides HTTPS Everywhere, which forces websites to load encrypted pages. Many websites default to unencrypted HTTP pages or redirect requests to unsecure domains. HTTPS Everywhere changes the requests you’re sending to only load encrypted webpages.
There are a lot of privacy extensions, but most boil down to ad and tracker blocking. Experiment with different ones if you want and double-check if they’re working with Panopticlick. If you don’t want to go through the hassle, our recommendations should serve you well.
Hide Your Kids, Hide Your Passwords
Browsers have become more sophisticated as the number of accounts users stored with them has increased. That said, your browser’s built-in password manager is the worst thing you could be using. Though Safari’s integration with iCloud Keychain is better than Chrome’s password storage, a dedicated password manager is better than both.
Password managers let you store, organize and fill your passwords online. They provide convenient access to your account credentials and help you stay more secure online by avoiding cybercrime. Because you have a dedicated spot to store your passwords, you can use long, unique combinations for your accounts, making it much harder for a hacker to access them.
The best password managers store your information in encrypted form, too, so it’s next to impossible for a hacker to break in. Our top choice is Dashlane for its ease of use, superior password security and slew of features. You can learn more about it in our Dashlane review.
If you don’t have the money, LastPass is the best free password manager. It comes close to Dashlane — you can see how close in our Dashlane vs. LastPass comparison — but, as you can read in our LastPass review, there are security breaches on record.
Erase Your Search History
There are many reasons to delete your search history — we can think of at least one — but it’s an annoyance and can easily fall into the category of things you wish you did but never kept up with. Instead of doing it manually, the better option is to use a search engine that doesn’t keep your history in the first place.
Search engines are among the most data-hungry services on the web, with Google being a particularly terrible offender. Privacy-focused search engines usually use Google, Yahoo and Bing to combine results and display them for you. Because nothing is gathered about you, the results aren’t personalized, either.
Perhaps the most famous privacy-focused search engine is DuckDuckGo. In addition to providing its services for free, DuckDuckGo is a strong defender of privacy and has donated over $1 million to various privacy organizations over its 11 years in business. You can make it the default search option in Safari and Firefox, but, unsurprisingly, Google has not integrated it.
Securing Your Social Media
If you want to be anonymous, you shouldn’t have social media. If you run a business or want to connect with friends and family, it’s a necessary evil, though. Most of the steps for securing social media are the same as securing your browser, so make sure you start there.
If you’re using a tracker-blocking plugin, you should be covered on social media. That said, those blockers don’t protect information you willingly give away. Using social media doesn’t mean everything on your account needs to be accurate. Phony security answers, birth dates and addresses are good ways to throw a wrench in the data collection machine.
There’s a unique aspect to social media, though: external links. There’s a ton of — wave your hands with us — fake news on social media. Though the Zuckerbergs of the world are cracking down on it, you’ll still have to use your judgment to separate what’s real and what isn’t.
Thankfully, there are tools that can help you do that. Windscribe, which is the best free VPN, includes a tool that allows you to check links before clicking them. It will show you information like the number of ads and trackers on the page, and give you an overall score for privacy. You can learn more about that in our Windscribe review.
Securing Your Internet Connection
Now that your browser and social media are locked down, it’s time to secure the source. No amount of browser extensions and tracker-blocking can protect the data that flows through your ISP and, with internet providers selling user browsing history, that’s a scary thought.
Many people think using a proxy is the best way to secure your connection, usually because free ones are available. As explained in our VPN vs. proxy vs. Tor guide, proxies are best when used for low-risk web tasks where you want to mask your IP address. They’re a bad option, though, because they don’t provide encryption and can come with unintended consequences.
It’s a better idea to use a virtual private network. A VPN secures your internet connection by encrypting the data you send and anonymizing it before moving the request to your ISP and the larger web. VPN security is a complex topic, but for the purposes of this guide, it’s the best way to secure your internet connection.
The best VPN providers offer top-notch AES 256-bit encryption and strict no-logging policies. In short, instead of routing requests to your ISP’s DNS servers, the requests are sent to the VPN provider for routing. Since no logs are kept there, you essentially become invisible when using the internet.
Unfortunately, it’s not as simple as choosing a VPN that claims it keeps “no logs.” Providers such as HideMyAss and IPVanish claimed not to, then were found to be lying in court. You can learn about those incidents in our HideMyAss review and IPVanish review.
The providers we rank highly have proven that they don’t keep logs, though. Our top pick is ExpressVPN for its ease of use, security and strong stance on privacy. You can learn more about it in our ExpressVPN review.
Final Thoughts
Though using the internet is going to compromise your anonymity, you can take steps to secure most of your personal data. The most offensive practices are cross-website tracking and data collection by ISPs and government agencies. Thankfully, you can fight against both.
Ad and tracker blockers will take you some of the way, but a VPN is an essential tool for online privacy. It protects everything at the source, so you won’t have to worry about requests slipping through the cracks and exposing your identity.
What steps are you taking to protect your browsing? Let us know in the comments below and, as always, thanks for reading.
Jacob Roach is a Midwesterner with a love for technology, an odd combination given his corn field-ridden setting. After finishing a degree in English at Southern New Hampshire University, Jacob settled back under the Arch in his hometown of St. Louis, MO, where he now writes about anything tech. His main interests are web technologies and online privacy, though he dips his toes in photography and the occasional card game as well. You can reach him at jacob[at]commquer.com.