Your Privacy: How Popular Browsers Deal With Cookies

Learn how each browser protects your privacy by default, as well as the settings you can change.

Eliza Crawford · July 24, 2019

Web users are becoming more aware of the ways advertisers track them across websites. To combat this surveillance, popular web browsers are introducing options to protect the privacy of their users. 

Google Chrome, Safari, and Firefox have all announced big changes this year that, when fully rolled out, should provide users with increased protection from tracking technologies. Each of the browsers takes a different approach to blocking cookies and protecting your privacy online. 

However, the strongest privacy settings aren’t always turned on. In this article, we’ll look at how each browser protects your privacy by default, as well as the settings you can change.

Browser Block All Cookies Block Third-Party Cookies Advanced Cookie Blocking (More detail below) Block or Allow  Specific Cookies Block Fingerprinting Send Do Not Track Signal
Chrome Available Available Planned Available Planned Available
Firefox Available Available Available. Soon to be default via Enhanced Tracking Protection Possible to allow exceptions Available. Soon to be default Available
Safari Available Available Default Intelligent Tracking Protection Unavailable Default Deemed Unnecessary
Microsoft Edge Available
Available Microsoft is currently testing tracking protection features. Unavailable Not mentioned Available
Brave Available Default Brave Shield lets users block third-party trackers. Possible to block or allow cookies on a site-by-site basis. Default Available
Browser Block All Cookies Block Third-Party Cookies Advanced Cookie Blocking (More detail below)
Chrome Available Available Planned
Firefox Available Available Available. Soon to be default via Enhanced Tracking Protection
Safari Available Available Default Intelligent Tracking Protection
Microsoft Edge Available
Available Microsoft is currently testing tracking protection features.
Brave Available Default Brave Shield lets users block third-party trackers.
Block or Allow  Specific Cookies Block Fingerprinting Send Do Not Track Signal
Available Planned Available
Possible to allow exceptions Available. Soon to be default Available
Unavailable Default Deemed Unnecessary
Unavailable Not mentioned Available
Possible to block or allow cookies on a site-by-site basis. Default Available

Common Cookie Settings

This is a list of common cookie settings. Most popular browsers have some or all of these features.

Block All Cookies

All the browsers on our list provide an option that allows users to stop websites dropping cookies while they browse the website. While this is good from a privacy standpoint, blocking all cookies means some websites won’t work as well as they should. 

This is because websites use cookies for many different purposes. For example, ecommerce sites use first-party cookies to track products the user has placed in their basket as they navigate different pages on a site. Other sites use cookies to allow users to stay logged in. For most users, blocking all cookies is not a practical solution to protect their privacy. 

Block Third-Party Cookies

In order to get around the issues of blocking all cookies, many browsers provide users with the option to block only third-party cookies. These are the cookies often used by advertising technologies to track you as you navigate across websites in order to show you target ads. 

Blocking only third-party cookies should improve privacy while reducing the number of websites that don’t work. 

However, it could still cause issues with some websites that use third-party cookies to provide a service. Additionally, adtech companies are finding ways to utilise first-party cookies for tracking which means blocking third party cookies may not always be enough to keep your browsing to yourself.

Advanced Blocking

This has lead browser developers to come up with more complex solutions than simply blocking all third-party cookies. 

Examples of this include Firefox’s Enhanced Tracking Protection that only blocks third-party cookies that the browser identifies as tracking cookies, and Safari’s Intelligent Tracking Protection that stops cookies from being used in a third-party context.  

Block Fingerprinting

Cookies aren’t the only way websites track users online. Websites can also do so using fingerprinting

Everyone who goes online has a distinct digital fingerprint. This is made up of information including the browser they use, the time zone they are in, the device they use, and their device’s operating system. 

Individually these metrics don’t give away much. However, when combined they create a profile that is incredibly detailed. The Electronic Frontier Foundation says that if a browser is picked at random, it will share a fingerprint with only one in 286,777 other browsers. 

Browsers are beginning to take steps to stop this practice. These include hiding which system information websites can see and stopping the scripts used for fingerprinting from running.

Send a Do Not Track Signal

A do not track signal is when a browser requests the website the user is accessing to not track their activities. 

However, this is just a request. It is up to the individual website whether or not they respect it and reports say many prominent sites do not. Nonetheless, most browsers still include this option. 

Block or Allow Cookies From Specific Sites

Many browsers also provide users with the option to block or allow cookies from specific sites. This can be useful if the user knows there are certain sites they don’t want tracking them or if they choose to block all cookies but don’t mind them from some trusted sites.

Settings Available on Popular Browsers

Chrome 

By default, Chrome is set to allow all cookies. 

Users can adjust the cookie settings by going to “Settings,” searching for “Cookies” and then clicking on “Site Settings,” then “Cookies.”

Here, users can choose to block cookies completely, block third-party cookies, or choose to block or allow only cookies from certain sites.

Users can also choose to keep cookies only until they quit the browser. It’s possible to see a list of all the cookies and site data on a computer and delete either all the cookies or certain cookies. 

Chrome lets users send a do not track signal. You can find this option by opening settings and then searching for “do not track.” 

Changes Incoming

Google recently announced that Chrome will soon get new cookie controls powered by a requirement for developers to specify whether a cookie is used across sites. This will make it easier for Chrome to tell the difference between first-party and third-party cookies.

While we don’t know the exact controls Google will introduce, one thing it should do is make it easier for users to clear third-party cookies that could be used to track them, without clearing useful first-party cookies. 

Google also announced new anti-fingerprinting measures, although it didn’t say exactly how they will work. 

Firefox

Mozilla has recently announced that Firefox’s Enhanced Tracking Protection will be set as default for all users. 

Instead of blocking all third-party cookies, Enhanced Tracking Protection blocks cookies from known third-party trackers based on data from Disconnect, a cookie database. This should reduce the negative effects brought by blanket blocking all third-party cookies.  

Firefox users who haven’t yet received the update but want to use Enhanced Tracking Protection now can still do so manually. You can access the cookie settings by clicking the menu icon in the top right of the screen, clicking “Options,” then clicking the padlock symbol. 

Once here users should select “Custom,” and then choose ‘Third-party trackers” from the drop-down menu next to cookies. In this section, users can also choose to block “All cookies,” “All third-party cookies,” or “Cookies from unvisited websites.” 

Within the custom tab, users can also choose to block Fingerprinters and Cryptominers. Cryptominers use the visitor’s CPU to mine cryptocurrency. Firefox does this by blocking the scripts used to perform these tasks. Mozilla says this will be turned on by default in future versions of Firefox. 

Firefox users can also choose to send a do not track signal, as well as set the browser to delete all cookies when Firefox is closed. 

Safari

Safari’s anti-tracking protection, called Intelligent Tracking Protection, is set as default. The latest version of the protection blocks all cookies from being used in a third-party context. This includes both third-party cookies and when first-party cookies are used as trackers.

Users do have other options which they can access by going to “Preferences” and then clicking “Privacy.” Here, users can choose either the default “Prevent cross-site tracking,” or “Always block cookies.” You can also delete cookies.

Safari has anti-fingerprinting measures set up by default. When a user visits a website, the browser only shows it a simplified version of their system configuration which means the user looks the same to the website as all other users. 

On a related note, Safari recently removed the option for users to send a do not track signal to websites. Apple said this in order to prevent the feature being used as a method of fingerprinting.

Microsoft Edge 

You can access Microsoft’s cookie settings by hitting the menu button in the top right corner, and then clicking “Settings,’ followed by Privacy and security.” 

Here you’ll see the “Cookies” menu where you can choose from the default “Don’t block cookies,” or “Block all Cookies” or “Block only third-party cookies.” Users can also choose to delete all saved cookies or turn on the option to delete cookies whenever they close the browser.

As well as blocking cookies you can also choose to turn on the do not track request. 

Microsoft is currently testing more advanced cookie blocking options in preview versions of Edge browser. Like Firefox’s Enhanced Tracking Protection, these settings will allow users to block some third-party trackers. This should make their browsing more private while reducing the chance of websites malfunctioning.

Brave

Brave blocks third-party trackers and cookies by default, as well as third-party fingerprinting. It’s also possible to set up a “Do Not Track” request.

The most interesting part of Brave’s privacy protection is that it is easy to adjust your privacy settings on a site-by-site basis. This makes it easy to allow cookies if a site doesn’t work properly or if you trust certain publishers.

To change these settings, simply click the Shield button on the right side of the navigation bar. Here you’ll see options to:

  • Block third-party trackers.
  • Choose to block or allow cookies and third-party cookies.
  • Turn off device recognition which can help combat fingerprinting.
  • You can also completely turn off all privacy protection measures.

An interesting feature of Brave is that the number of trackers the browser blocks on each site is clearly displayed next to the navigation bar. This is a good reminder of just how much tracking web users are subject to.