Skip Navigation
80 comments
  • It's both a generational shift and education issue.

    I grew up remembering the early days of going online. The only pc at home was shared by family, so I knew early on that covering my tracks (erasing browser history) was important. When Chrome came out and incognito mode became a thing, I instinctively knew that it was just a shortcut for a separate browser profile that does not share the main profiles cookies and history, that it didn't store activities on the local device. I knew that internet providers could still know what I acceded, and so on.

    I can't ask for the same kind of awareness for people that grew up with smartphones, proprietary walled gardens and apps with most of the complexities hidden beneath pretty UI.

    It's even worse when it comes to the general population - this isn't the 90s where college students and tech minded people made up the internet users, this isn't the early 2000s where people still had to use a desktop PC to access the web, with its components more or less open to tinker.

    • Tbh, today was the first day I realized that people see privacy mode as something else then "privacy from other users on the same browser". But yeah, makes sense that people who learned about the internet on a smartphone see things differently.

  • Thank you merciful Google immeasurably for agreeing to delete data that you shouldn't have collected anyway!

    • you shouldn't have collected anyway!

      Because it was in incognito mode? That's never how it worked at all.

      Because of moral reasons? Arguable.

  • This result has so many loop holes it's incredible. You can't read a single sentence without exceptions, unknowns or generosity. Horrible, but Google probably can blackmail the world.

  • Anyone have the article? I haven't paid my Guardian, Wired, WSJ, Wikipedia, Politico, and Vox bills this month. I only paid WaPo and NYT.

    • Firefox Mobile, Ublock Origin and Disabled JavaScript yield:

      Bell Cameron and Andrew Couts

      Security

      Apr 1, 2024 5:22 PM

      The Incognito Mode Myth Has Fully Unraveled To settle a years-long lawsuit, Google has agreed to delete “billions of data records” collected from users of “Incognito mode,” illuminating the pitfalls of relying on Chrome to protect your privacy. 'Google Chrome Incognito Mode' is displayed on computer screen Illustration: Yasin Baturhan Ergin/Getty Images

      If you still hold any notion that Google Chrome’s “Incognito mode” is a good way to protect your privacy online, now’s a good time to stop.

      Google has agreed to delete “billions of data records” the company collected while users browsed the web using Incognito mode, according to documents filed in federal court in San Francisco on Monday. The agreement, part of a settlement in a class action lawsuit filed in 2020, caps off years of disclosures about Google’s practices that shed light on how much data the tech giant siphons from its users—even when they’re in private-browsing mode.

      Under the terms of the settlement, Google must further update the Incognito mode “splash page” that appears anytime you open an Incognito mode Chrome window after previously updating it in January. The Incognito splash page will explicitly state that Google collects data from third-party websites “regardless of which browsing or browser mode you use,” and stipulate that “third-party sites and apps that integrate our services may still share information with Google,” among other changes. Details about Google’s private-browsing data collection must also appear in the company’s privacy policy.

      Additionally, some of the data that Google previously collected on Incognito users will be deleted. This includes “private-browsing data” that is “older than nine months” from the date that Google signed the term sheet of the settlement last December, as well as private-browsing data collected throughout December 2023. All told, this amounts to “billions of data records,” according to court documents. Certain documents in the case referring to Google's data collection methods remain sealed, however, making it difficult to assess how thorough the deletion process will be.

      Google spokesperson Jose Castaneda says in a statement that the company “is happy to delete old technical data that was never associated with an individual and was never used for any form of personalization.” Castaneda also noted that the company will now pay “zero” dollars as part of the settlement after earlier facing a $5 billion penalty.

      Other steps Google must take will include continuing to “block third-party cookies within Incognito mode for five years,” partially redacting IP addresses to prevent re-identification of anonymized user data, and removing certain header information that can currently be used to identify users with Incognito mode active.

      The data-deletion portion of the settlement agreement follows preemptive changes to Google’s Incognito mode data collection and the ways it describes what Incognito mode does. For nearly four years, Google has been phasing out third-party cookies, which the company says it plans to completely block by the end of 2024. Google also updated Chrome’s Incognito mode “splash page” in January with weaker language to signify that using Incognito is not “private,” but merely “more private” than not using it.

      The settlement's relief is strictly “injunctive,” meaning its central purpose is to put an end to Google activities that the plaintiffs claim are unlawful. The settlement does not rule out any future claims—The Wall Street Journal reports that the plaintiffs’ attorneys had filed at least 50 such lawsuits in California on Monday—though the plaintiffs note that monetary relief in privacy cases is far more difficult to obtain. The important thing, the plaintiffs’ lawyers argue, is effecting changes at Google now that will provide the greatest, immediate benefit to the largest number of users.

      Critics of Incognito, a staple of the Chrome browser since 2008, say that, at best, the protections it offers fall flat in the face of the sophisticated commercial surveillance bearing down on most users today; at worst, they say, the feature fills people with a false sense of security, helping companies like Google passively monitor millions of users who've been duped into thinking they're browsing alone.

80 comments