How does fingerprinting work?

Let’s get technical for a moment. Fingerprinting takes advantage of a fundamental way that apps and websites talk to our devices.

When you browse the web, your browser automatically gives websites some information about your hardware. That’s partly because a website needs to know things like the resolution of your screen so it can load a page in the correct window size.

Similarly, when you install a mobile app, the operating system shares some information about your hardware with the app. That’s partly because an app needs to know what type of phone you use so it can adapt to the processor speed and screen size.

There are restrictions to the data that apps and websites can get about your device. On iPhones and Android phones, for example, you must give an app permission to gain access to your location data, your camera and microphone. Similarly, many browsers also require your permission before a website can have access to those sensors.

But fingerprinting collects seemingly innocuous characteristics that are generally shared by default to make apps and websites work properly.

With enough information gathered, fingerprinting can be very reliable. In a study last year in France, researchers found that about one-third of digital fingerprints they collected were unique and therefore identifiable. In a 2017 study, researchers at Lehigh University and Washington University tested a fingerprinting method that identified 99 percent of users.

Privacy advocates say fingerprinting is abusive because in contrast to cookies, which people can see and delete, you generally cannot tell it is happening and cannot opt out of it.