Privacy Badger is a browser extension that prevents advertisers and other third-party trackers from quietly following your online activities. If an advertiser appears to follow you across various sites without permission, Privacy Badger automatically stops that advertiser from showing any additional content in your browser. To the advertiser, it looks as if you vanished.
How is Privacy Badger different from Disconnect, Adblock Plus, Ghostery, and other blocking extensions?
Privacy Badger was developed because there was a need for a single extension that could automatically spot and block any tracker or ad that violated user consent, could operate effectively without user input or configuration, was created by an organization clearly working on behalf of users rather than advertisers, and relied on algorithmic methods to decide what is or is not tracking. While products like Disconnect, Adblock Plus, and Ghostery are appreciated, none of them fully meet these needs. During testing, all of them needed some fine-tuning to stop trackers that did not have user consent. Some also use business models that cause concern. By creating strong algorithmic and policy standards to detect and prevent non-consensual tracking, the hope is to build a codebase that other extensions or major browsers could adopt, allowing people maximum control over who can follow their online activities.
How does Privacy Badger work?
When you load a webpage, it often includes content from multiple sources, for instance, an article from the news site, ads from an advertising company, and a comment system from another provider. Privacy Badger monitors all of this. If it notices the same source tracking your browser across different pages, it tells your browser not to fetch content from that source anymore. When your browser no longer loads items from that source, it cannot track you, and that solves the problem.
On a more technical level, Privacy Badger logs the “third party” domains that add scripts, ads, or images to the sites you visit. It looks for tracking methods like cookies that uniquely identify users, local storage “supercookies,” image pixels that share cookies between first and third parties, and canvas fingerprinting. If it observes one third-party host tracking you on three distinct websites, Privacy Badger will automatically prevent that tracker from displaying content.
Sometimes, a third-party domain is essential for a page’s features, like embedded images, maps, or stylesheets. In these cases, Privacy Badger lets the browser connect to that domain but blocks its tracking cookies and referrers. For those domains, the setting is placed in the middle (cookie block) position.
What is a third party tracker?
When you visit a website, parts of the page may load from different domains and servers, not just the one you intended to visit. This is a core function of how the web works, but it has also become a major privacy concern. Many modern websites include images and scripts that track your activity, often for advertising purposes. These sources are known as third-party trackers. You can learn more about them here.
What do the red, yellow, and green sliders in the Privacy Badger menu mean?
The colors represent different tracking statuses:
Green: This means a third-party domain is present, but it hasn’t been detected tracking you across multiple websites yet. It may not be a concern. When you first install Privacy Badger, all domains will be in this green state, but as you browse, it will start identifying trackers.
Yellow: This indicates that the domain seems to be tracking you, but it’s on Privacy Badger’s cookie-blocking list because it appears necessary for the website to function. Privacy Badger will allow content from this domain but will block third-party cookies and referrer information.
Red: This means content from the third-party tracker has been completely blocked.
Privacy Badger evaluates each third party’s behavior over time and selects the appropriate setting for each one. However, you can adjust these sliders if needed.
Why does Privacy Badger block ads?
Privacy Badger isn’t specifically designed to block ads. Instead, it prevents third-party scripts and images from tracking you, especially if they ignore your Do Not Track request. Most third-party trackers happen to be advertisements, so when an ad is able to track you, Privacy Badger steps in to stop it.
Why doesn't Privacy Badger block all ads?
Privacy Badger is a privacy tool, not a traditional ad blocker. Its goal isn’t to eliminate ads but to prevent tracking without consent, as that violates privacy. The aim is also to encourage advertising companies to respect users’ privacy. If you want to block all ads, you can install a dedicated ad blocker alongside Privacy Badger.
What about tracking by the sites I actively visit, like NYTimes.com or Facebook.com?
Right now, Privacy Badger mainly shields you from tracking by third-party websites. When it comes to protecting your privacy on sites you visit directly, it removes link tracking on Facebook, Google, and Twitter. More first-party privacy protections will be added in the future.
This approach focuses on the most invasive and concerning form of online tracking – tracking done by companies you likely don’t know and have never interacted with. Privacy Badger’s primary goal is to enforce Do Not Track by blocking access to tracking scripts and images from these third parties. Preventing tracking on sites like nytimes.com, facebook.com, or google.com is a more complex issue. In many cases, tracking is tied to the site’s core features, and some users knowingly trade privacy for access to free services like Google’s search engine.
Does Privacy Badger use a blacklist to block sites?
No, unlike tools such as AdBlock Plus, Privacy Badger doesn’t predefine which sites to block. Instead, it identifies and stops behaviors that violate privacy. A domain is only blocked or restricted if Privacy Badger detects that it continues to track users even after receiving a Do Not Track request.
Privacy Badger does have a yellowlist for certain third-party sites that provide essential web functions. These sites are not fully blocked but have their cookies disabled instead. This is a practical compromise, but the goal is to phase out the yellowlist as these third parties commit to respecting Do Not Track.
The guidelines for adding a domain to the yellowlist can be found here.
How was the cookie-blocking yellowlist created?
The initial list was based on research that classified third-party domains as trackers or non-trackers. This list is occasionally updated as needed. If you notice domains being over-blocked or under-blocked, you can report them on GitHub.
Does Privacy Badger prevent fingerprinting?
Browser fingerprinting is a tricky and sophisticated tracking method, which Privacy Badger has studied through the Panopticlick project. Privacy Badger 1.0 detects and blocks third-party domains using canvas-based fingerprinting. Work is ongoing to detect and prevent other types of fingerprinting, including first-party fingerprinting. Any domain fully blocked by Privacy Badger will no longer be able to fingerprint you.
Does Privacy Badger treat all cookies as tracking cookies?
No. Privacy Badger evaluates cookies individually. Cookies with unique tracking IDs are blocked, while basic cookies that serve functional purposes are allowed. For example, a cookie that stores a user’s language preference (e.g., LANG=fr) or one that records minimal ad-related data without tracking browsing habits would be permitted. The system for handling this is still evolving, and contributions to improve it are welcome.
Does Privacy Badger account for a cookie that was used to track me even if I deleted it?
Yes, Privacy Badger tracks cookies that could be used for tracking and keeps a record of where they come from, even if you regularly delete your browser's cookies.
Does Privacy Badger still work if third-party cookies are blocked in the browser?
Yes. Even when your browser blocks third-party cookies, Privacy Badger can still learn from third parties trying to set cookies through HTTP headers. It can also detect other tracking methods like pixel-based cookie sharing and canvas fingerprinting. However, Privacy Badger will no longer detect cookies or local storage data set through JavaScript. So, while it will still function, it may block fewer trackers. Clearing your browsing history or previously set cookies won’t affect Privacy Badger.
Will Privacy Badger be available for other browsers besides Chrome, Firefox, and Opera?
Safari/iOS: After reviewing Apple's developer agreement, the EFF found it unacceptable. Additionally, Safari lacks some extension features that Privacy Badger needs to work properly.
Can I download Privacy Badger outside of the Chrome Web Store?
Yes! If you're using a different Chromium-based browser like Iron, Comodo Dragon, or Maxthon, you can get the latest version.
I run an online advertising or tracking service. How do I prevent Privacy Badger from blocking my content?
The best way is to stop tracking users who have enabled the Do Not Track setting. This means you should stop collecting cookies, supercookies, or fingerprints from them. Doing this will ensure that new installations of Privacy Badger won’t block your content.
If Privacy Badger has already blocked your domain, you can request to be unblocked by committing to respect Do Not Track in a way that aligns with user privacy expectations. To do this, post a compliant Do Not Track policy, replacing "example.com" with all of your DNT-compliant domains. The domain must support HTTPS to prevent interference from network attackers. The ".well-known" path is based on RFC 5785 standards.
Currently, Privacy Badger only recognizes this specific policy format. However, future versions may allow sites to post different compliant DNT policies, and users may be given options to specify acceptable policies themselves.
What license does Privacy Badger use? Where can I find its source code?
Privacy Badger is licensed under GPLv3. You can find its source code on GitHub, and there is also a development mailing list. Privacy Badger follows the EFF's Privacy Policy for Software.
I found a bug! What do I do now?
First, check the current list of reported bugs to see if the issue has already been documented. If you don’t see your bug listed, you can report it here.
If you don’t have a GitHub account, you can create one. If you prefer not to create a GitHub account, you can also report bugs by emailing [email protected].
How can I support Privacy Badger?
Nearly half of the EFF’s funding comes from individual donations, which allows them to develop tools like Privacy Badger with a focus on user privacy. If you’d like to contribute to the project and help improve online security, you can make a donation. If you want to get involved in the project directly, check out Privacy Badger’s CONTRIBUTING document for details on how to help.
How does Privacy Badger handle social media widgets?
Social media buttons (such as Facebook’s Like button, Twitter’s Tweet button, or Google’s +1 button) often track what pages you visit, even if you don’t click them. Social media companies can see where these widgets appear and use them to monitor your activity.
Privacy Badger includes a feature from the ShareMeNot project that replaces these tracking widgets with non-tracking versions. This lets you see and interact with them without being tracked unless you choose to click on them. Privacy Badger currently replaces tracking widgets from AddThis, Facebook, Google, LinkedIn, Pinterest, StumbleUpon, and Twitter. If you’re a developer, the source code for these replacements is available.
Privacy Badger will only replace a social media widget if it detects tracking from it. If you’re still seeing regular social media buttons, it could mean that Privacy Badger hasn’t identified that particular version of the widget as a tracker or that the website is using a custom version.
To help users recognize the replacement widgets, Privacy Badger marks them with its badge next to the button. Clicking on a replacement widget will either take you to the appropriate sharing page (for example, to post a tweet) or enable the real widget (such as the Facebook Like button, which may show your friends’ likes). If the real widget loads, you’ll still need to interact with it to complete actions like liking or sharing a post.
How do I uninstall/remove Privacy Badger?
Firefox: Visit Mozilla Support’s "How to remove extensions and themes" page for instructions.
Chrome: Check the "Install and manage extensions" page in the Chrome Web Store help section for steps on uninstalling extensions.
Opera: Click the menu button in the top left corner of the window, then select "Extensions" followed by "Manage Extensions." Scroll through the list until you find Privacy Badger. Move your mouse over it and click the "X" icon in the top right corner. Confirm the removal by clicking "OK." Once done, you can close the Extensions tab.
Is Privacy Badger compatible with other extensions, including ad blockers?
Yes, Privacy Badger works with other extensions.
Since many extensions rely on predefined lists to block ads and trackers, there will be some overlap. However, Privacy Badger can automatically detect new trackers that list-based blockers might not recognize.
Besides learning on its own, Privacy Badger also offers additional features such as cookie blocking, social media widget replacements, and cleaning tracking links from Facebook, Google, and Twitter.
Notes on specific extensions:
Adblock Plus does not block invisible trackers by default.
uBlock Origin is a strong privacy tool, and it works well alongside Privacy Badger. Like other ad blockers, uBlock Origin relies on blacklists, while Privacy Badger learns from your browsing. This means Privacy Badger may identify some trackers that uBlock Origin does not. When used together, Privacy Badger will discover fewer new trackers, but that’s not a problem.
Is Privacy Badger compatible with Firefox’s built-in content blocking?
Yes, you can use Firefox’s content blocking features along with Privacy Badger.
While Firefox relies on tracker lists, Privacy Badger learns to block trackers as you browse. This means it can identify tracking attempts that list-based tools may not detect.
Why does my browser connect to Fastly.com IP addresses after installing Privacy Badger?
EFF uses Fastly as a content delivery network (CDN) to host its resources. EFF does not store IP addresses or use cookies for these requests.
Mary Watson
