We previously reviewed uBlock Origin, which I recommend installing as a first step in blocking advertisements and protecting your privacy. uBlock Origin is very effective as an ad-blocker, but due to the methods it uses, there are some limits to what it can block.
That’s where Privacy Badger comes in. Privacy Badger is not an ad-blocker – thought it may block ads incidentally. These days, protecting privacy and blocking ads are intertwined, because the main companies tracking your web browsing are advertising companies. If they can’t track you, they can’t target ads based on your interests, even if they still show you ads. That’s good for your ability to focus because the ads you see will be less appealing, and therefore less distracting.
Instead, Privacy Badger’s main purpose (other than putting cute badger on your screen) is to block third party trackers where it can. Why would you want to do this? Well, maybe you didn’t give permission to be tracked. If you did, it was probably one of those consent forms where the Accept option is a big green button, and the Reject option is almost impossible to find. You just wanted to access some information and get that pop-up out of the way.
Mindfulness & Privacy
Why is a privacy add-on of interest to mindful.technology? Mindfulness is about awareness, and unfortunately many people are not aware of how their behaviour is being tracked when they browse the web. Being aware of this, you can make a decision: will you allow yourself to continue to be tracked? Or will you block the trackers and protect your privacy? Many people, including myself, will choose the latter.
Even if you’re not at all concerned about companies collecting information on your web browsing habits, there are performance benefits to blocking trackers. Viewing web pages will require downloading less data, and the pages will load faster.
What is a third party tracker?
Privacy Badger’s purpose is to protect your privacy by blocking third party trackers, from third party domains.
“What’s a third party domain?” you might ask. Well, on the website you are currently reading, the domain (the first page of the web address after https://) is
mindful.technology. So this is known as the “first party”. The “second party” isn’t much talked about, but that’s you, as a visitor to the site.
If some images, advertisements, videos, widgets, or code on the page are loaded from another website, that’s a “third party”. So if an image from “images.example.com” is shown, that’s a third party domain. There are many reasons websites might load from third party domains like this. Some of these are quite reasonable, for example:
- Serving images on a CDN (Content Delivery Network) in order to serve the images faster to visitors.
- To accept online payments – in this case the third party may be a payment provider, or your bank.
- To show a map – it is not just feasible for every website to operate their own mapping service like Google Maps or Open Street Map.
- To serve video, because videos use more resources so it may be better to serve them from a video specialist.
All these things may be hosted on third party domains, but they are not (necessarily) third party trackers.
Often times, third party domains are not integral to the page. They may be invisible, and they are simply used to track you so that they can learn more about your interests in order to show you targeted ads, which are more valuable to advertising companies. In these cases, the website owner has most likely chosen to allow an advertising network to track users, because they are earning from advertising revenue.
But sometimes the website owner isn’t aware that their users are being tracked whilst on their site. Perhaps they installed buttons to allow their page to be shared on a social network, or a widget for leaving comments on the article. Widgets such as these are freely available, but there’s often a hidden cost that the website owner may or may not be aware of. At the same time as offering some useful feature, it is also being used to track visitors and collect data on their browsing habits. Companies are willing to invest money in promoting such widgets because they will earn money by tracking many users. This is unfortunate because there often better, faster alternatives that do not track. But these are not as widely promoted because they are non-commercial and so do not have a budget for promotion.
To summarise, elements of a page from third party domains may be functional, tracking, or both functional and tracking. Conceivably, there could also be elements which are non-functional and non-tracking, but then there’s no reason for them to exist!
How does Privacy Badger work?
Unlike many blockers, Privacy Badger does not use a list of blocked websites. Instead, it uses algorithms to detect and block trackers. The algorithmic details may be complex but the basic principle is not: Privacy Badger observes the third party domains that are loaded as you browse the web, and blocks them if it sees them used on multiple websites.
Privacy Badger doesn’t block a third party domain the first time it sees it, because there’s a good chance that it may be integral to that website and therefore blocking it would break the website. However, if it sees the third party domain used on a number of different websites, then it will block it. Incidentally, that number is 3, “three strikes and it’s out!”
Unlike most other blockers, Privacy Badger does not rely on a blacklist of tracking domains to be blocked. The advantage of this algorithmic approach is that it can discover domains that are not in a blacklist. The disadvantage is that those sites which are known trackers, and thus in a blacklist, will not be immediately blocked. But combined with another blocker that uses blacklists, such as uBlock Origin, you can get the best of both worlds.
What about the third party elements which both provide some functionality and track you at the same time? There is so far no reliable way to detect these using algorithms, so Privacy Badger relies on a “yellow list” instead. This is a list of domains that can be accessed for functional purposes, but won’t be allowed to track you via cookies. So for example, an image from a CDN can be loaded, but the CDN cannot track you.
Is Privacy Badger effective?
For the most part, you can browse the web with the Privacy Badger add-on installed without experiencing any problems. Your browsing experience will be a little faster, although you may not perceive that. Your browsing will be more private: companies might track you on one or two websites, but they won’t be able to build up a complete picture of your browsing habits.
However, on rare occasions you may find that some useful functionality on a website will break. When this happens, you need be aware that Privacy Badger could be the reason for this. You may fix the issue by turning off the Privacy Badger for that site. This is most likely to happen on websites that do something, for example booking a flight (technically speaking, this is because they use APIs on a third-party domain).
Privacy Badger used by itself is not fully effective. I still recommend installing uBlock Origin, because that blocks many trackers without having to learn anything, but it is well complemented by Privacy Badger.
For some privacy enthusiasts, Privacy Badger won’t go far enough. We’ll cover some alternatives to Privacy Badger towards the end of this article.
Controlling Privacy Badger
If you are experiencing a broken website which you feel might have been broken by Privacy Badger, you can either turn off Privacy Badger entirely for a website, or you can tweak the settings.
Whichever approach you choose, the first thing you should do is find the Privacy Badger icon in your browsing window. You may see a number just next to the badger icon, indicating how many third party trackers were blocked. If you do not see a number, then Privacy Badger is not blocking anything and therefore has not blocked the website (unless you disabled this count in the settings).
You can click the icon to see a list of third party domains that are blocked (or not). In fact there are three states:
- Blocked: the slider will be red. The domain will not be used at all. It’s most likely related to advertising and blocking the domain will not affect your experience except in a positive way (you’ll see fewer ads).
- Cookies blocked: the slider will be yellow. The domain will be used, but tracking cookies will be blocked by Privacy Badger. This domain is most likely used for something useful, like serving images or fonts or an API. However, tracking you via cookies is not required and therefore Privacy Badger has blocked cookies.
- Not blocked: the slider will be green. The domain will be used and cookies accepted. This probably happens because Privacy Badger has not see it on many websites yet, or because it’s a domain which does not track you.
You can disable Privacy Badger entirely for a website by clicking “Disable Privacy Badger for this site” (don’t worry, it’s just as easy to enable it again). Then Privacy Badger will not block anything, and you can be certain it will not break the website. Be sure to do the same with any other ad-blocking browser extensions you may have installed such as uBlock Origin.
Alternatively, if you suspect that blocking one particular domain has broken the site, then you can override the blocking level. For example, if the slider shows as red (blocked) you can switch it to yellow (block cookies only), or if necessary to green (not blocked). This approach is preferred if you have the time to experiment, because then Privacy Badger will continue to block any other third party domains which it blocked.
If you find that disabling or overriding the blocking for a website fixes it, you can report this to the Privacy Badger team by clicking “Did Privacy Badger break this site? Let us know!”. Realistically you may not feel you have time for this, but if you operate a website yourself, you should certainly test it with Privacy Badger installed, and report it to the Privacy Badger team if you find it breaks.
Privacy Badger Browser Support
Privacy Badger is supported on Firefox, Chrome and Chromium-based browsers, Opera, and Microsoft Edge (for which support was recently added).
It is not available on Safari, in part because Electronic Frontier Foundation (who develop Privacy Badger) found that the terms and conditional of Apple’s App Store are unreasonable, and they therefore refuse to publish anything via the App Store on principal.
Alternatives to Privacy Badger
One other project worth a mention is Privacy Possum, a direct alternative to Privacy Badger. Privacy Possum was created by a disgruntled ex-member of the Privacy Badger team, who felt Privacy Badger should do more to block advanced tracking techniques such as fingerprinting.
Privacy Possum may be a better option for those who are big privacy enthusiasts. But user reports say that it breaks more sites that Privacy Badger. For that reason, I do not recommend it for a typical web user.
It’s also worth mentioning that not browser extensions can give you complete privacy. For those for whom privacy is vital, for example whistleblowers, it would be better to use the Tor Browser. Tor uses special network protocols to provide the best privacy protection possible when browsing the web. However, it’s not suitable for most everyday users because the browsing experience is slower (especially if loading videos).
For the majority of users, Privacy Badger provides a good balance between privacy and a good web browsing experience. You can also be fairly certain that it will be maintained for the foreseeable future, because it is backed by the Electronic Frontier Foundation.
Privacy Badger is an effective tool for protecting your privacy, making browsing faster, and (incidentally) blocking adverts. I recommend using it (along with uBlock Origin, because that will catch trackers that Privacy Badger will not).
Privacy Badger is free, but if you appreciate it, you can donate to the EFF to support development of Privacy Badger and other projects. It is open source (and free software) so developers are able to contribute improvements.