Browser choice is one of the first recommendations in any privacy guide, and one of the most poorly explained. The advice to "switch to Firefox" or "use Brave" is usually given without articulating what problem it solves — which makes it impossible to evaluate whether it's the right tool for a specific situation.
There are three largely separate privacy concerns in a browser: tracking protection (blocking pixels, cookies, and scripts that follow you across sites), fingerprinting resistance (preventing identification via your browser's unique configuration), and network privacy (hiding your IP address and browsing patterns from your ISP and network observers). A browser that's excellent at one of these may be mediocre at the others.
The Fingerprinting Problem
Before comparing browsers, it's worth understanding fingerprinting — a tracking technique that doesn't rely on cookies and isn't stopped by most ad blockers. Your browser exposes a combination of attributes to every site you visit: operating system, installed fonts, screen resolution, GPU rendering characteristics, WebGL capabilities, audio processing stack, time zone, and many others. Together, these form a profile that's often unique enough to identify you across sites without any persistent storage.
Most browser hardening measures — disabling JavaScript, blocking specific APIs, installing privacy extensions — make your browser more unique, not less. If you're one of a handful of people running NoScript with a custom user agent on a hardened Firefox profile, your browser stands out more than a stock Chrome installation shared by millions. Effective fingerprinting resistance requires blending in, not stripping down. See our post on how browser fingerprinting works.
Firefox: The Configurable Middle Ground
Firefox is the only major browser engine that isn't Chromium-based, which matters for the long-term health of the web: a monoculture around Blink/V8 gives Google disproportionate influence over web standards. From a privacy standpoint, Firefox's baseline is mediocre — out of the box, it sends telemetry to Mozilla, uses Google as the default search engine, and has weaker fingerprinting protection than specialized alternatives.
The case for Firefox is configurability. With a reasonable hardened profile (Enhanced Tracking Protection set to Strict, telemetry disabled, uBlock Origin installed), Firefox becomes a capable privacy browser that handles everyday browsing well. The uBlock Origin extension is the most effective content blocker available, and its presence on Firefox gives the combination a meaningful advantage over Brave's built-in blocking for users willing to configure it.
Firefox's fingerprinting resistance is improving via Firefox's "Fingerprinting Protection" feature (formerly part of Tor Uplift), which randomizes or normalizes fingerprinting vectors. It's not as comprehensive as Tor Browser's approach, but it covers the most common vectors without the usability cost of Tor's more aggressive measures.
Mozilla's funding model (predominantly from the Google search revenue deal) is a legitimate concern for an organization that positions itself as a privacy defender. The conflict is real but doesn't directly affect the browser's technical privacy properties.
Brave: Strong Defaults, Complicated Business
Brave ships with the most aggressive privacy defaults of any mainstream browser: first-party ad and tracker blocking, fingerprint randomization, HTTPS upgrading, and bounce tracking mitigation. For users who don't want to configure anything, Brave out-of-the-box is genuinely better than stock Firefox.
Brave's fingerprinting resistance uses randomization — it injects slight noise into fingerprinting APIs so each site visit looks slightly different, rather than normalizing everything to a common value. This is a different approach from Tor Browser's normalization strategy. The Brave approach prevents long-term tracking across sites; the Tor approach aims for anonymity within a larger set. For everyday browsing, Brave's approach is practical; for high-stakes anonymity, it's insufficient.
The complications: Brave has its own blockchain-based advertising system (Brave Rewards / BAT) and cryptocurrency wallet built in. These features don't compromise privacy if unused, but they add attack surface and raise questions about the company's priorities. Brave has also had incidents where its autocomplete feature was inserting affiliate referral codes into cryptocurrency exchange URLs — a breach of user trust that was corrected but not a great look for a browser positioning itself on trustworthiness.
Brave is built on Chromium, which means it benefits from Google's security investment in the rendering engine but also inherits Google's influence over browser API design. Manifest V3, which restricts ad blocker capabilities in Chromium-based browsers, is a real long-term concern — Brave has committed to supporting the older MV2 extension APIs longer than Google requires, but the underlying platform dynamic is uncomfortable.
Tor Browser: Maximum Anonymity, Real Cost
Tor Browser routes all traffic through the Tor anonymity network — three hops through volunteer-run relays, with encryption layered at each hop. Your IP address is hidden from websites you visit; your browsing activity is hidden from your ISP. This is qualitatively different from what Firefox or Brave provide: it's network-level anonymity, not just tracking protection.
Tor Browser achieves the strongest fingerprinting resistance available by normalization: every Tor Browser installation presents an identical fingerprint, so all users are indistinguishable from each other. JavaScript is restricted, and the browser resists attempts to extract unique device information. This works because the anonymity set (all Tor Browser users) is large enough that blending in is meaningful.
The costs are real:
- Speed — three-hop routing through volunteer relays is significantly slower than direct connections. Interactive applications and video are often unusable.
- Usability — many sites block Tor exit nodes, either because they're associated with abuse or because the site uses geo-specific content that Tor confounds. CAPTCHA challenges are constant.
- Use case mismatch — Tor Browser's anonymity is best for discrete, sensitive browsing sessions. Using it for everything — logging into accounts, streaming, social media — partially defeats the anonymity it provides.
Tor Browser is not for everyday use. It's for specific contexts where your IP address and browsing patterns need to be hidden: journalists accessing sensitive sources, activists in surveilled environments, or anyone who needs strong anonymity guarantees for a specific session.
Mullvad Browser: Tor's Fingerprinting Without Tor's Network
Mullvad Browser was developed by the Tor Project in collaboration with Mullvad VPN, released in 2023. It applies Tor Browser's fingerprinting normalization approach — aiming for identical fingerprints across all users — without routing through the Tor network. The intended use case is pairing it with a VPN, using the VPN for network anonymity and the browser for fingerprinting resistance.
The result is a browser with no telemetry, no accounts, no sync, and aggressive standardization of fingerprinting vectors — closer to Tor Browser's privacy model than any other option except Tor Browser itself, but usable at normal connection speeds.
The limitations: the anonymity set (people running Mullvad Browser) is much smaller than Tor Browser users or Chrome users, which reduces the effectiveness of the "blend in" approach. The browser intentionally avoids extensions (adding extensions makes your Mullvad Browser install unique), which users accustomed to uBlock Origin find constraining. Built-in content blocking handles the basics but isn't as granular.
Comparison at a Glance
| Browser | Tracker Blocking | Fingerprint Resistance | Network Anonymity | Telemetry | Daily Driver? |
|---|---|---|---|---|---|
| Chrome | ✗ None built-in | ✗ Poor | ✗ None | Extensive | Privacy: No |
| Firefox (hardened) | ✓ Strong (uBO) | ~ Improving | ✗ None | Opt-out | Yes |
| Brave | ✓ Strong default | ✓ Randomization | ✗ None | Opt-out | Yes |
| Tor Browser | ✓ Strong | ✓ Normalization | ✓ Tor network | None | Sensitive sessions |
| Mullvad Browser | ✓ Built-in | ✓ Normalization | ~ Via VPN only | None | Yes (with VPN) |
| Safari | ~ ITP tracking protection | ~ Some protection | ✗ None | Apple telemetry | Apple-only |
What to Actually Use
The pragmatic breakdown:
- If you want a configurable privacy browser for daily use: Firefox with uBlock Origin (strict mode), Enhanced Tracking Protection set to Strict, and telemetry disabled. More effort to set up, higher ceiling.
- If you want strong defaults without configuration: Brave. Block ads and trackers built-in; no extensions required for baseline protection.
- If you need network anonymity for specific sensitive sessions: Tor Browser, not as a daily driver.
- If you're using a VPN and want the strongest fingerprinting resistance while maintaining usability: Mullvad Browser with your VPN active.
No browser choice eliminates the problem of being identified if you're logged into an account. The most sophisticated fingerprinting protection in the world doesn't help if you're logged into Google while browsing. Account login is the most reliable tracking mechanism and it's entirely in your control.
Browser choice is one layer of a privacy stack. It pairs with encrypted DNS to prevent your ISP from seeing query traffic, with a VPN for network-level protection when appropriate, and with good account hygiene — using email aliases and compartmentalizing accounts — to limit what sites can correlate between sessions. A privacy browser running on a system with no other protections does partial work. A complete privacy stack does the rest.