Fingerprinting (browser fingerprinting)

Definition

Fingerprinting (or browser fingerprinting) is a user identification technique that does not rely on cookies. It involves collecting a set of technical characteristics from the browser and device (screen resolution, installed fonts, plugins, timezone, language, user agent, WebGL renderer) to create a unique or near-unique fingerprint that allows the visitor to be recognized.

How it works

Every browser exposes dozens of technical parameters through JavaScript and HTTP headers. Combined, these parameters form a fingerprint distinctive enough to identify a browser among millions. Open-source libraries like FingerprintJS automate this collection and compute a stable identifier.

Regulatory position

GDPR and the CNIL consider fingerprinting to be personal data processing that requires consent. The ePrivacy directive is clear: any operation that reads from or writes to the user’s device (including passive reading of browser characteristics for identification purposes) requires prior consent. In practice, fingerprinting for advertising tracking purposes is illegal without consent in Europe.

In practice

Google confirmed in December 2024 that it would allow fingerprinting in its advertising products starting February 2025, triggering pushback from the UK’s ICO. This technique remains controversial and its regulatory future is uncertain. Prefer compliant alternatives such as Consent Mode and Enhanced Conversions.

Have an analytics project?

Let's discuss your tracking, measurement and data needs. Free initial consultation, no commitment.

Book a call