Have them visit this site without a VPN.
https://amiunique.org/fingerprint
Then use a VPN and visit it again.
You are trackable regardless of your proxy just by your web browser metadata.
There’s so much more to this. Look into hardware and browser signatures, browser cookies, etc.
The only way you can get your privacy back is to learn how to use the technology that you depend on.
You don’t need Netflix or Spotify if you know how to install a docker container and operate bittorrent. You’re not required a spyware laden OS if you can flash GrapheneOS onto a Pixel and install Linux on your PC. You don’t need to use Discord for voice chat if you can run a Mumble server. You don’t need your ISP’s DNS (which they collect/sell data from) if you can install Pihole and setup DNS over HTTPS .
As others have mentioned there are a spectrum of ways that you are tracked online and offline and you have to be aware of each of them and address them individually. This will require a lot of research and self-education (though the community is, mostly, helpful), it isn’t as simple as using LibreWolf or installing a VPN on your phone.
As to your question. For the average person, a VPN is useful if you’re on a public wifi and want to make sure the other people in the coffee shop can’t see your Facebook posts, or if you want to appear to be in another state/country to access streaming in other areas.
It can help you, to a limited extent but installing a VPN on a carrier-purchased phone that has Facebook, Instagram and Google services is like locking the door after the house has burned down.
It’s a lot of work to take your privacy back. The Faustian bargain that everyone has agreed to is that they give up all of their privacy in order to have easy access to the fruits of technology. Getting your privacy back means giving the convenience back too.
I don’t want to discourage anyone… It isn’t inconvenient forever. Once you learn become comfortable with the technology you can have even better setups than you can buy through any service. For example, my tv/movie streaming still has password sharing, I can even generate a link for a random person that allows them to download the media file (which I only do with non-copyrighted material that I’ve produced myself, of course). Amazon can’t delete the books from my e-reader, my streaming music never plays ads, if I need more cloud storage I don’t need to increase my subscription… I just buy a piece of hardware with storage in it and install it in my home server (which everything connects to via a private VPN) and now I have space forever, with no subscription!
Wow. This text is… really big. I can’t really think of an equally big answer, but I value your efforts. Thanks, friend.
No worries, I’m glad to help folks.
Nope. Most tracking is not happening based on an IP address, which VPN promise to hide. But rather tracking what websites are you visiting (that run a common tracking code and sending those data to google and similat) and yhen linkingball of that to your identity on websites you are logged in…
A VPN alone will not do that. It will make it more difficult, as your location and IP address will be changing, but there are still methods.
Cookies, for one thing, are the main way in which you are tracked. In fact, most cookies exist solely for tracking. The solution: clear your cookies regularly, and use private mode when possible.
Browser fingerprinting can also be used. This method takes into account your user agent, screen resolution, installed extensions, hardware info, and also whether or not you have Do Not Track enabled (this had good intentions, but is counter-productive nowadays and should be disabled), and uses this data to single you out among other users. The solution: use a fingerprinting-resistant browser — such as Mullvad, Tor, Cromite, or Brave — never make your browser fullscreen, and don’t install any extensions that change the behaviour of a website (uBlock Origin and NoScript are exceptions). If you use Tor, do not sign into anything and try to use onion services when possible. If it’s not too inconvenient, also disable JavaScript.
However, you can still be tracked by certain services, regardless of your protections. The solution: Stop using data-hungry services — such as those run by Google, Meta, Microsoft, etc. — and replace them with privacy-respecting alternatives.
Also be mindful of OS-level tracking. In a nutshell, don’t use Windows (Linux ftw) and avoid Android. If you have a compatible device, consider using GrapheneOS or LineageOS. Otherwise, it’s often possible to block OS-level trackers with an ad-blocking DNS, such as NextDNS.
Here are some further resources:
Tor
What do you think VPNs do?
Most tracking happens through cookies and similar technologies. VPNs don’t affect those at all. Private browsing mode does though.
Not really. It’ll hide your IP address, and that’s it. So, if you’re logged in or using a browser that supports cookies (all of them, afaik), they can track you. If you clear your entire cache and get a new IP from your VPN, you’ll look like a similar user, but not necessarily the same.
There are other ways than cookies to track you as well, like etags, favicons, localstorage, and fingerprinting, just to name a few. So essentially, no, a VPN does not, by itself, prevent services from tracking you. It is only one single step in the right direction, but there are so many more you would need to take.
Tor browser?
Yeah, that closes a number of the tracking pathways. It’s configured for a lot of privacy by default. The lack of JavaScript breaks most sites, but if you turn it back on, you can be tracked, so it’s a tradeoff.
I’m not sure what you’d be trying to find to need that level of privacy, but I hope it’s ethical.
