Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
You open a private browsing window and something shifts in your mental model of the situation.
Maybe you’re shopping for a gift and don’t want it showing up in your browsing history. Maybe you’re researching something sensitive. Maybe you just feel like what you’re doing is more private, more contained, less traceable. The darker browser window, the little hat-and-glasses icon, the word “incognito” itself — all of it communicates a sense of invisibility that feels reassuring.
Here’s the problem: that reassurance is largely false.
Incognito mode — called Private Browsing in Safari and Firefox, InPrivate in Microsoft Edge — does something useful. It does not do what most people think it does. And the gap between what people believe it provides and what it actually provides is wide enough that people regularly make decisions based on a protection that doesn’t exist.
A 2018 study by researchers at the University of Chicago and Leibniz University Hannover found that a significant majority of users held fundamental misconceptions about what private browsing actually protects. They believed it hid their activity from their internet service provider, from websites they visited, and from Google. None of those beliefs are accurate.
More recently, Google settled a $5 billion class action lawsuit in 2024 related to tracking users in Chrome’s Incognito mode — a case that brought mainstream attention to the gap between what private browsing implies and what it actually delivers.
This article closes that gap. What incognito mode actually does. What it categorically doesn’t do. Who can still see your activity and how. What you actually need if you want meaningful privacy online. And the specific situations where incognito is genuinely the right tool.
What Incognito Mode Actually Does
Start with what it does do, because it’s not nothing — it’s just significantly less than most people assume.
It Doesn’t Save Your Browsing History Locally
When you close an incognito window, your browser deletes the record of what websites you visited during that session. Someone who picks up your device and opens your browser history won’t find those pages.
This is the core function incognito was designed for. It’s a local privacy tool — protecting your activity from other people who have physical access to the same device.
If you’re shopping for a surprise gift on a shared family computer, incognito accomplishes exactly what you need. If you’re researching something you’d rather not appear in your browser history, it works for that. If you lend your laptop to a friend and don’t want your recent activity visible, incognito delivers.
It Doesn’t Save Cookies After the Session Ends
Cookies are small files websites store on your device to remember you — your login status, shopping cart contents, preferences, and importantly, tracking data that follows you across the web.
In incognito mode, cookies created during the session are deleted when you close the window. This means you start each incognito session without existing cookies from previous sessions — logged out of accounts, with a fresh tracking slate.
This has a practical benefit: websites and advertisers can’t use cookies from your regular browsing session to identify you in incognito. You appear, to a degree, as a fresh visitor.
The limitation: cookies work within the session. If you log into a website in incognito mode, that website can still track your activity during that session. And closing the window deletes the cookies, but that doesn’t mean the website deleted its server-side record of your visit.
It Doesn’t Save Form Data and Passwords
Information you type into forms — search terms, addresses, names — and passwords you enter aren’t saved by the browser in incognito mode. Your browser won’t autofill from incognito sessions or remember what you typed.
It Gives You a Separation from Your Regular Session
Running an incognito window alongside your regular browser creates a separate session. This is useful for logging into a second account simultaneously — a personal and work account at the same service, for example — without conflicts between the two.
That’s it. That’s the complete picture of what incognito mode actually provides: local history deletion, session-only cookies, no saved form data, and session separation.
Notice what’s absent from that list. Notice what it says nothing about. Because that’s where the real misconceptions live.
What Incognito Mode Doesn’t Do
This section is longer than the previous one. Significantly longer. That asymmetry tells you something important about the gap between the marketing implication and the technical reality.
It Doesn’t Hide Your Activity From Your Internet Service Provider
Your Internet Service Provider — the company you pay for internet access — sees every connection your device makes to the internet. This is technical reality, not a policy choice. Your traffic travels through their infrastructure. They can see which IP addresses you connect to, which translates to which websites you visit, when, and for how long.
Incognito mode does nothing about this. The “private” in private browsing refers to privacy from other users of the same device, not privacy from the network infrastructure your traffic flows through.
ISPs in many countries — including the United States — are permitted to log and in some cases sell anonymized browsing data. In the US, the Federal Communications Commission reversed net neutrality protections in 2017 that had restricted ISP data collection. Your ISP’s visibility into your browsing is a real, ongoing consideration that incognito does nothing to address.
It Doesn’t Hide Your Activity From Your Employer or School Network
If you’re browsing in incognito mode on a work computer, a school computer, or any device connected to an organization’s network, the network administrators can see your activity.
This is among the most consequential misconceptions about incognito mode, with real professional and academic consequences for people who’ve acted on the false belief that incognito made their work browsing invisible to their employer.
Network-level monitoring captures traffic at the router or firewall level — before it ever reaches your browser’s privacy settings. What browser mode you’re in is completely irrelevant to network monitoring. The traffic leaves your device the same way regardless.
On managed devices — employer-issued laptops, school computers — additional monitoring software may capture screenshots, log keystrokes, or record activity at the application level. Incognito provides exactly zero protection against any of this.
It Doesn’t Hide Your Activity From Websites You Visit
The websites you visit in incognito mode can see your visit just as clearly as any other visit. They see your IP address — the numerical identifier that connects your device to the internet. They can collect information about your browser, operating system, screen resolution, installed fonts, and dozens of other technical characteristics that form a “fingerprint” of your browser. They can observe everything you do on their site.
If you log into an account — your email, your bank, a social media platform — that service has a complete record of your session. Incognito mode doesn’t change this in any way.
It Doesn’t Make You Anonymous to Google
This one surprises people most consistently, because Google is the default search engine in Chrome’s incognito mode and Chrome is Google’s browser.
Google can still see your searches in incognito mode. Your searches travel to Google’s servers and back. Google can see the IP address those searches came from. If you’re logged into any Google service in another tab, or in your regular browser window, Google has increasing ability to connect those searches to your identity through various technical mechanisms.
The Google $5 billion settlement referenced earlier was specifically about this — plaintiffs argued Google continued to collect data through analytics tools, ad tools, and other trackers embedded in third-party websites even when users were in Incognito mode. The settlement didn’t require Google to stop collecting data, but required more explicit disclosures about what Incognito does and doesn’t protect.
When you open a Chrome incognito window, the disclaimer now states: “Others who use this device won’t see your activity, but your activity might still be visible to websites you visit, your employer or school, or your internet service provider.” Google updated this language specifically because previous versions overstated the protection.
It Doesn’t Stop Browser Fingerprinting
Browser fingerprinting is a tracking technique that doesn’t use cookies at all. Instead, it collects a combination of technical attributes about your browser and device — your user agent string, screen resolution, installed plugins, time zone, language settings, hardware capabilities, and dozens of other data points — and combines them into a fingerprint that’s unique or near-unique to your device.
Because fingerprinting doesn’t use cookies, clearing cookies or using incognito mode does nothing to prevent it. Your browser in incognito mode still presents the same fingerprint as your regular browser. Sophisticated tracking infrastructure can identify you across sessions, across different browsers on the same device, and — with enough data — across devices, without any cookies involved.
Tools like the Electronic Frontier Foundation’s Cover Your Tracks (coveryourtracks.eff.org) let you see how unique your browser’s fingerprint is. For most people, the result is sobering.
It Doesn’t Stop Third-Party Trackers on Websites
Major websites typically include tracking code from dozens of third parties — advertising networks, analytics services, social media pixels, data brokers. When you visit a website, all of these third parties can see your visit.
Incognito mode, by deleting cookies at session end, limits the persistence of cookie-based cross-site tracking. But it doesn’t block the trackers from seeing your visit in the first place. And fingerprinting-based tracking, as described above, continues regardless of cookie deletion.
Facebook’s tracking pixel — embedded on millions of websites — can still observe your web activity in incognito mode if you’ve ever visited Facebook from the same IP address. Google Analytics, embedded on most of the web, observes visits regardless of browser mode.
It Doesn’t Protect Against Malware
If you download a malicious file in incognito mode, the file is just as malicious as if you’d downloaded it in regular mode. If you visit a malicious website that exploits a browser vulnerability, incognito offers no additional protection. If a keylogger is already on your device, it records your keystrokes in incognito mode as comprehensively as in any other mode.
Incognito is not a security feature. It’s a privacy feature — and even as a privacy feature, its scope is narrow.
It Doesn’t Hide Your Activity From People Who Can See Your Screen
This sounds obvious but is genuinely worth stating: incognito mode provides no protection against physical observation. If someone can see your screen, they can see what you’re browsing in incognito mode. The darker browser chrome doesn’t change what’s displayed on screen.
The Disconnect: How Did This Misconception Get So Widespread?
The gap between what incognito does and what people think it does isn’t random — it was seeded by design choices, terminology, and marketing that implied more than the technical reality supported.
The branding implies invisibility. “Incognito” means disguised, unrecognizable, in disguise. The spy hat and glasses icon in Chrome’s incognito mode directly evokes a spy — someone operating covertly, undetected. “Private” browsing implies privacy more broadly than just local device privacy. These choices shaped user expectations before anyone read the fine print.
The interface signals feel significant. The darker browser window, the explicit notification that you’ve entered a special mode, the visual differentiation from regular browsing — these design choices create a psychological sense of crossing into protected territory. The interface feels like it’s doing something significant because it looks different.
The use cases blend in users’ minds. Incognito mode is genuinely useful for its actual purpose — local privacy on shared devices. But users naturally generalize from “incognito hides this from people who use my computer” to “incognito hides this more broadly.” The distinction between local privacy and network privacy isn’t intuitive without technical knowledge.
Nobody explicitly corrected it for years. Google’s original incognito mode disclaimer was vague enough that the misconception could persist unchallenged. It took a $5 billion lawsuit and years of public criticism before Google updated its language to more clearly state what incognito doesn’t protect.
The result is one of the most widespread and consequential consumer tech misconceptions of the internet era. People have made decisions — about what they researched, what they said, what they assumed wasn’t being recorded — based on a protection that wasn’t real.
What Incognito Mode Is Actually Good For
Having thoroughly catalogued what incognito doesn’t do, it’s only fair to be equally clear about where it genuinely delivers value.
Shared devices and household computers. The original and most legitimate use case. If multiple people use the same computer and you want to keep your browsing out of the shared history, incognito works perfectly for this.
Surprise gift shopping. Searching for gifts for someone who might use your device, or who might notice recommended products on your shopping accounts, is exactly what incognito is designed for. Your partner won’t see the search history, and the session cookies that would drive targeted advertising disappear when you close the window.
Logging into a second account. Running an incognito window alongside your regular browser session lets you be logged into two different accounts at the same service simultaneously — two Gmail accounts, two Twitter accounts, a personal and work profile.
Checking how a website looks to logged-out visitors. Web developers and content creators use incognito to see how their sites appear to users who aren’t logged in, without having to log out of their own accounts.
Avoiding cookie-based price discrimination. Some travel and retail sites display different prices based on your browsing history and cookies. Starting an incognito session presents you as a fresh visitor, potentially showing different (sometimes lower) prices. This works to a degree — it clears cookie-based personalization — though fingerprinting means it’s not perfectly clean.
Preventing autofill on shared computers. Logging into accounts on a shared computer without incognito risks your credentials being saved to the browser’s autofill. Incognito prevents this automatically.
Accessing paywalled content. Some websites use cookies to count article views before triggering a paywall. Incognito clears those cookies, potentially resetting the counter. This is a gray area ethically but is a documented practical use.
These are all legitimate, useful applications. They just have nothing to do with hiding your activity from Google, your ISP, your employer, or the websites you visit.
What You Actually Need for Real Privacy
If incognito mode isn’t the answer to online privacy, what is? Here’s an honest breakdown of tools that actually provide meaningful privacy protection.
A VPN for Network-Level Privacy
A Virtual Private Network encrypts your internet traffic and routes it through a server operated by the VPN provider, masking your actual IP address from the websites you visit and hiding your traffic from your ISP.
From your ISP’s perspective, they see encrypted data going to a VPN server — not which websites you’re visiting. From a website’s perspective, they see the VPN server’s IP address — not your actual IP. This provides the network-level privacy that incognito mode entirely fails to deliver.
Important caveats: your trust shifts from your ISP to your VPN provider. A VPN that logs your activity and sells it is worse than no VPN. Stick to reputable providers with audited no-logs policies and clear business models that don’t depend on monetizing user data.
A VPN doesn’t make you completely anonymous. Fingerprinting can still track you. Logged-in accounts still know who you are. Law enforcement can subpoena VPN providers. But for everyday privacy from ISP surveillance and basic IP-based tracking, a reputable VPN is the most practical tool available. Our VPN reviews cover which services actually deliver on their privacy promises.
Privacy-Focused Browsers
Not all browsers treat your privacy the same way. Chrome is Google’s browser — its business model is built on advertising driven by data collection, which creates structural tension with user privacy regardless of incognito mode.
Firefox is developed by the non-profit Mozilla Foundation. It includes stronger tracking protection than Chrome by default, blocks many third-party trackers out of the box, and its business model isn’t advertising-dependent.
Brave is built on the same underlying engine as Chrome (Chromium) but includes aggressive default privacy protections — blocking ads and trackers by default, with optional features like Tor integration for even stronger anonymity.
Safari on Apple devices includes Intelligent Tracking Prevention — a system that limits the ability of third-party trackers to follow you across websites. Apple’s business model is device sales rather than advertising, aligning their interests with user privacy more than ad-dependent browsers.
The browser you choose matters more for privacy than what mode you browse in.
Browser Extensions That Actually Help
uBlock Origin is the gold-standard ad and tracker blocker. It blocks third-party trackers, advertising networks, and malicious domains by default. In independent testing, it consistently outperforms alternatives while maintaining lower resource usage. Available for Firefox and Chrome-based browsers.
Privacy Badger from the Electronic Frontier Foundation learns to block invisible trackers based on their behavior rather than a static list — effective against new trackers that haven’t been catalogued yet.
HTTPS Everywhere (now largely superseded by browser-native HTTPS-first modes) ensures you’re connecting to HTTPS versions of websites where available.
These extensions work in your regular browser window and provide more meaningful tracking protection than incognito mode does.
Private Search Engines
Google’s business model depends on connecting your search behavior to your identity to serve targeted advertising. Even in incognito mode, Google search connects your queries to your IP address at minimum.
DuckDuckGo doesn’t track your searches, doesn’t build profiles on individual users, and doesn’t use your search history for ad targeting. Its search results are less personalized than Google’s but entirely adequate for the majority of searches.
Startpage shows Google search results without passing your identity to Google — acting as a privacy-respecting intermediary.
Brave Search is an independent search index (not Google-based) operated by the team behind the Brave browser, with a privacy-first approach.
Switching your default search engine in incognito mode is one of the simplest concrete improvements to your search privacy.
Tor Browser for Strong Anonymity
Tor (The Onion Router) is a free browser that routes your traffic through multiple volunteer-operated nodes — each encrypting and re-encrypting — making it extremely difficult to trace traffic back to its origin. Each node only knows the previous and next hop in the chain, not the full path.
Tor provides meaningfully stronger anonymity than a VPN for situations where strong anonymity matters. The tradeoffs: significantly slower browsing speeds, blocked access on some websites that detect Tor usage, and a browsing experience that requires some adjustment.
Tor is the right tool for specific high-privacy needs — journalists protecting sources, activists in repressive environments, situations where strong anonymity genuinely matters. For everyday browsing, a VPN plus a privacy-focused browser with tracking protection covers most practical needs.
Being Mindful of Logged-In Accounts
No privacy tool fully overcomes the privacy implications of being logged into accounts. When you’re logged into Google, Google knows what you’re doing. When you’re logged into Facebook, Facebook tracks you on every site with a Facebook pixel regardless of your browser’s privacy settings.
The most impactful behavioral privacy habit is being thoughtful about when you’re logged in and to what. Using separate browser profiles — or separate browsers entirely — for different categories of activity limits cross-contamination between identities.
The Fingerprinting Problem: Why True Anonymity Is Harder Than It Looks
Browser fingerprinting deserves more attention than it typically receives in privacy discussions because it fundamentally challenges the premise of cookie-based privacy solutions.
Here’s the uncomfortable reality: your browser, right now, has a fingerprint that’s likely unique or near-unique among internet users. The combination of your browser version, operating system, screen resolution, time zone, language settings, installed fonts, hardware capabilities, and dozens of other parameters produces a signature that’s more identifying than most cookies.
Clearing cookies doesn’t change your fingerprint. Incognito mode doesn’t change your fingerprint. Even a VPN doesn’t change your fingerprint — it changes your IP address but not your browser’s technical characteristics.
Fingerprinting-based tracking is actively used by advertising networks, fraud detection systems, and analytics platforms. It’s harder to block than cookie-based tracking because it doesn’t require storing anything on your device.
Defenses against fingerprinting include:
Tor Browser specifically addresses fingerprinting by making all users present the same fingerprint — you look identical to every other Tor user, rather than unique.
Brave Browser includes fingerprinting randomization — it slightly alters the fingerprinting data it presents, making consistent cross-session tracking harder.
Firefox includes some fingerprinting resistance, particularly with Enhanced Tracking Protection set to “Strict.”
Complete fingerprint prevention while maintaining normal browsing functionality is essentially impossible for most users. What’s achievable is making fingerprinting-based tracking harder and less precise — which, combined with other tools, meaningfully improves your privacy even if it doesn’t achieve theoretical perfection.
Practical Scenarios: The Right Tool for the Right Situation
“I’m buying a birthday gift and don’t want my spouse to see my browser history.” Incognito mode is exactly the right tool here. This is what it was designed for.
“I don’t want my ISP seeing what websites I visit.” Incognito doesn’t help. Use a reputable VPN.
“I’m browsing at work and don’t want IT to see what I’m doing.” Incognito doesn’t help. Network monitoring operates at a level incognito doesn’t affect. This is worth understanding clearly — assuming incognito provides protection at work is a mistake with potential professional consequences.
“I don’t want Google tracking my searches.” Incognito reduces but doesn’t eliminate Google’s visibility if you’re using Google search in Chrome. Use a privacy-focused search engine like DuckDuckGo regardless of browser mode.
“I don’t want websites tracking me across the internet.” Incognito helps with cookie-based tracking for each fresh session. It doesn’t help with fingerprinting. Use a browser with strong tracking protection and a tracker-blocking extension for more meaningful coverage.
“I want to be anonymous online.” No single tool achieves this. A combination of Tor Browser or a reputable VPN, a privacy-focused browser, a private search engine, and avoiding logged-in accounts comes closest to practical anonymity.
“I want to log into a second account at the same service.” Incognito is perfect for this.
“I’m a journalist or activist who needs strong source protection or personal safety.” Incognito is inadequate. Tor Browser for anonymity, Signal for communications, and dedicated operational security practices are appropriate for high-stakes privacy needs.
The Honest Bottom Line
Incognito mode does one thing genuinely well: it keeps your browsing history off the local device and clears session cookies when you close the window. For shared devices and the specific use cases built around local privacy, it’s the right tool.
For everything else people commonly use it for — hiding activity from their ISP, their employer, websites they visit, or Google — it provides no meaningful protection. The gap between the implied promise and the delivered reality is wide, and it matters because people make real decisions based on false assumptions.
The tools that actually provide meaningful online privacy are a reputable VPN for network-level privacy, a privacy-focused browser with tracking protection, a private search engine, tracker-blocking extensions, and mindful attention to when you’re logged into data-collecting accounts.
None of these are complicated. All of them are accessible. And all of them do what incognito implies but doesn’t deliver.
Understanding the difference is the first step toward making genuinely informed decisions about your privacy online — not decisions based on a darker browser window and a reassuring hat-and-glasses icon that doesn’t mean what you thought it did.
Frequently Asked Questions
Does incognito mode make you anonymous online? No. Incognito mode prevents your browser from saving local history and deletes session cookies when closed. It doesn’t hide your IP address, doesn’t prevent your ISP from seeing which sites you visit, doesn’t block website tracking, doesn’t stop browser fingerprinting, and doesn’t hide your activity from your employer’s network monitoring. For meaningful anonymity, a combination of tools including a VPN, privacy-focused browser, and private search engine is necessary.
Can your employer see incognito browsing? Yes. Network monitoring operates at the infrastructure level — your employer’s firewall, proxy server, or monitoring software sees traffic leaving your device regardless of what browser mode you’re using. Incognito mode is completely transparent to network-level monitoring. On managed employer devices, additional monitoring software may capture activity at the application level. Assuming incognito provides workplace privacy is a misconception with real professional consequences.
Does incognito mode stop websites from tracking you? Partially, for cookie-based tracking only. Incognito starts each session without previous cookies and deletes cookies when closed, limiting cookie-based cross-site tracking. However, websites can still see your IP address, observe your complete behavior during the session, fingerprint your browser, use login-based tracking if you’re logged in, and employ various cookieless tracking techniques. Browser extensions like uBlock Origin and privacy-focused browsers provide meaningfully more comprehensive tracking protection.
Can Google track you in incognito mode? Yes, to a significant degree. Google searches in Chrome incognito still travel to Google’s servers and reveal your IP address. Google’s tracking tools are embedded throughout the web and can observe incognito visits to third-party sites. A 2024 settlement resulted from a class action alleging Google collected data from users in incognito mode. For reduced Google tracking, use a private search engine like DuckDuckGo and a browser with strong third-party tracker blocking.
What’s the difference between incognito mode and a VPN? They address completely different aspects of privacy. Incognito mode is a local device privacy tool — it prevents your browser from saving history on your device and clears session cookies. A VPN is a network privacy tool — it encrypts your internet traffic and hides your IP address from websites and your ISP. Incognito mode doesn’t affect network-level visibility; a VPN doesn’t affect local browser history. For meaningful privacy from external observers, a VPN is required. For local device privacy on shared computers, incognito is the appropriate tool.
Is private browsing in Safari or Firefox different from Chrome’s incognito? The fundamental functionality is similar across browsers — all prevent local history saving and clear session cookies. The differences lie in additional protections some private modes include. Firefox’s private browsing includes stronger tracker blocking than Chrome’s incognito. Safari’s private browsing includes Intelligent Tracking Prevention. None of them hide your activity from your ISP or employer. The choice of browser and its default privacy protections matters more for overall privacy than the specific implementation of private browsing mode.
What should I use instead of incognito for real privacy? For network privacy from your ISP: a reputable VPN. For search privacy: DuckDuckGo or another private search engine. For reduced tracking on websites: a privacy-focused browser like Firefox or Brave with a tracker-blocking extension like uBlock Origin. For strong anonymity needs: Tor Browser. For local device privacy on shared computers: incognito mode remains the right tool. Real privacy online requires a combination of approaches rather than any single tool.
