Private internet browsing not as secure as most think, researchers find

Misleading language perpetuates myths about online protections, survey finds

When you open up a browser window in “privacy mode,” do you know who’s watching? According to new research from the University of Chicago, most users carry misconceptions about what these features do and don’t do, and the information provided by the browser itself doesn’t help.

In a paper presented at the The Web Conference 2018 in Lyon, France by University of Chicago graduate student Yuxi Wu and researcher Miranda Wei, a survey of 460 participants found that many overestimate the protections provided by private browsing modes, even after they read the information provided by different popular browsers about they do and don’t do.

The authors found that many people were unaware that internet service providers and websites could still track user activity and information while in private mode, a myth perpetuated by misleading browser-provided language such as “browse like no one’s watching.” The research comes from the Security, Usability, & Privacy Education & Research group, or SUPERgroup, led by Blase Ur, Neubauer Family Assistant Professor in the Department of Computer Science.

“In general, transparency and communication about technology is very difficult,” said Wu, a student in the Master of Science in Computational Analysis and Public Policy program offered by the Department of Computer Science and the Harris School of Public Policy. “It’s becoming increasingly important that people need to be better educated about what they’re doing and the implications of their behaviors online.”

When you open a new, private browsing window, your browser provides a brief statement about what protections that mode provides. In the study, researchers used the actual disclosure statements from the desktop and mobile versions of Chrome, Edge, Firefox, Safari, Opera and Brave, as well as one purposefully vague statement that served as a control. Subjects read one of these disclosures, received different browsing scenarios on subjects such as targeted advertising and tracking by employers, and answered various questions on how privacy mode affects these situations.

Most of the disclosures failed to improve users’ understanding of what private mode actually protects. Of the thirteen disclosures tested, only those from the mobile and desktop Chrome browsers produced significantly more correct responses than the control statement. Wu and Wei suggested that the Chrome disclosure format—two bullet-pointed lists of what it does and does not do—was more effective for informing users, as opposed to unclear phrases such as “tracking protection” used by other browsers.

Even the name of the mode could have influenced users; where most browsers use some form of the word “privacy,” Chrome calls its version “Incognito Mode.”

“The term ‘private’ is heavily overloaded, and our results suggest the name ‘private mode’ implies unintended meanings,” the authors wrote in the paper.

Almost all users understood that private mode prevents browsing history from being saved locally, but that files downloaded in private mode would still remain after the session ended. In some cases, subjects actually underestimate privacy mode functions, most notably on whether the names of files downloaded during a private session would appear in the browser’s download history.

However, most protections were incorrectly overestimated. For example, more than half of participants believed that their search history in private mode was not logged by Google, even if they were logged into their Google account. Many participants also did not realize that their ISP, employer, or the government would be able to track their activity in private mode, and 27 percent mistakenly believed that it offered protections against viruses and malware.

The central theme of these misconceptions was mistaking the local protections of privacy mode for how a user’s activity can still be viewed and saved by service providers and websites. That general confusion could be the result of changes in Internet-connected device ownership, Wei suggested.

“Private browsing mode was created for your local computer, and it was more useful when people were sharing devices, because that's when you really run into other people being able to see what you do and wanting your own individual privacy,” Wei said. “Now that people often have their own devices, even private modes create a data trail that you might think is private, but actually isn’t.”

The study is one of many at SUPERgroup examining how much internet users know about the information collected about their activity online, and how that knowledge changes browsing behavior. Additional co-authors on the paper include Panya Gupta of the University of Chicago and Yasemin Acar and Sascha Fahl of Leibniz University Hannover.