A coming version of the Brave web browser will include a new Forgetful Browsing feature that will let users always clear cookies and other storage when leaving a website.
“Most Web browsers are finally getting serious about limiting third-party tracking on the Web and—while no browser is as aggressive as Brave—third-party trackers are taking notice of the trend,” Brave vice president Peter Snyder writes. “In response, third parties are increasingly relying on first-party storage to continue tracking users. Forgetful Browsing is the first in a series of upcoming tools Brave has planned to continue protecting Brave users and address first-party reidentification.”
Forgetful Browsing will appear in Brave version 1.53 on the desktop—the current version is 1.51—and in Brave for Android 1.54. It will help users automatically log out of a site when it’s closed, avoid being rate limited by a site (as in when you see something like “you have X remaining articles to view”), and generally prevent sites from reidentifying you across visits. It works a bit like some extensions but is more powerful because it offers more protection. It works in private browsing mode, too.
The issue here is that web browsers let websites reidentify users indefinitely even though users only benefit from this behavior on a small percentage of the sites they visit. For example, it’s useful to auto-login to email and social media sites each time you visit, but is less useful on news, shopping, and image hosting sites.
“In this way, all web browsers get the defaults backward: they assume you want to be identifiable by every site you visit,” Snyder continues. “And this causes both annoyance (e.g. rate limiting or paywalls) and privacy harm (e.g. being profiled by untrustworthy sites). This problem is called ‘unwanted first-party reidentification’.”
Forgetful Browsing will address this issue and provide even better protection against first-party trackers. Using Brave Shields, users can configure that they want to be forgotten when a site is closed using a new “Forget me when I close this site” option. When enabled, Brave will clear first-party storage for the site a few seconds after the last tab for that site is closed. This includes explicitly stored values (cookies, localStorage, and indexedDB) and indirectly stored values (HTTP cache and DNS cache). You can even make it the global default and then uncheck this option for the few sites for which you do need it.
And Forgetful Browsing will work per site, not per domain. (This means you can configure first.site.example to use aggressive fingerprinting protections and second.site.example to use standard fingerprinting protections, Brave notes, but all subdomains on site.example will share the same Forgetful Browsing setting.)
I keep repeating myself on this one, I know, but I use and strongly recommend Brave. This kind of work is just one of many reasons why.