Advanced privacy

Brave is built on the open-source Chromium project, the same engine that powers Google Chrome, Microsoft Edge, and Vivaldi (among others). While Chromium provides the foundation for a very secure browser, it’s unfortunately not good for user privacy—at least, not the version in Chrome and Edge. Brave, on the other hand, makes numerous changes (and subtractions) with every Chromium release, including:

• Proxying communication with Google services through Brave servers.
• Reimplementing sync to be encrypted client-side and never touch Google’s servers.
• Removal of privacy-harming features like Google’s Reporting, Topics, and Network Status APIs, as well as removal of FLoC and Fledge.

With Brave, you can sync browser profiles between your desktop and mobile devices. This means you can see the same browsing history, bookmarks, and other data, regardless of which device you’re browsing on. Unlike other browsers or tech tools, Brave encrypts this data at the client (device) level. With encryption between each client in the sync chain, your data is hidden to Brave, and much more secure.

Accelerated Mobile Pages (AMP) is a non-standard publishing format, designed and enforced by Google. In theory, AMP allows your browser to access a mobile-optimized version of a webpage for faster page load. But in practice, AMP just strengthens Google’s monopoly: it gives Google an even broader view of which pages people view on the Web, and how people interact with them.

Brave works to circumvent AMP (or “de-AMP”) pages, and instead load the real (or “canonical”) version of the page instead.

When you first start your browser, it checks with its update server for updates or other new information. Brave goes to great lengths to limit how often our browser communicates with Brave servers, and independent research backs this up: Brave was found to have the least network communication with its backend servers of any popular web browser.

Many trackers use query parameters to try and circumvent browser privacy protections. By default, Brave removes known tracking-related query parameters from URLs while you browse. While other browsers include no or limited protections against this kind of tracking, Brave protects against an ever-growing list.

• Brave improves upon the limited network-state partitioning that’s already in Chromium. Brave’s DOM state partitioning will partition each site you visit (knowingly or unknowingly), to prevent cross-site tracking.
• Brave also expands that partitioning to other storage mechanisms in the browser, a protection known as network-state partitioning.
• Likewise, Brave protects against some sophisticated forms of pooled-resource attacks.

• Referrer policy is the system that browsers and websites use to inform a destination site (the site you’re going to) about the source website (the site you’re coming from). This poses a clear privacy harm to users. It tells sites you might not trust about your browsing behavior, and what site led you to the site you’re viewing now.
• Brave reduces the amount of information present in the referrer header, and in some cases removes the header all together.

Some sites and web apps (like Zoom, Google Meet, or Brave Talk) request access to device hardware like a microphone or webcam. In other Chromium browsers, the access-request options are limited: you allow access always, or never. But Brave has more fine-grained access permissions like “until I close this site” or “for 24 hours.”

Many sites will let you use Google or Facebook to log in, allow embedded posts from Facebook or LinkedIn, or allow embedded tweets from X (formerly Twitter). If you’d prefer to not see those options, Brave will try to block them. Just visit brave://settings/socialBlocking in the Brave Browser to customize this option.

• As more browsers offer default protection against tracking, the ad tech industry has developed a clever way to get around this protection: bounce tracking. Bounce tracking involves hiding a tracker directly in the link you click, making it harder to block without breaking websites. These tracking links might look like “www.sitename.com/article?123abc” where everything after the “?” is a tracker.
• Brave blocks multiple variants of this scheme, and has the most robust protection against bounce tracking of any popular browser. It removes tracking parameters from URLs, blocks bounce tracking via filter lists, and pioneered both debouncing and unlinkable bouncing protections.
• With debouncing, Brave adds an extra layer of protection against bounce tracking by recognizing when you’re about to visit a known tracking domain, skipping that visit altogether, and instead directly navigating you to the intended destination.
• With unlinkable bouncing, Brave can notice when you’re about to visit a privacy harming (or otherwise suspect) website, and instead route that visit through a new, temporary browser storage.

Brave caps the life of JavaScript-set cookies to 7 days. This often means they’re deleted after 7 days as well, unless you’ve otherwise changed this at brave://settings/cookies. Brave also gives you multiple options to clear cookies at any time.

Tor allows you to browse the web while proxying your IP address through multiple, intermediate addresses. This masks your IP address, keeping you effectively anonymous online. Brave has a built-in integration with Tor for even better privacy. (Note that private windows with Tor can lead to slow-downs in browsing speed.) Learn more about Private Windows with Tor.

• While we’d love if every user could share product feedback, most simply don’t have the time. Still, we need some indicator on whether people are using (and liking) Brave. So, rather than outsource analytics about usage to some third-party (and thus expose user data), we introduced our own methodology: Privacy-Preserving Product Analytics (P3A).
• P3A tells us basic things like how often the browser or its features are being used, but nothing about who’s using them. P3A also prevents Brave from linking large groups of measurements together—with P3A, Brave further protects your privacy by rendering itself incapable of building profiles of pseudonymous responses. This methodology is open-source, and can be easily opted out of.

• The European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) are two of the strongest pieces of legislation to protect user data online. Brave strives to comply with these regulations, and go a step further: to safeguard your data by not collecting it in the first place.
• We also join open letters to regulatory bodies to strengthen data protections, and call out Big Tech when they try to skirt the law. See an example letter Brave wrote to the California state legislature, and another post detailing work we did to uncover a Google scheme to circumvent GDPR.
• Learn more about Global Privacy Control (GPC).

Brave applies filter lists from the EasyList and EasyPrivacy projects, the uBlock Origin project, and lists Brave has generated directly. We also fund and support the maintenance of tracking-protection lists, to help support the privacy community. By pulling from many different tracking protection lists, Brave blocks more unwanted tracker resources than any other browser.

Brave has partnered with—and supported—multiple academic institutions on research into web privacy standards and improvements, producing multiple research papers that have moved the browser industry toward privacy-by-default, and resulted in tangible code improvements in Brave.

See some of Brave’s academic research contributions.

• Brave advocates for, and improves privacy in, proposed Web standards, as members of the W3C and IETF. We also co-chair the W3C’s privacy review interest group (PING).
• See some of Brave’s work to improve web standards for all.