What is browser fingerprinting and is it allowed?

Browser fingerprinting is a tracking method that can uniquely identify your device without cookies. By combining hundreds of browser and device properties — browser version, installed fonts, screen resolution, timezone, audio API rendering, WebGL rendering, user agent, language settings — you get a "fingerprint" that's unique in 90%+ of cases. How unique? EFF's Panopticlick research: 80-95% of browsers have a unique fingerprint within a dataset of millions. Test yours at coveryourtracks.eff.org. Why do businesses do this? When cookies don't work (incognito mode, blockers, mobile apps) fingerprinting still works — useful for ad networks, fraud detection (legitimate), and cross-device tracking. GDPR status: fingerprinting collects and processes personal data — FULLY under GDPR + ePrivacy. EDPB guideline 2019 + Planet49 ruling makes clear: fingerprinting for tracking requires explicit consent, just like marketing cookies. No consent = unlawful. Fines: AP has started fingerprinting investigations since 2023. French CNIL fined Equifax for fingerprinting without basis (2024). How to defend yourself? (1) Firefox with "Strict Tracking Protection" — blocks known fingerprinting libraries. (2) Brave browser — randomises fingerprint per site. (3) Tor Browser — best protection but slower. (4) Disable WebGL, Canvas, AudioContext via uBlock Origin scripting. Important note: 100% fingerprint-free browsing on the modern web is hard — trade off between usability and privacy.