Quiz Entry - updated: 2026.05.24
Why is canvas fingerprinting considered "stateless tracking," and why is that especially concerning for privacy?
It re-recognizes users without storing anything on their device — using standard browser APIs that need no permission or consent.
What makes it stateless and stealthy:
- API-based & consent-free — uses the standard HTML5 Canvas API; no special permission or user consent is required
- Unique hardware signature — the hash reflects GPU, drivers, OS engine, and fonts; this configuration stays stable, enabling long-term tracking
- Micro font differences — minimal text-rendering variations are measurable and create unique signatures
- High entropy — distinguishes one user among millions, and precision rises when combined with other methods
The privacy problem: unlike cookies, there is nothing to clear. Canvas fingerprinting "uses personal information without explicit data collection" — you can delete every cookie and still be re-identified the moment you load a page.