In a listicle world where even the trivial is quantified, judged, and graded, let’s rank something important for a change: Which web browsers are best for protecting your security and privacy?
The contestants
First, we took measure of the goliaths: Google Chrome, the runaway leader in market share; Microsoft’s Edge, the upstart heir to the now-defunct Internet Explorer; Safari, a default choice for Apple users; and Firefox, the only major browser that is open-source.
Next, we dug a little deeper to assess the less popular but nonetheless powerful browsers that claim to prioritize your security and privacy: Brave, Opera, and Tor Browser. Here is what we came up with.
Top browsers for privacy and security in 2021
7. Microsoft Edge: The upstart heir
6. Opera: The oldest contender
5. Apple Safari: Tailored for your Mac
4. Google Chrome: The runaway leader
3. Brave: The best Chrome alternative
2. Mozilla Firefox: The best browser for privacy
1. Tor Browser: The best browser for anonymity
Best browsers for privacy in 2021
7. Microsoft Edge
✓ Chromium-based
✓ Partially open-source
✗ Collects user data
Microsoft has been keen to make Edge the browser of choice among Windows users, having retired Internet Explorer. Since its launch in 2015, Edge has expanded beyond Windows 10 to more operating systems, including Mac, Android, and iOS.
Microsoft clearly wants this browser to have the edge on its predecessor in terms of page load speeds, but what about its security and privacy?
The good
This year Microsoft made a significant shift in Edge’s design—as of January 2020, the browser is Chromium-based, which means part of its code is open-source. The browser itself updates its software at least once a week, mainly consisting of security updates. We can’t overstate enough how important it is to update your apps and devices even if it’s tedious to do so. It’s good to see that Edge is coming out with regular updates to patch security issues.
Microsoft has also rolled out Automatic Profile Switching, which is supposed to help switch between your work and non-work accounts easily.
The bad
A fundamental flaw in Edge’s security came to light this year, when security researchers revealed that Edge “send[s] persistent identifiers than can be used to link requests (and associated IP address/location) to backend servers.”
A company spokeswoman told ZDNet that “Microsoft Edge sends diagnostic data used for product improvement purposes, which includes a device identifier. On Windows, this identifier enables a single-click ability to delete the related diagnostic data associated with the device ID stored on Microsoft servers at any time (from Windows settings), something which is not offered by all vendors.”
She added: “Microsoft Edge asks for permission to collect diagnostic data for product improvement purposes and provides the capability to turn it off at any later point. This diagnostic data may contain information about websites you visit. However, it is not used to track your browsing history or URLs specifically tied to you.”
Regardless, such data collection can reveal much about the user’s identity, and not much can really be done about it.
You can see more on what Edge collects here, but the fact that the browser can identify your device alone is worrisome, and we’d avoid using it.
Would we recommend this browser? No.
6. Opera
✓ Built-in ad blocker
✓ Chromium-based
✗ Built-in VPN logs usage
The creator of the CSS web standard, Hakon Wium Lie, developed Opera in 1995. The browser has since adopted much of Chromium’s code into its software and is now considered one of the more popular privacy-oriented browsers.
The good
The Opera browser has a built-in ad blocker and uses a tracker blocker that takes from the EasyPrivacy Tracking Protection List, which can help protect users from seeing ads and being tracked by advertisers and other websites. It bases part of its code on Chromium, which is open-source and therefore can be scrutinized.
The bad
As with Chrome, Opera’s default window will cache your data, and its Private one won’t—although you can tweak this in your settings to make it so in the default browser window.
While Opera does provide ways to customize your privacy and security, the opt-out method of securing and privatizing your browsing experience may not be appreciated by those more comfortable with browsers that provide it by default.
Opera also has a free built-in VPN that it bought in 2016. It’s a troubling addition to the browser, as it tracks bandwidth and logs usage, and Opera itself is owned by a company based in a country notorious for privacy violations. Browser beware.
Would we recommend this browser? No.
5. Apple Safari
✓ Runs pages in a sandbox
✓ Stops malicious code accessing user data
✗ Not open-source
Safari is only available on Apple products now, but for a short while it was found on PCs. Safari is the default browser for Mac, but like Microsoft’s Edge it plays second fiddle to Google Chrome in its popularity.
The good
Safari prevents suspicious sites from loading and alerts you to the potential danger. By running web pages in a sandbox, Safari also prevents malicious code on one page from affecting the entire browser or accessing your data.
In the few years since Safari’s Intelligent Tracking Prevention (ITP) feature launched, the browser appears to have prevented websites from tracking users, making it difficult for advertisers to target. It also helps camouflage digital fingerprinting and prevents third-party sites from leaving data in your cache by default, helping you stay anonymous online. In addition, Safari offers a range of useful extensions to safeguard your privacy.
The bad
Like Chrome and Edge, Safari is not open-source, so outsiders can’t scrutinize any of its code. Safari updates are offered at very irregular intervals, which is surprising given that it’s made by the world’s largest technology company. When compared with its rivals, Safari updates much more slowly. Mac users are arguably exposed to fewer internet vulnerabilities than PC users, but the lower frequency is still troubling.
Researchers from Google’s Information Security Engineering team recently found several security issues in the above-mentioned ITP anti-tracking system, claiming ITP actually leaks Safari users’ web-browsing habits. Some of these issues were addressed in later Apple security updates, but that may not be enough to quell suspicions of the browser.
Would we recommend this browser? Not until we see an open-source version, and even then maybe not.
4. Google Chrome
✓ Automatic updates
✓ Partially open-source
✗ Tracks a great deal of user data
Over a decade has passed since the launch of Google Chrome, and it has since become the undisputed leader in browser market share, at almost 80%. Given its reputation for speed and the prevalence of Google services in our lives (web search, YouTube, Gmail, Google Docs, etc.), it’s no surprise Chrome has become the most widely used web browser today. But how does it perform on your privacy and security?
The good
In addition to leading its competitors in update frequency and scanning for harmful downloads, Google automatically updates Chrome to the latest version every six to eight weeks, ensuring its users are always enjoying the latest browsing features. Part of its code is also open-source, which allows users to scrutinize, and also adopt, parts of its code.
Google has also encouraged hackers to find vulnerabilities in its own browser so the company can improve its product.
The bad
While the browser does offer the usual pop-up blocker and allows users to send a “do not track” request along with their browser traffic (which, by the way, does very little to stop sites from tracking you), one simply cannot ignore that Chrome belongs to the company that makes millions from knowing everything about you.
From automatically signing you in to the browser to a fishy location history policy, Google seems to be developing the habit of rolling out something unpopular before reeling it back in another update. There are ways around this, but Google is still using Chrome to learn about you and then monetizing that information.
Google did announce that they would eventually force third-party cookies to identify themselves on Chrome, but no word on when that will happen, nor whether this would actually stop trackers.
Chrome also boasts an extensive library of browser extensions, which offer a range of additional functionalities but at the cost of reduced privacy. Furthermore, since Chrome is a closed-source browser, no one can crack it open to see what (if anything) is hidden in the code. That said, this is no problem if you trust Google’s stance on privacy, and there is also an open-sourced version of Chrome available.
Would we recommend this browser? Not unless you want Google tracking everything, no.
3. Brave
✓ Built-in ad blocker
✓ Customizable privacy settings
✗ Tor tab doesn’t meet Tor’s privacy standards
Brave was founded in 2016 by Brenden Eich, the former Mozilla head who also created JavaScript. While relatively new on the scene, Brave packs quite a punch in its fast-performing, privacy-focused, and minimalistic design. Having moved on from perpetual beta to a fully-fledged browser, it’s set to show us how it fares as a privacy-oriented product.
The good
Brave has several features that keep your browsing activity private, with a default ad blocker that also stops ads from tracking your online behavior, as well as a function to secure unencrypted sites with HTTPS when necessary.
Brave’s security settings allow you to select what data you want to delete whenever you close the app (including that from HTTPS Everywhere), block fingerprinting attempts, and keep scripts from loading. Brave settings provide plenty of ways to customize your browsing experience to be as secure as you want it.
In December 2018, Brave fully transitioned to the Chromium codebase, making it easier for users to carry over their Chrome extensions—though they should be wary of what data third-party extensions collect.
The bad
Brave’s new Tor tab may be private, but it falls short of Tor’s own privacy standards with a customizable window size that could be used to fingerprint your browsing.
The questionable
While Brave blocks ads, it has also launched its own ad program in April 2019. This has attracted some criticism and claims of hypocrisy, as it layers its own ads on top of the ads found on websites, allowing them to essentially profit from the sites without giving the creators anything.
Brave’s cryptocurrency, called the Basic Attention Token (or BAT), does allow users to anonymously pay publishers for their content through micro-donations and get a percentage of it back.
Its ICO raised a few eyebrows, however, not least because in the brief 30 seconds the coins were available, 40% of them ended up in the hands of a very small group of people. Inevitably, this drew suspicions that large advertising agencies had snapped up the tokens, which would seem to defeat the purpose of BAT in the first place.
A Brave developer has told ExpressVPN that 300 million BAT has been placed into a User Growth Pool to distribute to Brave users monthly as free grants and referral rewards, although this in itself seems to be a work in progress. The inclusion of a cryptocurrency within a browser is certainly novel, but it looks like it will take some time before it starts functioning as intended.
Would we recommend this browser? Yes, although be wary of using their BAT currency.
2. Mozilla Firefox
✓ Open-source
✓ Highly customizable privacy settings
✓ Lightweight
Of all the browsers featured in this ranking, Firefox is the only one that is developed by a nonprofit organization, Mozilla. The browser is well known for its customizability and has long been a favored alternative to its brethren from Google, Microsoft, and Apple.
The good
Firefox does not update as frequently as Google Chrome, but it does at least update within a regular timeframe. Given that the Mozilla Foundation is a nonprofit, it’s impressive to see its coding volunteers constantly working to ensure Firefox is loaded with the latest security and browsing features within weeks.
Firefox offers a suite of security features that any internet user will appreciate: phishing and malware protection, blocking reported attack websites/web forgeries, and warning users when a site is trying to install add-ons.
Firefox is relatively lightweight, compared with its competitors. In keeping with the times, Firefox features “Content Blocking,” allowing users to block all trackers the browser detects. Firefox also provides users with the option to compartmentalize their browsers, preventing platforms like Facebook from tracking your activity outside of Facebook.
But most important, Firefox is the only widely used web browser that is completely open-source. Anyone can examine Firefox’s source code, making sure there are no sketchy elements (like tracking software) baked into the final product.
While Mozilla does heavily emphasize its default settings and the fact that it provides “strong privacy protection from the moment [users] install,” you can still customize a fairly detailed list of privacy and security settings, which include features like the ability to block cookies and third-party trackers and the level of security that you want.
The bad
Nothing, really. Firefox is quite a secure and private browser, you just need to manually customize it so that it is.
Would we recommend this browser? Yes.
1. Tor Browser
✓ Hard to track and trace traffic
✗ Law enforcement wary of Tor users
Developed by The Tor Project in 2002, and based on Firefox’s browser, Tor Browser was built for users to access the internet anonymously via the Tor network. Your activity and identity are masked by Tor, which encrypts your traffic in at least three layers by “bouncing your communications around a distributed network of relays” selected from thousands of volunteer computers.
Read: A beginner’s guide to Tor
The good
Most of Tor’s updates follow Firefox’s bug fixes and security patches. The updates are incredibly important to prevent anyone from exploiting bugs and security flaws in older versions of the Tor Browser.
The Tor Browser’s privacy is aided very much by its security—no one watching your connection can track your internet activity, nor can they identify you unless you explicitly identify yourself. Additionally, Tor does not track your browsing history and clears your cookies after every session. Tor also protects users from sites that try to fingerprint browsing history with its integration of NoScript. Based on tests of unique browser fingerprinting, only Tor can reduce the uniqueness of your fingerprint.
As we mentioned in our review of the Tor Browser, the process of bouncing your data through several relays makes it incredibly difficult for anyone to trace you and your activity. It’s not completely secure, as an FBI bust on the infamous Silk Road marketplace proved, but unless you’re running a high-profile and illegal operation on the Tor network, it’s unlikely that resources will be spent tracking down your browsing habits.
The bad
The Tor browser may actually be secure to a fault: Internet speed is likely to be affected as it routes traffic over three different hops through the Tor network, and it may break some sites because of its NoScript feature.
Be aware that law enforcement and ISPs can see who uses Tor, even if they don’t know what you’re doing on it. For maximum security, connect to a VPN first, and then start up the browser.
Read: How to combine Tor with a VPN
Would we recommend this browser? Yes. Just be careful about how you use it, like with any other browser.
The best web browser is…
Having evaluated these browsers, here’s how they rank:
- Tor Browser
- Firefox
- Brave
- Chrome
- Safari
- Opera
- Edge
Of course, there are many other important factors we could’ve included, such as browser speed and customizability. But for privacy and security, Tor Browser is ExpressVPN’s pick out of these popular web browsers.
The last step to secure and private browsing
As we’ve seen, each of these browsers has its respective strengths and weaknesses—including potentially tracking your web traffic and selling it to third parties.
And try as they might to give you a secure and private browser experience, the only way to protect all of your device traffic (from your ISP, for instance) is to use a VPN.
Instead of fiddling with customized browser settings, all you need to do is hit “connect,” and let our VPN safeguard your security and privacy as you enjoy the internet—from any device.
Comments
Chrome is better than brave. Very trustworthy recommendations…
Chrome is better than Brave? This is a ranking list comparing privacy features. In what world is Chrome better than Brave for privacy? Chrome should actually bottom of the list in terms of privacy.
Wondering if there should be some notes here about data sharing between Mozilla and Google?
The fact that you have Google on here at all means this is a paid and bought for opinion. Anyone with half a brain knows these POS’s are monitoring EVERYTHING for profit behind the scenes. Give me a break.
This review is great for the 0.1% of the public that gives a ____ about whether a product is open source. It is totally irrelevant to the 99.9%.
Does irrelevence indicate lack of importance? I think not.
I like to work on google chrome but I like to work on microsoft edge more.
One thing that would be helpful in articles such as this are links to the legitimate websites to download these browsers. At times, internet searches can return ads or downloads from other questionable sites.
Thanks for the insights.
Firefox boded well here, but did anybody realize they’re doing this:
https://firefox-source-docs.mozilla.org/toolkit/components/telemetry/data/default-browser-ping.html
It collects information about your Windows choices and your IP Address, and sends that to Mozilla servers every 24 hours, even if you opt out in the settings UI.
Please complain to them! If they’re monetizing from it, we want our cut!
That’s a good call out, are you suggesting the documentation is wrong though? Right in the link you present:
The docs are not wrong, they’re misleading.
“Opting out of Telemetry” as they call it prevents the data they have labeled as “telemetry” from being sent, however the ping still occurs, connecting to their servers, asking for a payload that controls the user’s Firefox, meanwhile observing your IP Address and anything else they can glean from the data packet and it’s timing and route.
As they say in the docs, it’s opt-out, but we users were never presented with that option, and there’s no setting for it in the about:preferencs/Firefox Data Collection and Use either.
I find this to be an invasion of privacy. I want them to make this visible, and to put a button in the settings that I can walk my grandmother (figuratively) through to disable it.
Until then, I want to make it more widely known so at-least the savvy users can realize it’s there and disable it, and so that all of us can complain to Firefox. I’ve done so twice with no traction.
This article is completely disingenous. The author must have received nice comission for trying to do disguissed marketing, which unfortunately would pass unnoticed to cautive audience. Anyonw with a minimum understanding of browsers will laugh at Edge and Chrome as top ones. Come on! And putting Mozilla almost at the bottom without even mentioning DuckDuckGo. Nice try. Crappy article.
Andres, i think you missed the pointr You do realise that the worst browser is at the top of the list and the best at the bottom.
Andres, if you read carefully they rank FireFox/Mozilla at the top. Chrome and Edge and Safari are very likely 1, 2, and 3/4 in terms of # users.
DuckDuckGo is not a browser. It is a search engine.
Excuse me? It is a browser….
DDG browser is mobile only. There is no desktop version.
I would like to see a detailed article on how to best optimize firefox for ultimate privacy and security. Or, if such an article exists, could someone point me in the right direction?
Here is an older one: https://www.expressvpn.com/blog/5-firefox-settings-for-a-more-private-browsing-experience/
I used Firefox from the very first beta of the then named Mozilla Sunbird.
And then Mozilla joined the ranks of the shrieking hysterical woke mob, as of a few days ago, calling for the silencing of anyone who disagrees with the US election results.
And now I don’t use Firefox anymore. Vivaldi is a fine replacement.
ANY browser maker that sides with the suppression of 1A free speech is suspect and not worthy of any trust or confidence IMO. Your accusation with regard to Firefox is concerning… can you substantiate it with evidence?
Not a one of these browsers is PRIVATE. I agree, this is a total propaganda article. Security is that someone can get your info at a coffee shop. Privacy is that Google can’t spy on you, collect everything you do, and create artificial intelligence on you. All these websites collect a person’s data. Google and Chrome being the worst. None can be trusted. Shame on you Express VPN. You know better. That makes me no longer trust you for VPN service, because you are lying about Privacy.
Captcha didn’t seem to work with Firefox, no idea why. Other than that it was good.
Opera GX appears to be easy to configure to erase browsing history.Im not technically savvy with anything else,sadly.
Have you looked at Epic Privacy Browser? It seems to have gained some popularity and mentions.
Really nice article, but you shouldn’t recommend to use vpn and tor together. This usage sabotages the security procedure of tor.
I feel Firefox is better, but i’m surprised Google’s business model of tracking doesn’t always trump security and privacy.. To me *anything* which is anti-business model to Google is a lie.. because that’s the whole business of Google, to track and make money from adverting and selling data..
No one would do the same for social networking because we know Facebook and Twitter have that same monopoly (an got caught), despite privacy settings to try and “flatten the curve”
So, why do we do it with Google? With the whole issues supporting privacy people yelling louder (which only cropped up after Windows 10 was released and no one knew anything about how a cloud system part of an OS suddenly was ‘bad’), I find Ege is on the list…
Meanwhile Apple has had the cloud part of their OS longer, ad you don’t hear a peep from Apple users.. Must be the business that your in that drives people to this flawed logic.
I like Firefox but the bookmarks in iOS are rubbish. Until that gets sorted it makes it unusable for me.
Currently trying Brave.
How is brave? I am currently using Opera (mainly bc of adblock) but Im thinking about switching to brave, or maybe vivaldi browser. But would you recommend Brave?
Caught – Looks like the article itself is about a year old, but they recently updated it, giving it the impression it was from this month…
The information about the Brave Browser is WRONG! – “it layers its own ads on top of the ads found on websites, allowing them to essentially profit from the sites without giving the creators anything.”
“Brave has never done this, and never would. ” ~ Brave software developer
I don’t like that most browsers are now using a form of Chromium. Especially now that Microsoft and Google are using that same engine too. Makes me think that it could become a very attractive target in the future and make for some real problems when most browsers use that engine. If you are really concerned about privacy it’s probably best to avoid a browser like Edge or Chrome given their close connections to ecosystems that both have shown to collect personal data for different reasons. But never the less are indeed collecting data for reason we don’t always have a clear picture on. Using a browser not associated with a big ecosystem is probably better in containing your personal information.
There is a new Idyll browser, it is similar to tor, but improved
Using a VPN for a TOR browser???
The Silk Road takedown wasn’t due to the tor security being compromised, it was the operators of the darknet site that were tracked in the real world, and besides. Tor is funded ~95% by the fbi
What about Torch browser or Epic Privacy Browser? I have also heard that Iron Browser takes privacy quite seriously.
What I often have noticed is that different sources will list different info including some saying browser X is no longer being worked on while other sources saying it is still be developed.
Seems like sort of an imbalanced review given most Chromium based browsers get high security marks except for Opera? Maybe because Opera has its own built in VPN?? Edge has its own built in Smart Screen which in some tests is better than Google’s. I think all these browsers security wise are very good, they do a lot more than browsers used to in stopping security breeches. Privacy seems way over blown as important to most users given how popular Chrome is. Maybe users are just hypocrites who sound off on privacy impotence, but rarely do much about it themselves.
Did we forget something? Such as Pale Moon browser, which is developed for the purpose of security as the most important ingredient?
Agreed, I noticed about Pale Moon two years ago and still its my main browser.
so is Brave Browser nice combination with expressvpn?
What happened to Quant?
Calab,
Still looking forward to your thoughts on Duck Duck Go
Thanks
As many comments below…. What about my default browser DUCKDUCKGO?
You said to use, DUCK DUCK GO.
WHAT HAPPENED TO THAT?
What about DuckDuckGo?
I use Vivaldi and right now using Waterfox,witch all in all took Firefox and arranged it for privacy and speed.I had stopped using the official firefox a few years back because it was super slow and switched to Gchrome..but with the spying eyes at g just gave me the jeebies.
I am physically disabled,and was really liking Vivaldi,but the system is so temperamental ,well in building websites on several occasions I lost all of my info ,so I got the Waterfox.Also use Palemoon witch is also firefox based.
wonderful put up, very informative. I wonder why the opposite specialists of this
sector do not understand this. You must proceed your writing.
I’m confident, you’ve a great readers’ base already!
Thank you, I really enjoyed this article. I am a diehard user of Firefox and have been for many years After reading this, I am glad I chose one of the good ones.
Been using Mozilla “FireFox” since it was Netscape and you had to buy it on CD.
It is a totally different beast now. And that’s a good thing!
Let me fast check it out
What about Vivaldi? Why isn’t it on this list?
Tor Browser page load speed is very slow, no?
It has improved in speed a lot over the last few years.
After Snowden outed them more people are now running relays.
So more speed.
Besides that it’s worth the cost in speed for very obvious reasons.
I’m using TOR right now1
Speed is pretty good!
I was a big fan of Brave on iOS, until I discovered it was leaking WebRTC through the VPN. This was documented on GitHub months ago. Brave developers were made aware of the issue but have taken MONTHS to fix it and it STILL isn’t fixed even now (they deliberately slated the patch for a much later main version update). This should have been treated as a high priority vulnerability and patched ASAP. This unacceptable failure led me back to Firefox.
to “Disappointed by Brave” ;
have a try on Brave v1.4.1 & above ,i think they’ve solved many bugs & problems ,please write your new idea& new concept.
all of us will appriciate your new survey & learn more !
Nice to see a list like this finally put out. I’ve always wondered where all the browsers stand in order of least to greatest. I am pleased to see this because I only use Tor and Firefox, the best two. If you harden the browsers they’ll be even better. Make sure they only route all https traffic through TLS 1.2, turn off geo location, resist fingerprinting, turn off WebRTC, and disable telemetry. And of course also use a VPN. Actually it’s mostly just Firefox that needs this work, Tor is already basically hardened. Tor will allow weaker versions of TLS if you don’t specify otherwise though, that’s about it.
All i can say is this: you clearly must be getting paid by Google or IE, anyone with even the slightest knowledge of browser security would never list IE which comes from a company that literally spies on your through its |OS. secondly; Google sell your information when you use their DNS 8,8,8,8 is this your idea of Privacy?
if so i suggest you take up a new line of business or do a proper study of the subject
Hi there,
This article is a ranking of the 4 most popular browsers on the market and the ones that are used by most people. You’re definitely right that the companies involved don’t have perfect records when it comes to user privacy. As we’ve posted elsewhere on the blog, using the Tor browser (with a VPN) is a much better option for privacy 🙂
That response to the peculiar criticism was delivered appropriately.
And I guess because the firefox is the best browser, pwn2own decided it was not even worth bothering trying to exploit it right? /sarcasm
Hi there, good catch! We agree (in the article) that Chrome is better than Firefox in terms of security. But from a composite standpoint, we found Firefox to have the best combination of update frequency, security, and privacy. While none of these browsers are perfect, that gives the browser providers something to work towards!
Not so. It is closed source so fails on security very badly.
Chrome is definately not better nor is it even in the same class as Firefox as far as security goes.
First it is put out by one of, if not THE biggest security violators on the Internet, “GOOGLE.”
The fact it is not OPEN SOURCE disqualifies it automatically.