Ground Truth · pointed at a thing everyone gets wrong

Private to the Glass, Public to the Wire

Incognito mode is private to the glass (it wipes what your own screen would have remembered) and public to the wire: everything you send still travels the same network to the same servers, watched by the same parties. It makes you anonymous to exactly one audience: the next person to pick up your device.

Does Incognito make you anonymous? No.

Incognito stops your browser from saving history, cookies and form entries on this device. That is the whole of it. The website you visit, your internet provider, a work or school network, and your Google account see exactly what they saw before. Below, toggle it on and off and watch how few rows actually change.

Turn Incognito on and off in the console. Pick where you are (home, work, school, a café's Wi-Fi), add a VPN, choose the cookie era. Five parties can watch a browsing session; each cell shows whether that party SEES you, is PARTIAL (metadata only), or is BLIND. Tap any row for the sourced reason.

Where you are
Incognito
on
VPN
off
Cookie era
2024+ (post-settlement)

Slide Incognito off and on with your eye on the badges. In every configuration, the same thing happens: one row flips (the on-device row) because clearing your own device is the one thing Incognito was ever built to do. (Since 2024 a second row softens too; that is the twist below.) Everything on the wire is untouched.

The check: recomputed in front of you

The verdict isn't asserted; it's counted. Each time you toggle Incognito, the console diffs all five rows against the opposite state and reports how many actually changed, live:

And the settlement figures that anchor the "Google" row are cross-checked by arithmetic, not just quoted:

Reproduce every line offline: node research/does-incognito-mode-make-you-anonymous/verify-does-incognito-mode-make-you-anonymous.mjs. The free choices are yours (network, VPN, era) and named on the controls; the uncertainty is stated in the fine print below.

The one real thing it does

The fear is not entirely wrong; it's aimed at the wrong pane of glass. On a shared device, Incognito genuinely protects you: close every Incognito window and this session's history, cookies and autofill are discarded, so the next person who opens the browser finds nothing. That is real privacy, and it is the reason Incognito isn't useless. It is simply privacy to the glass (the screen in front of you) and nothing on the wire behind it.

What Incognito clears vs. what it can't touch
On this device (the glass)On the wire (everyone else)
Browsing history: clearedThe website's own logs: untouched
Cookies & site data: clearedYour ISP's view of the domains: untouched
Form & search-bar autofill: clearedA work/school/Wi-Fi admin's view: untouched
(kept) downloads & bookmarks you saveYour Google account, if you sign in: untouched

The twist: it got more private in 2024

"Who can see you" is not fixed in time. In 2020 a class action, Brown v. Google, argued that Incognito users were tracked anyway: that Google Analytics and ad tags on ordinary web pages kept receiving Incognito traffic. The suit sought $5 billion in damages. It did not end in a $5 billion payout. In the settlement given preliminary approval by Judge Yvonne Gonzalez Rogers in April 2024, the class received no cash at all. What Google gave instead was structural: delete or de-identify billions of Incognito records, rewrite the splash screen, and, for five years, block third-party cookies in Incognito by default.

That last term is why the console's "Google & trackers" row softens from SEES to PARTIAL when you set the era to 2024+: cross-site ad cookies are cut, though signing into a Google service still ties activity to you. Flip the era back to 2023 and the row goes red again. The settlement made Incognito do a second real thing, and it is the kind of moving target most explainers, written before April 2024, never mention.

Splash screen: before (pre-2024) "Now you can browse privately, and other people who use this device won't see your activity."
Splash screen: after the settlement "Others who use this device won't see your activity, so you can browse more privately. This won't change how data is collected by websites you visit and the services they use, including Google."

The single load-bearing edit: "including Google." The old screen already warned that your activity "might still be visible to the websites you visit, your employer or school, and your internet service provider": the whole of the console's right-hand column was printed on the glass all along.

Two things people get exactly wrong

"Google paid $5 billion." It didn't. $5 billion was the figure the lawsuit sought; the class got $0 in cash. The relief was record destruction plus the injunctive changes above, and class members kept the right to sue Google individually for money. Spread across the more than 136 million people the settlement covers, the $5 billion sought works out to about $37 a head that nobody was paid.

"My ISP sees everything I do." Not with HTTPS, which is now nearly the whole web. Your ISP (and any Wi-Fi or gateway operator in the path) sees the domains you connect to (from DNS look-ups and the unencrypted "SNI" name in the TLS handshake) plus the timing and volume of traffic. It does not see the page contents, your passwords, or the exact URLs. That's why the ISP row reads PARTIAL, not SEES, a real distinction Incognito has nothing to do with either way.

And a VPN? Flip it on: the ISP and public-Wi-Fi rows go BLIND, but a new watcher appears. A VPN encrypts the first hop, so your ISP sees only "talking to a VPN," while your VPN provider now sees precisely the domains your ISP used to. You have relocated the trust, not deleted it. This page is not selling you one.

What's exactly true, what's a judgment call, and where the edges are

Exactly true. Incognito's job is local: it opens a fresh session and, on close, discards that session's history, cookies, and site/form data from the device. It does not proxy, encrypt, or anonymize your traffic. The website, the network path, and any signed-in account are unaffected. All of that is stated on Chrome's own Incognito screen and mirrored by Firefox, Safari and Edge for their private modes.

The settlement facts. Brown v. Google LLC, No. 4:20-cv-03664-YGR (N.D. Cal.). Preliminary approval April 2024; class received $0 cash; Google agreed to delete or remediate billions of records covering 100% of the data set at issue, to rewrite the disclosure, and to block third-party cookies in Incognito by default for five years. Class counsel moved for up to $217M in fees (a ~$62M lodestar × a 3.5× multiplier); that fee comes from Google, not the class.

Distinct from the other cookie story. The five-year third-party-cookie block is Incognito-specific and court-ordered. It is not the same as Chrome's separate, on-again-off-again plan to kill third-party cookies for all browsing, which Google announced it would not force through a default deprecation. Keep them apart: one is a settlement term for private windows; the other was a site-wide product plan that stalled.

Judgment calls in the console. "Network admin = you" on home Wi-Fi is a simplification: your own router still logs the DNS look-ups it forwards, and your ISP is upstream regardless. "SEES vs PARTIAL" assumes modern HTTPS; a site still served over plain HTTP, or a managed device carrying a corporate root certificate, moves a PARTIAL toward SEES. The "Google & trackers" row treats signing into a Google service as the persistent thread; if you never sign in and the era is 2024+, the practical exposure is smaller than the badge's worst case. These are labelled where they live, in each row's reason.

Uncertainty named. "136 million" is the figure reported for the class size; "billions of records" and "100% of the data set" are the settlement's own words, not a count we recomputed. Encrypted-DNS (DoH/DoT) and Encrypted Client Hello can hide even the domain from an ISP (increasingly common, still not universal), which would push the ISP row toward BLIND without any VPN. The console models the common, not-yet-encrypted-DNS case and says so here.