by Jonathan D’Souza-Rauto and Marco Bettini

Fingerprinting has long been the ad industry’s worst-kept secret, a powerful, persistent method for identifying users across devices without cookies. Regulators have spent years trying to curb its use. Tech giants have called it invasive. And yet, Google just made a move that suggests fingerprinting isn’t going anywhere. In its latest policy update, Google is softening its stance on fingerprinting on their ad platforms, a shift that could redefine digital tracking as we know it.

Is this the next step in the industry’s evolution or a step backward for consumer privacy?

What Is Fingerprinting, and Why Does It Matter?

At its core, fingerprinting collects device and browser signals such as IP addresses, user agents, screen sizes, and fonts to create a unique identifier. Unlike cookies, which users can delete or block, fingerprinting operates behind the scenes. It’s persistent. It’s invisible. And it’s nearly impossible to opt out of. There are plenty of well known vendors that exploit this approach but very few will ever admit it for fear of respite.

Fingerprinting has legitimate uses, like fraud detection and bot prevention. But when used for ad targeting and cross-device tracking, it raises serious ethical and regulatory concerns. Consumers can’t consent to it. They can’t control it. And, in many regions, regulators consider it a violation of data privacy laws.

Google’s New Policy: A Shift with Big Implications

In December 2024, Google announced a major update to its ad policies, that took effect in February 2025. The most controversial change? A more lenient stance on fingerprinting. Google claims that advancements in Privacy Enhancing Technologies (PETs) make fingerprinting safer and more viable. But privacy advocates aren’t convinced. Even Google itself once said fingerprinting “subverts user choice and is wrong.”

So, what changed? The short answer: the rise of Connected TV (CTV) and walled-garden ad ecosystems. With third-party cookies disappearing and identity tracking becoming more difficult, fingerprinting offers a workaround, one that many vendors are eager to take advantage of.

What This Means for Brands and Advertisers

Fingerprinting may be making a comeback, but that doesn’t mean it’s a safe bet. Here’s what brands need to know:

1. Regulatory Scrutiny Is Rising: Global privacy regulators are already targeting fingerprinting. Brands relying on it for tracking could face compliance risks.

2. Consumer Trust Is at Stake: Privacy-conscious users expect control over their data. Fingerprinting, by design, takes that control away.

3. The Future Lies in Consent-Driven Identity: The industry is shifting toward first-party data, Privacy Enhancing Technologies, and alternative deterministic ID solutions. Fingerprinting might offer short-term gains, but long-term success requires a privacy-first approach.

Kepler’s Take: The Path Forward

Fingerprinting isn’t the future of identity — it’s a stopgap. Brands should be focusing on strategies that align with evolving regulations and consumer expectations. That means investing in first-party data, leveraging aggregated signals in targeting alongside exploring PETs that prioritize transparency and consent.

Google’s policy shift might give fingerprinting new life. But in the race toward a privacy-first internet, it’s not the technology that will win, it’s the companies that build trust.

To learn more and future-proof your media strategy in the wake of these changes read our thought-leadership piece here.