You Are Not Invisible
You open a new incognito tab. The browser dims slightly, like someone lowered the blinds, and for a moment there's this quiet sense of having stepped off the grid. Clean slate. No footprints.
That feeling is almost entirely wrong.
Incognito mode does one specific thing well and almost nothing else. The gap between what it actually does and what most people assume it does is the difference between being quietly exposed and making a real choice about your privacy. Those are not the same situation, and conflating them is the browser vendors' fault as much as anyone's.
The One Thing It's Actually Good At
Incognito mode protects you from other people who use the same device. That's it. That's the whole job.
When you browse in a standard window, your browser stores a running log: pages visited, search terms typed, cookies dropped by websites, form data, passwords if you let it. The next person who picks up that laptop and types a single letter into the address bar can see everywhere you went.
Incognito stops that. When you close the window, the local record disappears. No history entry, no lingering cookies, no saved form data. For shared devices, hotel computers, or the family laptop you borrowed for five minutes, that's genuinely useful.
Think of it like borrowing a friend's car and leaving no fingerprints on the steering wheel. The car's GPS, the toll cameras on the highway, the fuel station's security footage all still saw you. The car itself just doesn't remember.
What Your ISP Sees (And It's a Lot)
Every request your device makes to the internet travels through your Internet Service Provider. Your ISP sees the destination of every connection you make, and unless the site uses HTTPS, it can see the full content of that traffic too.
With HTTPS, your ISP can't read the exact page content, but it can still see which domain you visited and roughly when. That log is retained for months, sometimes years, depending on local regulations. Opening an incognito tab changes exactly nothing about this. The packets still leave your router.
If you're on a work or school network, the IT team has the same view. Take this scenario: Priya and Daniel both work at the same company and both use incognito tabs on their work laptops to browse during lunch. The IT administrator pulling network logs on a Tuesday afternoon can see every domain both of them visited. Incognito protected them from each other. It did not protect either of them from the network. Not even close.
The Websites You Visit Know You Were There
This one surprises people more than it should.
When you load a website in incognito mode, that website receives your IP address, your browser type, your screen resolution, your operating system, the referring URL, and a cluster of other signals. The site's server logs that visit. Its analytics platform records it. Any ad trackers embedded in the page fire their pixels.
Cookies don't persist after you close the incognito window, which limits cross-site tracking to some extent. But within a single session, a site can still track your entire path through its pages, and your IP address doesn't change just because you opened a different kind of tab.
There's also browser fingerprinting, a technique where sites combine your screen size, installed fonts, browser version, timezone, and a dozen other passive signals into a near-unique identifier. No cookies required. Incognito does nothing to disrupt fingerprinting, which is the more insidious technique, and the one that's quietly become the tracking industry's preferred fallback.
What People Get Wrong: The Google Problem
Here's a specific and common mistake. You open an incognito window, then sign into your Google account to check Gmail.
You have just handed Google a complete, logged, account-linked record of everything you do in that session. Every search, every site visited via Google Search, every YouTube video: all of it attached to your identity. The incognito mode prevented your device from storing a local copy. Google's servers kept their own.
This applies to any service you log into. The moment authentication happens, the anonymity fiction collapses entirely.
Meta was sued over precisely this: tracking users' activity on third-party sites even when those users believed they were browsing privately. The lawsuit hinged on the Facebook Pixel, a tracker embedded across millions of websites, which fires regardless of whether the visitor is in incognito mode. The mode that was supposed to protect you was, in effect, decorative.
Browsing privately and browsing anonymously are two different things. Incognito delivers the first, in the narrowest sense. It doesn't touch the second.
So What Actually Works?
If you want something closer to genuine privacy, a few tools move the needle meaningfully.
A reputable VPN encrypts traffic between your device and the VPN server, hiding your activity from your ISP (though the VPN provider itself can see it instead, so provider choice matters). The Tor Browser routes your traffic through three separate relays, making IP-level tracking significantly harder, at the cost of speed. DNS-over-HTTPS, now built into Firefox and Chrome, prevents your DNS queries from being snooped on in plaintext.
None of these are perfect. All involve tradeoffs. But they address the network layer, which is exactly where incognito mode does nothing.
For the specific use case of not leaving traces on a shared device, incognito remains the right tool. Use it for that. Don't use it as a shield against the internet seeing you.
Next time you open an incognito tab, actually read the splash screen before you close it. Chrome's says, fairly plainly, that your activity might still be visible to websites, your employer, and your ISP. The disclosure was always there. The browser told you. You just had a more satisfying story to believe.