What 404 does
404 addresses the web research layer by rewriting the fingerprint surfaces that remote sites use to recognize or correlate a browser over time.
Human rights organizations
Digital security for human rights investigators
Empirical studies have shown that individuals tend to avoid controversial topics online, limit participation in forums, or refrain from joining certain organizations if they believe their digital footprint is monitored. Even when surveillance does not result in direct action, the perception of being watched changes behavior.
The threat is not only exposure. It is the chilling effect that changes what researchers are willing to read, monitor, or revisit.
Operational context
Human rights investigators often monitor actors with both motive and technical capability.
Human rights organizations investigate governments, militaries, police units, militias, corporations, and armed groups that may have strong reasons to watch who is visiting their public web properties. In that context, browser fingerprinting is the passive, low-cost end of surveillance infrastructure. It does not require malware or a zero-day. It only requires the site to log and correlate technical signals from each visit.
That matters because the surveillance burden is already well documented. A 2024 report to the Inter-American Commission on Human Rights found that in some countries nearly all journalists and human rights defenders surveyed suspected that they had been targeted for surveillance because of their work. The web research layer fits directly into that broader risk model.
The gap in current tools
The standard toolkit helps, but it leaves the browser fingerprinting layer exposed.
The usual toolkit for at-risk work is sensible: VPNs, Tor, Signal, hardened devices, and secure communication channels. Those tools address important problems. They do not remove the device fingerprint that can still travel with each web request regardless of network path.
- VPNs: They help with IP attribution and network routing, but they do not remove the browser and device fingerprint that accompanies each web request.
- Tor: It can reduce important tracking vectors, but it does not make the broader fingerprinting problem disappear and its use may itself change how traffic is perceived.
- Signal and comms tools: They are critical for communications security, but they do not address the browser identity that leaks during open web research.
- Threat reality: Monitoring for unusual traffic, repeated visitors, or suspicious patterns is a low-cost form of surveillance that does not require spyware or exploitation. It only requires analytics and the motivation to look.
What 404 does
404 is a web-layer protection tool, not a complete security solution.
That limitation should be stated plainly. 404 is meant to reduce externally visible browser correlation during web research. It is not a communications platform, it does not defend against endpoint compromise, and it does not replace disciplined operational security.
What it does do is narrow one specific exposure: the ability of remote sites to tie repeated visits back to the same browser identity through a combination of TLS signatures, headers, browser APIs, graphics behavior, audio behavior, and lower network signals.
Why coherence matters
The point is not to spray random values across the stack. It is to present one internally consistent browser identity across TLS, headers, JavaScript-visible signals, and packet-level values.
What it does not do
404 does not protect communications, does not stop spyware, and does not replace operational security, compartmentalization, or secure-device practices.
How it fits
It sits beside the rest of the security toolkit. VPNs, Tor, Signal, hardened devices, and disciplined workflows still matter. 404 covers the browser fingerprinting layer specifically.
For sophisticated human rights teams, the right framing is additive rather than substitutive. 404 belongs alongside existing digital security practices, not in place of them.
How it fits
A practical implementation of attribution control for the web research layer
The Berkeley Protocol explicitly advises investigators to manage attribution risk and to use secure technical environments for open source investigations. 404 fits that guidance at one precise layer: the browser fingerprint that public sites can collect every time a researcher loads a page, checks an update, or returns to monitor a subject over time.
For human rights organizations, that distinction matters. The goal is not to claim complete protection. It is to remove one passive, low-cost surveillance vector that otherwise sits untouched between the browser and the site being investigated.