The paper investigates the effectiveness of the privacy mode feature in three widely used Web browsers, and outlines how to investigate when these browsers have been used to perform a criminal or illegal act. It performs an identical test on a privacy mode session for each of the three Web browsers and investigates whether traces are left behind. The analysis is done in three phases. First, common places where history and cache records are usually stored are examined. Then, other locations on the local machine are examined using special forensic tools. Also, the physical memory (RAM) is captured and examined for traces.