If you are using DuckDuckGo (DDG) to browse the web, you should know this story.
DuckDuckGo and Tracking
A security researcher found that DDG tracks its users using its browser service. DDG provides Chrome Add-on, Android, and Apple App store apps for its browser. This discovery created quite an uproar because everyone thought DDG was safe and protected their privacy. And the tracking data is sent to Microsoft.
“The new DuckDuckGo browsers for iOS/Android don’t block Microsoft data flows, for LinkedIn or Bing”, said Zach Edwards, the security researcher who found the tracking during a security audit. He went ahead and explained in detail this finding in the Twitter thread.
The findings also revealed that the trackers are not sending data to Facebook or Google, but it allows a connection to Microsoft/Linkedin (see above image POC).
The story continued when DuckDuckGo CEO and Founder Gabriel Weinberg confirmed that their browser intentionally allows Microsoft trackers third-party sites due to a search syndication agreement with Redmond.
The entire event caused a massive debate on Hacker News. The CEO also joined the conversation where people debated with him on this topic.
The story got blown up, and many fake headlines targeting DDG appeared online. And the CEO is trying to reply to all of them. The whole event damaged some bit of the reputation of DuckDuckGo.
Finally, it’s a miss from DDG’s side not to disclose the agreement in the proper places. Also, it’s completely understandable from the CEO’s perspective on how to generate revenue etc. After all, it’s still a business, and people need to be paid wages. But again, it should have been informed to the users in terms and conditions or any other appropriate places.
Privacy online is a myth, we all know. The only perfect way to achieve privacy in this age of time is to live off the grid.