We need to get off of our high horses for a hot minute, I think. When big tech offers increasingly personalized results, we can’t afford being bothered by IP based location specific results. The thing is, I want local results. I use DDG as my main browser. Sometimes I need to search for ophthalmologists in my city. I want some localization. I just don’t want to inform google about the diet and hair count of my mother’s pet in exchange. If DDG offers me location specific result based on IP that is disassociated with my usage after the fact, great!
Privacy friendly alternatives can’t just be restricted for the super niche of power users. I want them to go mainstream. Catering to which involves the ability to personalize results because mainstream users would want to use their search engines for IRL usecases more than not (I imagine).
I must have missed the main point of this article. All the things that DDG does that are presented as negative seem neutral to me. Perhaps I missed a key fact.
I think the strongest claim they could be making is that DDG (1) collects and stores search results, and because the results are tied to your IP someone could in theory associate different search results records, to identify you. E.g. they could know that someone who lives in town X and has searched for "Warhammer 40K" a lot, also searched for "does Company Y do drug tests" or something.
It's not clear to me that DDG even does (1) though from the article - all the claims I can see are slightly weaker.
The issue with online privacy isn’t that ads exist or that the entities we engage with are able to provide us services based on easily ascertained information.
These recent anti-DDG articles seem to have a privacy-weakening agenda. Each tries to portray online tracking as just the casual use of uninvasive metrics to provide better services.
This is not at all comparable to what ad networks do including thr large ad companies such as Google or Facebook/Meta. Those are companies that build such extensive profiling as to be harmful, a level of detail that we don’t even let our own government keep.
The way the information is gathered is mostly opaque, utilises both online and offline sources and is certainly identifiable to the individual.
We then see the consequences of this from straightforward harms: such as AA members having their real names revealed to each other. To larger harms such as how period tracking information is now being accessed post row vs wade being over turned.
> It's not clear to me that DDG even does (1) though from the article - all the claims I can see are slightly weaker
Exactly right! The claim seems to be that DDG's privacy policy contains text that, if you squint just right while standing on one leg, might suggest that there exists something like "an anonymized per-person search history," maybe. Or they might have used that term to mean that there is no per-person search history. It's vague.
Heh, I like the way you tell a story. I’m inclined to give DDG the benefit of the doubt here, but if any DDG employees are reading then please update your policy to be more clear / explicit
"it polluted my search results with geographically relevant search results"
Oh my! Perhaps they also polluted the search with search results relevant to your search term?
If you want to be completely anonymous on the web, use other means of browsing it. You can't visit other websites without them knowing where you come from if you are unprotected.
The screenshot is of the second page of results. But right at the top of the results there's a control to switch to global results.
On top of that IP-local results are only presented in the top box with an option to change your location, a link to the docs explaining how IP-based location is only guessed and never stored.
Other than that, I don't see any location pollution in the further search results. For example, I searched "ophthalmologist" and I get no local results outside of the top box. Author doesn't allow for results being presented on their ranking for their search and just happen to be local to them and assumes it must be only/mostly based on location.
Also author openly admits they changed title to more inflammatory.
For my work I am connected to a VPN that has an USA based IP address, whereas I am based in the UK. Using Google is a nightmare if I look for a restaurant in a specific town as it defaults to a identically named town in the USA. The same problem exists for navigation instructions. In most cases you do really want to filter your result by IP location.
I don't use DuckDuckGo, but this argument about location data really doesn't get it all.
> As seen in the example above, it polluted my search results with geographically relevant search results that had nothing to do with my search terms.
OK? I hope he doesn't get cancer from this kind of "pollution". Any attempt at showing useful stuff is sometimes going to fail. If you use pagerank to rank websites you're occassionally going to "pollute" the search results with SEO shit.
> Although they insist it's anonymous, the best strategy would probably be to not collect the data at all, but I digress.
But this is the truly clueless argument here. If you send a request to a website, they necessarily know your IP address. For them to look up this IP address in a location database, adds no additional privacy risk.
I actually agree with the author in that users should not expect their data to be stored, ever.
However, the window of discourse has shifted so far away from that perspective that it isn't practical to discuss it when evaluating a mainstream tool like DDG. In our current environment, I think DDG is making the best of a bad situation.
I don't get the appeal of DDG. The immense majority of people don't care about privacy and are happy with Google. Some people really care about privacy, and for them, like the OP, DDG doesn't do enough.
So DDG is for people who care about privacy... just a little?
In my experience most people care about their privacy when they become aware how their personal data is used.
The lack of transparency is preventing people to consider the impact on their privacy.
There is a minimal set of data that your browser (unfortunately) has to communicate to any website.
Duckduckgo or any other search engine cannot simply ignore your IP address so they might as well do something useful with it. If you don't care about search results influenced by your rough IP geolocation you can always manually choose the region you prefer. In any case, unless you are using a VPN or tor, DDG will always have access to your IP. If you don't want someone to use your data in any capacity you should not provide it or there should be a legally binding contract to discourage improper usage by the company, simple as.
> This is somewhat surprising and undesirable especially because one cannot turn it off.
It's surprising that when using the internet other computers you communicate with get your ip? You can opt out by going outside and not using the internet, or use tor if you want to hide your ip. Not understanding how tcp/ip works is not an excuse for accusing others.
Internet discourse always gravitates to extremes. I passionately dislike the big tech monopolies, but complaining that a search engine uses your IP to improve their results and maybe do some A/B tests is counterproductive to the privacy movement.
It sets impossible standards in consumer products and pushes toward more fragmentation of this niche.
I don't think it's helpful to title an article like this when the content is essentially just saying that DDG is not perfect. I fear a lot of people will just read the title and go back to using - that other search engine - which is probably not what the author intended?
DuckDuckGo is the best balance between convenience and privacy we have right now. And the issues raised in the article are kind of minor compared to the value it provides. If you compare this to the empire of tracking, profiling and data sharing from the others...
The Gemini community is prickly about privacy, to the point where it's considered bad (perhaps even a gross violation of the GDPR per the Gemini community) to even log IPs of requests. So this type of article seems par for course.
I looked at their site and I can see what you are talking about but at the same time their protocol doesn't really do anything for privacy.
Their idea of privacy is to remove headers from https but nothing stops a website tracking their ip or putting a unique id in the url or image filename.
The TL;DR as I would put it: DDG stores your IP address for A/B testing. This results in personal/private information (your IP) being logged and stored by DDG.
However, I am not so sure about the article's conclusion. I do agree that the phrasing is a bit hazy, which might or might not be intentional. At the same time, the conclusion ("Don't use DDG") seems very broad. I don't see a good point, that the IPs used in for A/B testing could actually be used for tracing back actual IP addresses. I am also missing any point about how the proposed solution (use "arkenfox") solves that problem.
tl;dr - they use GeoIP to get geographic location to inform your search results and store search histories that are not associated with your IP address.
I think the article is a bit of an over-reaction. Compared to something like Google, DDG is a good alternative if you don't like the tracking and personalised results. (I've been using DDG as primary for years though so I may be biased)
I personally am happy for them to geo-locate me to a city of ~10 million if it means I get the "right" London and not the tiny one of 400K residents in Canada that is thousands of miles away from me when searching for something in London.
I think the problem is that they store «Your browsing history» as a holistic unit, which allows fingerprinting. A thought case: an actor could obtain their records, find your specific browsing history through the sites you visit (your fingerprint), and then also tie all your other searches to that. As a privacy focused search engine it’s concerning that they store individual search histories at all, even if not identifiable by IP.
Privacy friendly alternatives can’t just be restricted for the super niche of power users. I want them to go mainstream. Catering to which involves the ability to personalize results because mainstream users would want to use their search engines for IRL usecases more than not (I imagine).