DuckDuckGo is receiving criticism for the terms of a deal with Microsoft that has resulted in some Microsoft trackers being whitelisted.

DDG has made a name for itself as a privacy-first company, building a search engine, browser extensions, and web browsers around the premise of protecting user privacy. The company is one of the few that truly makes an effort to protect user privacy and data. Unfortunately, its terms with Microsoft have caused some concern.

Unlike Google, Bing, or Brave, DDG gets its search results from other engines, with the bulk of them coming from Bing. The company has long claimed to strip out trackers from the search results it provides, although clicking an ad from Microsoft in the search results is handled differently. DDG has never made a secret of the fact that clicking on those ads sends a user’s IP address to Microsoft, since the user is leaving DDG and entering Microsoft’s space.

Unfortunately, DDG had not been able to disclose the terms of the deal that whitelisted some Microsoft trackers, due to a confidentiality clause in the agreement between the two companies. Security researcher Zach Edwards first made the discovery and tweeted about it:

Sometimes you find something so disturbing during an audit, you’ve gotta check/recheck because you assume that *something* must be broken in the test. But I’m confident now. The new @DuckDuckGo browsers for iOS/Android don’t block Microsoft data flows, for LinkedIn or Bing.

— Zach Edwards (@thezedwards), May 23, 2022

Ironically, DDG doesn’t even block Microsoft’s data trackers on Workplace.com, a Facebook-owned domain that it brags about blocking Facebook’s trackers on.

Needless to say, DDG CEO Gabriel Weinberg is doing his best to put out the fire:

We’ve been working tirelessly behind the scenes to change these requirements, though our syndication agreement also has a confidentially provision that prevents disclosing details. Again, we expect to have an update soon that will include more third-party Microsoft protection.

— Gabriel Weinberg (@yegg), May 23, 2022

Of course, Weinberg might not have to put out so big a fire if his company had disclosed this issue first, rather than waiting until it was uncovered by a security researcher.

In the meantime, Shivan Kaul Sahib, Privacy Engineer for Brave, highlighted the inherent conflict of interest for a company that relies on the good graces of another company making money off of ad trackers.

This is shocking. DuckDuckGo has a search deal with Microsoft which prevents them from blocking MS trackers. And they can’t talk about it! This is why privacy products that are beholden to giant corporations can never deliver true privacy; the business model just doesn’t work.

— Shivan Kaul Sahib (@shivan_kaul), May 23, 2022

Speaking of Brave, the company is one of the only ones on the market that provides a truly independent alternative to Google and Bing. The company bought Tailcat, allowing it to build its own search engine that relies on a completely independent web index. This keeps Brave from being beholden to Microsoft, Google, or any other company.

With a privacy-focused browser and a truly independent search engine, Brave is quickly establishing itself as a much better privacy solution than DDG.

In the meantime, here is a statement from Weinberg that was provided to WPN:

“We have always been extremely careful to never promise anonymity when browsing, because that frankly isn’t possible given how quickly trackers change how they work to evade protections and the tools we currently offer. When most other browsers on the market talk about tracking protection they are usually referring to 3rd-party cookie protection and fingerprinting protection, and our browsers for iOS, Android, and our new Mac beta, impose these restrictions on third-party tracking scripts, including those from Microsoft. 

“What we’re talking about here is an above-and-beyond protection that most browsers don’t even attempt to do — that is, blocking third-party tracking scripts before they load on 3rd party websites. Because we’re doing this where we can, users are still getting significantly more privacy protection with DuckDuckGo than they would using Safari, Firefox and other browsers. This blog post we published gets into the real benefits users enjoy from this approach, like faster load times (46% average decrease) and less data transferred (34% average decrease). Our goal has always been to provide the most privacy we can in one download, by default without any complicated settings.” 

“I understand this is all rather confusing because it is a search syndication contract that is preventing us from doing a non-search thing. That’s because our product is a bundle of multiple privacy protections, and this is a distribution requirement imposed on us as part of the search syndication agreement that helps us privately use some Bing results to provide you with better private search results overall. While a lot of what you see on our results page privately incorporates content from other sources, including our own indexes (e.g., Wikipedia, Local listings, Sports, etc.), we source most of our traditional links and images privately from Bing (though because of other search technology our link and image results still may look different). Really only two companies (Google and Microsoft) have a high-quality global web link index (because I believe it costs upwards of a billion dollars a year to do), and so literally every other global search engine needs to bootstrap with one or both of them to provide a mainstream search product. The same is true for maps btw — only the biggest companies can similarly afford to put satellites up and send ground cars to take streetview pictures of every neighborhood.

“Anyway, I hope this provides some helpful context. Taking a step back, I know our product is not perfect and will never be. Nothing can provide 100% protection. And we face many constraints: platform constraints (we can’t offer all protections on every platform do to limited APIs or other restrictions), limited contractual constraints (like in this case), breakage constraints (blocking some things totally breaks web experiences), and of course the evolving tracking arms race that we constantly work to keep ahead of. That’s why we have always been extremely careful to never promise anonymity when browsing outside our search engine, because that frankly isn’t possible. We’re also working on updates to our app store descriptions to make this more clear. Holistically though I believe what we offer is the best thing out there for mainstream users who want simple privacy protection without breaking things, and that is our product vision.”

Updated 5/25/22: Edited for clarity and to add Gabriel Weinberg’s statement.