DuckDuckGo, the self-styled “internet privacy company” — which, for years, has built a brand around the untracked web search claim, and recently launched its “private” browser with built-in anti-tracking — has found itself in hot water after a researcher found Hidden limits on its tracking protection that creates a cut-off for certain ad data requests by its joint search partner, Microsoft.
Edwards tested browser data streams on a Facebook-owned site, Workplace.com, and found that while DDG reported to users that it blocked Google and Facebook trackers, it did not prevent Microsoft from receiving data streams associated with their browsing on a non-Microsoft website.
Edwards had some Twitter back and forth with DDG founder and CEO Gabe Weinberg, who debuted trying to reduce Score by emphasizing all the things DDG Browser said Do Blocking (for example, third-party tracking cookies, including cookies from Microsoft).
Weinberg was also particularly keen to make it clear that the data flow problem was not related to DuckDuckGo search.
However, the limitation of DDG’s browser tracker ban amounts to a waiver of protection against transmissions of certain ad data to Microsoft affiliates (Bing, LinkedIn) – which can be used for cross-site tracking of web users for ad targeting purposes. Or in other words, to undermine the privacy of DDG browser users.
In a back and forth Twitter, Weinberg confirmed that Edwards’ audit was correct – “acknowledging a connection agreement that he said limits DDG’s ability to block trackers in this scenario by writing DDG’s ‘Search Sharing Agreement’ with Microsoft, which owns and operates the Bing index and search engine.” They prevent us from stopping Microsoft-owned scripts from loading.”
He added that DDG is “working to change that”.
When asked via Twitter if DDG’s contract includes a clause preventing it from publicly complaining about restrictions that Microsoft, the tech giant with its growing ad technology company, has imposed on it, Weinberg Tell us: “Our subscription contract has extensive confidentiality requirements, and the specific requirements documents themselves are expressly marked by confidentiality.”
Discussing his findings and DDG’s response with TechCrunch, Edwards described himself as “extremely shocked” by Weinberg’s public response to his review — and by what he summarized as “there are no public solutions to problems created through the confidential partnership between DuckDuckgo and Microsoft.”
Edwards added, “I have major concerns … about DDG’s general claims, particularly those they make on their iOS/Android app install sites, which promise tracking protection.” “If you compare the language in the app details, to the information that the CEO of DuckDuckGo shared yesterday, you can’t help but wonder why they are lying in one place on the Internet, not lying in another area of the Internet, seemingly trying to dump their biggest advertising partner Microsoft under Kind of on the bus — the CEO of DDG basically made a lot of comments about how he was trying and hoping to get out of their current contract with Microsoft — this was a shocking admission to see in public and something I hope regulators will take a serious look at.”
The issue was blown up on Hacker News during the day – Weinberg (aka yegg) was doing more firefighting in the comments, confirming that DDG’s hands are tied in its contract with Microsoft and claiming it has continued to push for changes to “this limited limitation”.
“This only pertains to non-DuckDuckGo and non-Microsoft sites in our browsers, where our search sharing agreement currently prevents us from stopping loading Microsoft-owned scripts, although we can still apply browser protection after loading (such as cookies “We have worked tirelessly behind the scenes to change this limited restriction,” Weinberg wrote on the site.
“I also understand that this is confusing because it is a research sharing contract that prevents us from doing something other than research. This is because our product is a package of multiple privacy protections, and this is a distribution requirement imposed on us as part of the research sharing agreement. Our union agreement also contains confidentiality provisions extensive, and the requirements documents themselves have been explicitly marked as confidential.”
While DDG Browser obviously does not block all scripts – and no tracking blocker will be 100% effective as tracking technologies are constantly evolving – this exclusion of Microsoft scripts looks different because it is a specific exception tied to a contractual agreement tied to a business transaction that allows DDG to use Microsoft’s search index into its core product – none of it (apparently) was public knowledge prior to the Edwards audit.
In more general comments on the issue, Weinberg noted that DDG attempts to balance the goal of giving browser users a very easy tracker blocker experience (for example, to maximize accessibility), with enhanced protections that might significantly enhance user privacy Larger but with the potential for a costly experience (eg broken web pages).
However, DDG’s failure to disclose to browser users Microsoft’s restrictions on its protections is particularly troubling—particularly in stark contrast to privacy-focused marketing that tells users they will “escape from website tracking” ( which obviously does not occur in the specific Microsoft-related cases identified by Edwards). So DDG risks misleading users and undermining its reputation as a pro-privacy company.
In a more recent reply posted in response to Hacker News comments, Weinberg appears to have accepted the need for DDG for full disclosure, writing: “We’ll be working hard today to find a way to say something in our App Store descriptions in terms of better disclosure — there will likely be something by the end of the day.”
“I understand the concern here that we are working on it in a number of ways but to be clear, no app will provide 100% protection for a variety of reasons, and the scripts in question here currently have significant protections over them in our browser,” he added.
We have reached out to Weinberg with questions. Send us this statement:
We’ve always been very careful not to pledge our anonymity when browsing, which frankly isn’t possible given how quickly trackers change the way they work to evade the protections and tools we currently offer. When most other browsers on the market talk about tracking protection, they usually refer to third-party cookie protection and fingerprint protection, and our new iOS, Android, and Mac beta browsers enforce these restrictions on third-party tracking scripts, including That’s those from Microsoft. We’re talking about protection here that goes beyond one that most browsers don’t attempt to do – that is, block third-party tracking scripts before they’re even uploaded to third-party websites. Since this can cause websites to crash, we can’t do it as often as we want to in any case. However, our goal has always been to provide as much privacy as possible in a single download, by default without any complicated settings, so we took this upon ourselves.
We’re also asking Microsoft questions about the restrictions it places on shared search partners, but at the time of writing, the tech giant hasn’t responded.
The privacy trade-offs are never great but there seems to be one conclusion inescapable here: Antitrust regulators need to examine the combined search market more closely—since it is primarily made up of two high-tech giants, Google and Microsoft, that have full power to impose (unfair) terms on anyone else wishing to offer a competitive search product, or in some cases, an alternative web browser.
European regulators recently approved a new pre-competition regime targeting the most powerful broker platforms – which the Digital Markets Act refers to as “internet gatekeepers”. DMA is clearly applicable to search engines but it remains to be seen if the committee will discover the opportunity to use incoming regulations to open up the search market by enforcing fair use terms around search participation on the only two approved indexes.