We select and review products independently. When you purchase through our links we may earn a commission. Learn more.

DuckDuckGo Isn’t as Private as You Thought

The DuckDuckGo logo on a white background

DuckDuckGo made a deal with the devil. Due to a confidential search agreement, the DuckDuckGo browser does not block all Microsoft trackers. What’s worse, DuckDuckGo only acknowledged this “privacy hole” after it was discovered by a security researcher.

As you may know, DuckDuckGo pulls its search results from other services, primarily Bing. You may also know that clicking a Microsoft-provided ad in DuckDuckGo will reveal your IP address to the Microsoft Advertising service—this is explicitly stated on DuckDuckGo’s website and in the company’s search engine.

But this partnership goes a bit deeper than we thought. Security researcher @thezedwards found that the mobile DuckDuckGo browser does not block Microsoft trackers on third-party websites, such as the Facebook-owned Workplace.com.

Gabriel Weinberg, the CEO of DuckDuckGo, is now running damage control on Twitter. He explains that Microsoft cannot see what you search in DuckDuckGo, and the DuckDuckGo browser blocks all Microsoft cookies. But if you visit a website that contains Microsoft’s trackers, then your data is exposed to services like Bing and LinkedIn.

This is the result of DuckDuckGo’s “search syndication agreement” with Microsoft. In order to pull search information from Bing, the privacy experts at DuckDuckGo have to poke holes in their browser’s security system.

While DuckDuckGo has a solid privacy policy when it comes to Microsoft’s ads, it hasn’t explained how Microsoft uses data from third-party trackers. And that’s quite alarming. Maybe this situation is overblown, or maybe Microsoft can build targeted ad profiles based on your web activity in DuckDuckGo—we don’t know because DuckDuckGo signed a confidentiality agreement.

Gabriel Weinberg says that DuckDuckGo is “working tirelessly behind the scenes” to improve its deal with Microsoft. Additionally, he expects DuckDuckGo to “include more third-party Microsoft protection” in a future update.

Yeah, that’s great. But why are we only hearing about this now? We’ve all seen the ads and billboards—privacy and transparency are the biggest features in DuckDuckGo’s browser. Oh, but Microsoft gets an exception, and users aren’t allowed to know about it?

It’s clear that DuckDuckGo doesn’t offer the level of privacy that it promises to users. And unfortunately, I’m not sure that any company or software can protect your browsing data. The internet doesn’t run on privacy or anonymity; it runs on money, and your data is worth a lot of money.

Andrew Heinzman Andrew Heinzman
Andrew is the News Editor for Review Geek, where he covers breaking stories and manages the news team. He joined Life Savvy Media as a freelance writer in 2018 and has experience in a number of topics, including mobile hardware, audio, and IoT. Read Full Bio »