Outcry After DuckDuckGo Admits It Allows Microsoft Trackers

DuckDuckGo chief executive Gabriel Weinberg has said the company is working to change its contract with Microsoft after an outcry over a privacy loophole.

Security researcher Zach Edwards last week found that DuckDuckGo’s Privacy Browser app for iOS and Android blocks trackers from Google and Facebook, while allowing Microsoft trackers.

In a reply to Edwards on Twitter, Weinberg said DuckDuckGo was obliged to allow the Microsoft trackers as part of its search-results syndication deal with Microsoft, which allows it to display Bing search results in its search engine.

Weinberg said on Twitter that the company has been “working tirelessly behind the scenes” to change the provisions of its arrangement with Microsoft and expects “to be doing more soon”.

Image credit: DuckDuckGo


He pointed out that the Microsoft deal was public but acknowledged there needed to be more transparency in the browser’s description on app stores.

“We have always been extremely careful to never promise anonymity when browsing, because that frankly isn’t possible,” he said in a statement provided to Bleeping Computer.

“I know our product is not perfect and will never be,” he told a Hacker News online forum. “We face many constraints: platform constraints, contractual constraints (like in this case), breakage constraints, and the evolving tracking arms race.”

Weinberg noted on the forum that the syndication deal with Microsoft has “broad confidentiality provisions” that prevent DuckDuckGo from discussing what the arrangement entails.

But he added that he believes the company’s offerings are “the best thing out there for mainstream users who want simple privacy protection”.

He pointed out that the tracking issues don’t apply to DuckDuckGo’s search engine, only its browser.


But users expressed anger, with one saying the issue “undermines trust” in the company.

“This is a problem, and it’s a serious one,” wrote a Hacker News user. “It undermines trust in a product that claims to be the bastion of privacy.”

The same user said Weinberg’s response “sounds like marketing mumbo jumbo”.

“If a privacy-centric browser is contractually obligated to load tracking scripts and is required to avoid disclosing that fact, I want absolutely nothing to do with either party,” the user wrote.

DuckDuckGo has positioned itself as a champion of privacy in high-profile marketing campaigns and public comments.

Earlier this month the company criticised new Google tracking and ad-targeting methods that Google had promoted as being more privacy-oriented.

“The simple fact is tracking is tracking, no matter what you call it,” DuckDuckGo said on Twitter at the time.

The company showed 46 percent growth last year amidst increased awareness of privacy issues.

‘Privacy for profit’

Cillian Kieran, founder and chief executive of privacy infrastructure firm Ethyca, said the debate highlights the fact that amidst a lack of comprehensive privacy law in the US, “the most vocal arbiters of privacy are companies that are selling their own notions of privacy for profit”.

Apple, another firm that has positioned itself as a champion of privacy, is thought by some industry watchers to be developing its own mobile advertising platform.

The controversy underscores the need for privacy rules to be codified by a public institution “rather than a business that is itself playing the game”, Kieran said.

Ethyca points out that legal frameworks for privacy are being put into place around the world, and estimates that 83 percent of the world’s population is protected by modern privacy law as of the end of 2021.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Google Ordered To Pay $43m By Australian Court

Search engine Google fined $43 million by Australian court for tracking Android users location data…

1 day ago

Hacker Touts Data Sale Of 48.5m Users Of Covid App – Report

Personal data of 48.5 million Chinese citizens who used Shanghai's Covid App, is being offered…

1 day ago

Facebook Tests Default End-to-End Encryption For Messenger

Privacy move. Platform tests secure storage of people's chats on Messenger, in a move sure…

1 day ago

UK’s CMA Begins Probe Of Viasat Acquisition Of Inmarsat

British competition regulator the CMA, begins phase one investigation of $7.3 billion merger between Inmarsat…

2 days ago

Cisco Admits ‘Security Incident’ After Breach Of Corporate Network

Yanluowang ransomware hackers claim credit for compromise of Cisco's corporate network in May, while Cisco…

2 days ago

Google Seeks To Shame Apple Over RCS Refusal

Good luck convincing Tim. Google begins publicity campaign to pressure Aple into adopting the cross…

2 days ago