Over the last few years, ever since DuckDuckGo blew up with new users, I’ve been seeing more and more people come up with strange arguments against it.

Most of the time these arguments have got little to no research behind them. So let’s debunk the most common arguments.

“DuckDuckGo is based in a 5 eyes country. Therefore it must be bad”

This argument was generally made up by poor research.

Only because the government share data, doesn’t mean that DuckDuckGo has to.

And as said here and here.

The United States currently has no mandatory data retention law. However, if providers of electronic communications or remote computing services store electronic communications or communications records, the government may obtain access to the stored data under the Stored Communications Act (SCA), enacted as part of the Electronic Communications Privacy Act in 1986. The SCA also establishes mandatory data preservation, under which providers must preserve stored data for up to 180 days on government request.

TL;DR: The US has got no mandatory data retention law. But if they would log data, then the government may obtain access to the stored data if needed.

And as electronic communication started to become more prevalent, Congress passed the Electronic Communications Privacy Act (ECPA) in 1986 that somewhat improved the privacy rights around certain electronic communications. But as it reflects the technology of 1986, ECPA has aged poorly. It doesn’t address documents stored in the cloud, information revealing our personal associations, or the vast quantities of location data our mobile devices collect on us everyday. And, as a result of loopholes in the law, the Department of Justice, citing ECPA, has argued that it has a right to access emails without a warrant as soon as they are 180 days old, or have been opened and left on the server.

According to DuckDuckGo’s privacy policy:

DuckDuckGo does not collect or share personal information. That is our privacy policy in a nutshell.

“DuckDuckGo contains several tracking scripts”

As mentioned here, DuckDuckGo does indeed contain a tracking pixel.

DuckDuckGo Search

And as responded by an employee at DuckDuckGo

We use these to anonymously improve the product. There is no tracking involved (one time request), and no personal information is collected. You can read more about how it works here: https://duck.co/help/privacy/atb

So they use the tracking pixel data to improve their product. Sounds fair.

This is the data that it collects according to the parameters.

Browser Type

Browser Language

First, you might notice that when you search DuckDuckGo, there may be an “ &atb= " URL parameter in the web address at the top of your browser. This parameter allows us to anonymously A/B (split) test product changes we make to DuckDuckGo. For example, users in the A group would get blue links and users in the B group would get red links, and we'd be able to measure how usage of DuckDuckGo is impacted by different color links.

But what about improving.duckduckgo.com?

According to their privacy help page

We measure engagement of specific events on the page (e.g. when a misspelling message is displayed, and when it is clicked). This allows us to run experiments where we can test different misspelling messages and use CTR (click through rate) to determine the message’s efficacy. If you are looking at network requests, these are the ones going to the one-pixel image at improving.duckduckgo.com . These requests are anonymous and the information is used only by us to improve our products.

TL;DR: They collect anonymous data to measure engagement of specific events, to make it a more user friendly experience for everybody.

“But what about that DuckDuckGo doesn’t hide your search queries?”

This poorly researched argument seems to have been made up by somebody that has got little to no knowledge how request methods work.

GET requests requires the parameter’s to be stored in the URL.

And if they would’ve been using POST, then it would require you to go through an additional prompt to go back, or refresh the page.

Startpage Search Query when attempting to refresh the page

“But what about The Names Database? And how it violated the users privacy”

It happened literally 16 years ago (2003) We all make, and learn by our mistakes. We’re still human you know.

“All humans make mistakes. What determines a person’s character aren’t the mistakes we make. It’s how we take those mistakes and turn them into lessons rather than excuses.” — Colleen Hoover