I arrive late to this question, but hopefully I can contribute some useful information which will also help others make a more informed decision regarding the trustworthiness of DuckDuckGo. This answer gives a few reasons to believe that DuckDuckGo is putting its privacy policy into practise by investigating the technical aspects of DuckDuckGo as of 2012-08-23.

I had a look at the data being sent from my browser (Firefox 14.0.1 on Ubuntu 11.04) back to the DuckDuckGo servers when I do page searches (without changing any of DuckDuckGo's default settings) and found the following good points:

no DuckDuckGo cookies are stored on my browser.

all searches are performed with a http GET.

no identification parameters are returned in the query string part of the http request.

all requests are https.

Of course there is still some information which a regular user of DuckDuckGo must assume is available to DuckDuckGo:

the IP address of the user's router.

the name of the user's browser (user agent) and OS (e.g. mine is "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:14.0) Gecko/20100101 Firefox/14.0.1")

other http signatures which I am not so familiar with.

I'm sure I missed a few things in that last list, but its a good start. So from the first set of positive points we can see that DuckDuckGo is really doing everything they can.

The lack of cookies and any identifying parameters in the http GET string is some assurance that DuckDuckGo has no interest in tracking a user from one search to the next. I.e. as far as the cookies and URL information being sent back to the server, your first search on DuckDuckGo could have been somebody completely different to your second search on DuckDuckGo. However, you should not assume from this that DuckDuckGo are not capable of linking multiple searches to you - see later on for further detail on this.

I should explain that http GET is not actually more secure than POST - DuckDuckGo could have chosen POST and there would have been no compromises there. However the nice thing with GET is that the user can see the data that is being sent back to DuckDuckGo right there in their URL - i.e. they do not need to go digging to find post parameters being sent by the browser to DuckDuckGo.

Another point is that https is always on. this indicates that DuckDuckGo does not want their users to be vulnerable to man-in-the-middle attacks. Of course that is not to say that man-in-the-middle attacks will not happen if you use DuckDuckGo, but just that from the DuckDuckGo servers' side of things they appear to have done all they can to prevent them.

Having said all that, DuckDuckGo could still link your searches to a single person and possibly to you if you do not take precautions. the user agent is a form of identification simply because it does not change from one request to the next (unless you take precautions against this). Likewise the IP address of your internet-facing router will show up at the DuckDuckGo server.

For these last two points there are things you can do to hide your identity further - like installing a user agent randomizer or using Tor, but if you do not use these things then you will have to trust DuckDuckGo when they say they are respecting your privacy. As far as I can tell, they have done everything they can to assure me that they respect my privacy. Would I go and search for incriminating terms without using Tor and other security on my PC? Absolutely not!