Your tech choices matter more than ever. That’s why at Firefox, we believe in empowering users to make informed decisions that align with their values. I
Mozilla didn't choose privacy. Qwant sends you IP address to Microsoft when you search on their platform. If you want a more responsible search engine, DuckDuckGo is still the way to go.
Update 3: DuckDuckGo also sends along more information than I originally noticed, including "anonymous browser and device information with our hosting and content providers for security and display purposes (for example, that you’re using a mobile device)"
DuckDuckGo's policy is much less specific but makes it a point that they aren't sending your exact IP address to Microsoft or anybody else for any reason. Among other, IMO even better policies.
we share anonymous browser and device information with our hosting and content providers for security and display purposes (for example, that you’re using a mobile device), but we never share any information with them that could tie your searches or website visits to you personally, or that could allow them to create a history of your individual search queries or the sites you browse.
I would use SearxNG instead, using a public instance like searx.be. It is really lightweight, gets results from multiple indexes and is very privacy-friendly.
Honestly, I set up SearxNG on my own server, and it's not very nice to use, not very configurable and doesn't return high quality results. It's also kinda slow. Maybe I'm missing something?
It is recommended to use a public instance because it makes it harder to fingerprint you off of your searches. It gets most results from Google and Bing, so you will have similar search results. I haven't experienced any slowness yet, so I can't say anything about that.
@isVeryLoud@hash0772 I had similar experience. I was able to resolve the slowness by enabling swap on the vps. What was worst is that over time Bing and Google API changed and it stopped working, took quite long troubleshooting. Occasionaly I would hit some kind of rate limit and got nothing from Google. It was too much hassle and not worth the vps cost.
@isVeryLoud It was for me, I monitored the server and each query would bump up the memory quite a bit. But that sucker had only 512 MB I think. It could've been some issue that's already fixed with newer Searx versions.
I'm sorry but that is not correct. In the link that you shared to their privacy statement it is explicitly stated that they do not collect your identity when using the service. They say that your identity " is the information we use to ensure that you are who you say you are when you make a de-listing request, report or create an account. This includes: first name, last name, email address."
Furthermore, unlike duckduckgo which to my knowledge relies entirely on Bing's search index, Qwant does actually index the web itself and only uses the Bing index when a search returns insufficient hits from their own index. When they query the microsoft index they send the following data along: "Search keywords; Information about the browser you are using (the User Agent); The first three bytes of your IP address; The approximate geographic area at the origin of the search, at the scale of a region or city; The salty hash generated from your IP address, your User Agent and a salt changing no later than every 3 months; A random token generated by Qwant (aiming to limit data cross-checking)."
I do not know much about DuckDuckGo, but from an initial read the privacy policy is much more vague than Qwant's, not mentioning any specific information that is shared. As they are a US company, they are also not covered by the general data protection regulation.
In general, both search engines seem to do a good job at protecting users' privacy, which to me sounds like something that should be encouraged, not polluted with misinformation.
You're probably wondering why I say "your full IP address" versus "partial IP address"; you quote the policy correctly but you missed a separate but crucial section in the privacy policy:
In addition, for security purposes and reliability of our partner’s services (detection of spam, automated activity, fraudulent clicks on advertisements …), Qwant may also collect and transfer to this partner [Microsoft Ireland] your full IP address.
The transfer happens separately from searches, sure, but if two requests get sent to Microsoft at the same time and with the same parsable information (the full IP address from the security query can be used to link a partial IP address and city-level location from a search query) then it seems like Qwant is giving Microsoft the ability, even if unintentionally, to link IP address and search.
I do not know much about DuckDuckGo, but from an initial read the privacy policy is much more vague than Qwant's, not mentioning any specific information that is shared. As they are a US company, they are also not covered by the general data protection regulation.
I agree and I'll add a disclaimer or something. DuckDuckGo says this:
In order for our product to function, we share anonymous browser and device information with our hosting and content providers for security and display purposes (for example, that you’re using a mobile device
)*
Fair points. Thank you for amending your comment 👍. I wonder in which situations Qwant sends the full IP address specifically. The wording is a bit vague
what are you making misleading claims about Qwant for??? if you click your own damn link you’ll see that the only case where they need to collect your name is if you make an account (completely unnecessary), make a de-listing request (to verify that you are who you say you are before removing something, otherwise i could just go and have jeff bezos removed), or if you report something.
also, 80% of your bullet points after “user agent” are redundant because they are literally just what makes up a user agent. newsflash: every single website you ever visit in your life collects your user agent because it needs to know whether to give you the mobile or the desktop version of the site. this has nothing to do with privacy in this case, you’re just slandering to slander
I updated my comment to remove name and email. But I maintain the stuff after "user agent" isn't redundant because part of it is your IP address and another part is your location, neither of which appear to be included in your browser user agent string.