Mozilla didn’t choose privacy. Qwant sends you IP address to Microsoft when you search on their platform. If you want a more responsible search engine, DuckDuckGo is still the way to go.
Update 3: DuckDuckGo also sends along more information than I originally noticed, including “anonymous browser and device information with our hosting and content providers for security and display purposes (for example, that you’re using a mobile device)”
The information collected by Qwant includes…
- hash of the IP address
- User Agent
- market segment of a request
- date and time of the visit
- information of the country and the chosen language
- search keywords
- where a user came from
- type of device used
- source of visit
- operating system
- major browser version
Qwant may (will) transfer to Microsoft:
- your full IP address
- Information about the browser you are using (the User Agent
- The first three bytes of your IP address;
- The approximate geographic area at the origin of the search, at the scale of a region or city;
- The hash generated from your IP address and User Agent
Update 2: removing name and email as that’s only for optional account creation
Update 1: Qwant wants you to disable your ad blocker
I’m sorry but that is not correct. In the link that you shared to their privacy statement it is explicitly stated that they do not collect your identity when using the service. They say that your identity " is the information we use to ensure that you are who you say you are when you make a de-listing request, report or create an account. This includes: first name, last name, email address."
Furthermore, unlike duckduckgo which to my knowledge relies entirely on Bing’s search index, Qwant does actually index the web itself and only uses the Bing index when a search returns insufficient hits from their own index. When they query the microsoft index they send the following data along: “Search keywords; Information about the browser you are using (the User Agent); The first three bytes of your IP address; The approximate geographic area at the origin of the search, at the scale of a region or city; The salty hash generated from your IP address, your User Agent and a salt changing no later than every 3 months; A random token generated by Qwant (aiming to limit data cross-checking).”
I do not know much about DuckDuckGo, but from an initial read the privacy policy is much more vague than Qwant’s, not mentioning any specific information that is shared. As they are a US company, they are also not covered by the general data protection regulation.
In general, both search engines seem to do a good job at protecting users’ privacy, which to me sounds like something that should be encouraged, not polluted with misinformation.
You’re probably wondering why I say “your full IP address” versus “partial IP address”; you quote the policy correctly but you missed a separate but crucial section in the privacy policy:
In addition, for security purposes and reliability of our partner’s services (detection of spam, automated activity, fraudulent clicks on advertisements …), Qwant may also collect and transfer to this partner [Microsoft Ireland] your full IP address.
The transfer happens separately from searches, sure, but if two requests get sent to Microsoft at the same time and with the same parsable information (the full IP address from the security query can be used to link a partial IP address and city-level location from a search query) then it seems like Qwant is giving Microsoft the ability, even if unintentionally, to link IP address and search.
I do not know much about DuckDuckGo, but from an initial read the privacy policy is much more vague than Qwant’s, not mentioning any specific information that is shared. As they are a US company, they are also not covered by the general data protection regulation.
I agree and I’ll add a disclaimer or something. DuckDuckGo says this:
In order for our product to function, we share anonymous browser and device information with our hosting and content providers for security and display purposes (for example, that you’re using a mobile device )*
I would use SearxNG instead, using a public instance like searx.be. It is really lightweight, gets results from multiple indexes and is very privacy-friendly.
Honestly, I set up SearxNG on my own server, and it’s not very nice to use, not very configurable and doesn’t return high quality results. It’s also kinda slow. Maybe I’m missing something?
It is recommended to use a public instance because it makes it harder to fingerprint you off of your searches. It gets most results from Google and Bing, so you will have similar search results. I haven’t experienced any slowness yet, so I can’t say anything about that.
@isVeryLoud @hash0772 I had similar experience. I was able to resolve the slowness by enabling swap on the vps. What was worst is that over time Bing and Google API changed and it stopped working, took quite long troubleshooting. Occasionaly I would hit some kind of rate limit and got nothing from Google. It was too much hassle and not worth the vps cost.
Pass. Qwant has had its share of controversies, regardless their results aren’t better than DDG.
If Mozilla was serious about this they would run their own Searx instance and let people choose what engines they wanted to use.
Is this instance of searx safe (I cannot self host) Also how is its privacy and performance compared to DDG?
What I linked to is a listing of public Searx instances. You can look at the list and see things like uptime, where they are hosted, etc.
For performance I find it much better than DDG. In the settings page you can choose which search engines you wish to use, for example Brave, Stract, and Qwant. You can also tailor results by adding things like Lemmy, F-Droid, and Anna’s Archive.
Reading through the current Qwant privacy policy certainly doesn’t alleviate any privacy concerns either…
Mozilla keeps building/buying, then abandoning things. I’m not sure if they’re cut out for that project, and in my experience a SearX instance’s effectiveness is mostly based on whether there are enough users for the data to be obfuscated, but so few that it doesn’t get rate limited…
Certainly some things are rate limited, Brave and Startpage are particularly bad for this. I omit them from my endjinns in Searx settings.
If you can use Google through SearX, isn’t Startpage redundant? IIRC they don’t ever claim to do anything but proxy Google results.
Yes, except in the case where Google is rate limited. There is/was a Searx instance that regularly got blocked by Google, I do not remember which one though.
isn’t Startpage redundant?
After they were purchased by an advertising company? Yes.
Too bad about the choice for qwant. I’ve been using them for many years and they have big flaws: they block visits from unsupported countries, so if you’re traveling, you’re fucked. They also started blocking ad blocking users and their main webpage is full of crap that you have to disable manually. Their support is non existing. And they use the same censorship as Microsoft. I moved to brave search recently
Searxng and you live happily
Looks interesting but I tried it and like most alternative engines, it’s bad and showing regional results for me. It’s good for English based searches but not in my lingo
Have you tried Kagi?
No, first time I hear about it
It’s a paid search engine, so their only priority is serving you good search results. It feels like using google before the 2012-ish enshittification.
There’s no way Mozilla is replacing Google as the default, so what are they actually announcing here? I didn’t read any actual results thats happening. Are they just adding Qwant as an option in the search engine settings?
This means Google isn’t paying the millions to be the default anymore??
Seems to be an awful news then, that money was useful for development and a default is trivial to change
Doesn’t Mozilla rely on Google for default search? Does this change that relationship?
Yeah… Things like this partnership, plus publishing posts against things Google is doing (https://blog.mozilla.org/en/privacy-security/googles-protected-audience-protects-advertisers/), might spook Google a bit. Mozilla rely on receiving hundreds of millions of dollars from Google every year. Don’t bite the hand that feeds you.
The fact that Mozilla is so dependent on Google is the actual problem here, diversifying where they get funding from is precisely what they should be doing going forward.
I definitely agree with you, but finding another partner to get hundreds of millions of dollars per year isn’t trivial.
Sure, but finding more partners is crucial for long term survival, so if Mozilla never reaches out to anybody for fear of offending Google then they’re always gonna be stuck in this sort of abusive relationship. Becoming so reliant on Google in the first place shouldn’t have happened, but it’s better to start fixing that sooner than later. It’s also worth noting that the main reason Google funds FF is to protect themselves from antitrust litigation. As long as FF is around and gets a bit of usage, then Google can point to it to say that Chrome isn’t a browser monopoly.
Mozilla has diversified… By jumping into AI.
- Spent $65-265 million on AI that we know of
- Bought an AI company for an undisclosed sum and funded more AI research for unknown amounts
- Brought AI to Kenya (in a move strangely reminiscent of cryptocurrency companies trying to fix the “unranked” problem
And shuttering previous diversification products and laying off staff.
Saw that, totally can’t imagine how any of that is going to backfire.
