• LWD@lemm.ee
    link
    fedilink
    arrow-up
    65
    arrow-down
    2
    ·
    edit-2
    8 months ago

    Mozilla didn’t choose privacy. Qwant sends you IP address to Microsoft when you search on their platform. If you want a more responsible search engine, DuckDuckGo is still the way to go.

    The information collected by Qwant includes

    • first name, last name, email address
    • hash of the IP address
    • User Agent
    • market segment of a request
    • date and time of the visit
    • information of the country and the chosen language
    • search keywords
    • where a user came from
    • type of device used
    • source of visit
    • operating system
    • major browser version

    Qwant may (will) transfer to Microsoft:

    • your full IP address
    • Information about the browser you are using (the User Agent
    • The first three bytes of your IP address;
    • The approximate geographic area at the origin of the search, at the scale of a region or city;
    • The hash generated from your IP address and User Agent
    • MKC@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      18
      arrow-down
      2
      ·
      8 months ago

      doesn’t duckduckgo do the same thing at this point with tracker links? it also uses bing

      • LWD@lemm.ee
        link
        fedilink
        arrow-up
        18
        ·
        8 months ago

        What tracker links?

        DuckDuckGo’s policy is much less specific but makes it a point that they aren’t sending your exact IP address to Microsoft or anybody else for any reason. Among other, IMO even better policies.

        we share anonymous browser and device information with our hosting and content providers for security and display purposes (for example, that you’re using a mobile device), but we never share any information with them that could tie your searches or website visits to you personally, or that could allow them to create a history of your individual search queries or the sites you browse.

        • MKC@lemmy.blahaj.zone
          link
          fedilink
          English
          arrow-up
          7
          arrow-down
          2
          ·
          8 months ago

          last we checked they preserved the tracker links bing themselves would use on results, which you had to opt out of.

    • hash0772@sh.itjust.works
      link
      fedilink
      arrow-up
      6
      ·
      8 months ago

      I would use SearxNG instead, using a public instance like searx.be. It is really lightweight, gets results from multiple indexes and is very privacy-friendly.

      • setVeryLoud(true);@lemmy.ca
        link
        fedilink
        arrow-up
        1
        ·
        8 months ago

        Honestly, I set up SearxNG on my own server, and it’s not very nice to use, not very configurable and doesn’t return high quality results. It’s also kinda slow. Maybe I’m missing something?

        • hash0772@sh.itjust.works
          link
          fedilink
          arrow-up
          3
          ·
          8 months ago

          It is recommended to use a public instance because it makes it harder to fingerprint you off of your searches. It gets most results from Google and Bing, so you will have similar search results. I haven’t experienced any slowness yet, so I can’t say anything about that.

        • Beam me out!@mastodon.social
          link
          fedilink
          arrow-up
          1
          ·
          8 months ago

          @isVeryLoud @hash0772 I had similar experience. I was able to resolve the slowness by enabling swap on the vps. What was worst is that over time Bing and Google API changed and it stopped working, took quite long troubleshooting. Occasionaly I would hit some kind of rate limit and got nothing from Google. It was too much hassle and not worth the vps cost.

    • me_ow@feddit.nl
      link
      fedilink
      arrow-up
      5
      ·
      8 months ago

      I’m sorry but that is not correct. In the link that you shared to their privacy statement it is explicitly stated that they do not collect your identity when using the service. They say that your identity " is the information we use to ensure that you are who you say you are when you make a de-listing request, report or create an account. This includes: first name, last name, email address."

      Furthermore, unlike duckduckgo which to my knowledge relies entirely on Bing’s search index, Qwant does actually index the web itself and only uses the Bing index when a search returns insufficient hits from their own index. When they query the microsoft index they send the following data along: “Search keywords; Information about the browser you are using (the User Agent); The first three bytes of your IP address; The approximate geographic area at the origin of the search, at the scale of a region or city; The salty hash generated from your IP address, your User Agent and a salt changing no later than every 3 months; A random token generated by Qwant (aiming to limit data cross-checking).”

      I do not know much about DuckDuckGo, but from an initial read the privacy policy is much more vague than Qwant’s, not mentioning any specific information that is shared. As they are a US company, they are also not covered by the general data protection regulation.

      In general, both search engines seem to do a good job at protecting users’ privacy, which to me sounds like something that should be encouraged, not polluted with misinformation.

      • LWD@lemm.ee
        link
        fedilink
        arrow-up
        4
        ·
        8 months ago

        You’re probably wondering why I say “your full IP address” versus “partial IP address”; you quote the policy correctly but you missed a separate but crucial section in the privacy policy:

        In addition, for security purposes and reliability of our partner’s services (detection of spam, automated activity, fraudulent clicks on advertisements …), Qwant may also collect and transfer to this partner [Microsoft Ireland] your full IP address.

        The transfer happens separately from searches, sure, but if two requests get sent to Microsoft at the same time and with the same parsable information (the full IP address from the security query can be used to link a partial IP address and city-level location from a search query) then it seems like Qwant is giving Microsoft the ability, even if unintentionally, to link IP address and search.

        I do not know much about DuckDuckGo, but from an initial read the privacy policy is much more vague than Qwant’s, not mentioning any specific information that is shared. As they are a US company, they are also not covered by the general data protection regulation.

        I agree and I’ll add a disclaimer or something. DuckDuckGo says this:

        In order for our product to function, we share anonymous browser and device information with our hosting and content providers for security and display purposes (for example, that you’re using a mobile device )*

        • me_ow@feddit.nl
          link
          fedilink
          arrow-up
          1
          ·
          8 months ago

          Fair points. Thank you for amending your comment 👍. I wonder in which situations Qwant sends the full IP address specifically. The wording is a bit vague

    • FIST_FILLET@lemmy.ml
      link
      fedilink
      arrow-up
      2
      ·
      8 months ago

      what are you making misleading claims about Qwant for??? if you click your own damn link you’ll see that the only case where they need to collect your name is if you make an account (completely unnecessary), make a de-listing request (to verify that you are who you say you are before removing something, otherwise i could just go and have jeff bezos removed), or if you report something.

      also, 80% of your bullet points after “user agent” are redundant because they are literally just what makes up a user agent. newsflash: every single website you ever visit in your life collects your user agent because it needs to know whether to give you the mobile or the desktop version of the site. this has nothing to do with privacy in this case, you’re just slandering to slander