Inside DuckDuckGo

• Duck Tales: Marketing at DuckDuckGo — how we practice the privacy we preach (Episode 9)

  In this episode, Cristina (SVP, Marketing) and Chuck (Front‑end) discuss private marketing at DuckDuckGo, from making decisions with less data to the role of privacy engineers in marketing projects.Disclaimers: (1) The audio, video (above), and transcript (below) are unedited and may contain minor inaccuracies or transcription errors. (2) This website is operated by Substack. This is their privacy policy.Cristina: Hi, and welcome to DuckTales, where we go behind the scenes at DuckDuckGo and discuss the stories, technology, and people that help build privacy tools for everyone. In each episode, you’ll hear from employees about our vision, product updates, engineering approach to AI, or how we operate as a company. Today, we’re going to chat about how most companies collect a ton of information through their marketing activities and how DuckDuckGo, given our privacy policy of we don’t track you, do things like attribution very differently.I’m Cristina, I’m on the marketing team, and today I’ll be interviewing Chuck. Chuck, you wear a lot of different hats. Can you introduce yourself and some of what you work on?Chuck: Sure. ⁓ I am technically on the front end team and work on the front end of our search projects, our products, and our subscription products. ⁓ But I ultimately do whatever I need to do to get the job done, which is kind of our DuckDuckGo ethos. I do some product management, some data science, back end engineering. I work with the marketers. It’s fun. ⁓ And I need access. So getting to where lots of them is.Cristina: Hahaha. Fair enough. Well, thank you. So much like our product philosophy, privacy is core to the ethos of our marketing. There are so many common practices we don’t do, identifying and targeting individual users, retargeting, using behavioral data, using third party cookies and pixels, the list goes on. And we’ve also declined working with a lot of vendors because they don’t meet our privacy standards. As a consumer, that’s something I really appreciate.But frankly, as a marketer, it makes the job very hard. But it’s getting a bit easier thanks to work from people like Chuck, which is why I was so excited to talk to you today. So Chuck, when you first started working with the marketing team, what was your reaction to our limitations and what we were hoping to achieve?Chuck: Honestly, I was a little shocked. ⁓ There’s a pretty well-understood playbook for how marketing in a space like this should look. A playbook of tactics and tools that are well-understood. And every company will do it differently, and every brand and product will have their own personality. But we pretty much use none of those tools.Cristina: Yeah, can you help people understand what the industry norms are for marketing attribution and data and how we do it differently?Chuck: So when you visit your favorite social media site and it’s trying to decide how to fill the ad slot in your feed, the ad platform will take what it knows about you as a person, your search history, who you follow, and what it knows about your situation, like where you are and who you’re with, and line it up with their ad inventory. They’ll do some very complex math to determine the perfect ad to show you that will maximize profits for the platform and the advertiser. So the more better data they have about you, the better they can target the ads and the more money they can make.I know that’s something you’ve talked about with Peter on a previous episode, that the financial incentive for the trackers that are ubiquitous online is data that feeds the machine that helps them make more money off of your ad space. That entire ecosystem just flies in the face of our privacy principles. In fact, some of our apps will block those trackers to keep your browsing private. So when we advertise, we refuse to use those tools like you just listed that are common in digital marketing, like retargeting or reporting different types of conversions after the ad click. ⁓ just to protect the privacy of our users. Instead, we’ll collect limited data only when there’s a very clear and urgent rationale for it. And when we do, we’re transparent about what we collect and how we use it. And we’re possibly most important. We’re really careful never to let those logs link two different events to the same person. That’s really difficult to do. ⁓ We have a really fantastic privacy engineering team that reviews every project and their implementation to make sure that the work we’re doing is aligning with our principles.I’ve also gotten really comfortable making decisions with just the imperfect or incomplete data, trying to identify the solutions that meet 80 % of the business needs without, with 20 % of like the potential input.Cristina: Yeah, it feels like a lot less than 20 % of what’s actually available to us. Well, yeah. So thank you for unpacking that. That’s a helpful foundation. Can you go a bit deeper and talk about what that looks like in practice at DuckDuckGo?Chuck: Yeah. That’s probably fair.Yeah, so we largely ⁓ don’t work with other vendors ⁓ in the marketing space and rely on the tools we own and build ourselves instead. That makes sure that we aren’t incidentally feeding the machine with our own users’ data, which is really easy to do if you’re not careful. ⁓ We have a couple of tools in our toolbox, too. We’ll do as much summarization and analysis of data locally before we ever send it back. So rather than saying that a user of our browser searches15 times in a day and ⁓ sending 15 different events for those searches, we’ll send a periodic report that will say they searched 15 times during that day. We’ll reduce the precision of those signals even further. So instead of saying that that person made 15 searches, we’ll say they’re a medium volume search user. And then when we do our analysis on an ad campaign, we’ll look at the summaries of the data rather than the raw data ⁓ so that we’re looking across our users rather than the individual humans.And if it comes down to it, we are willing to redact data that might be too identifying for a person, whether it might contain PII or if it looks too unique and may be able to be traceable back to a person, we’d rather delete it and not use it than jeopardize that person’s privacy.Cristina: Well, thank you for ⁓ sharing how our ethos really comes to life there. And I’d love for you to touch on one of your claims to fame at DuckDuckGo, which is creating a better, more privacy-respecting system that we call Origin. Can you talk about how you got the idea and how you brought it to life?Chuck: Yeah, so we were struggling to run small scale campaigns that test new ad platforms or creatives. ⁓ With the tools that we have, the only way that we could do that without jeopardizing user privacy is to run big, broad, expensive, scaled campaigns. But we’re a small company. We want to move nimbly. And that made it really difficult for us to quickly validate our direction and make sure that we were dedicating our resources in the right time or in the right place. So I spent some time with our marketing leaders, including you, Cristina. ⁓trying to understand the norms and the challenges they were facing, the tools that weren’t in their toolbox. And I brought that to the privacy team. ⁓ We worked backwards, starting with user privacy as a first principle to the business goals and landed on a solution that kind of looks like this. ⁓ You see an ad and you click on it for DuckDuckGo and you install our app from it. When that app first runs, we will send one signal that says that you installed the app from that ad in that location.And then once a day, we’ll build a summary of those signals that give us pretty coarse insights that say, you know, we had 10 users install our app from that ad on that ad platform on that day. Then we’ll line that data up with other information that the ad platform gives us, like how many impressions there were of the ad and how many times it was clicked and how much that cost us. And that’ll give us some high level insights we can use to start making decisions, like how much it costs us to ⁓ per install from that ad. There’s nothing groundbreaking here technologically.It’s actually intentionally very simple and that helps us maintain the privacy properties because we have a high elevation view of everything that’s happening. We never share data outside of DuckDuckGo, so we aren’t feeding that machine. There are never person level insights. We’re looking at broad signals across our audiences. There’s no risk of PII and we’re only collecting the data that we need to make those decisions, nothing more. But it still lets our marketing team make informed decisions while working quickly and doing their jobs well.Cristina: Well, thank you. ⁓ More importantly, thank you for the months and months of work you did on that. ⁓ You say it’s nothing revolutionary, but actually, I think it’s a pretty novel approach. We don’t know of any other companies using technology like this. Typically, they use the entire suite of tools available to them. ⁓ But hopefully, one day, it won’t feel like such a novel approach, and this will become more of the industry standard. At least my naive perspective can hope for that.Chuck: Of course. I hope so. We’ll see if capitalism agrees with this.Cristina: So any parting thoughts you’d like to leave on the future of privacy respecting marketing?Chuck: One of the things that I really love about and appreciate about DuckDuckGo is the example that we set for other companies. ⁓ On the search engine side, could we collect data at massive scale and hyper-target ads to our users? Absolutely, but we don’t need to. And we love being an example of a sustainable business that respects user privacy in their searches. And I like to overlay that to our marketing efforts too. Would we benefit by using really invasive tracking like the industry standards? Yeah, probably, but we don’t need to.We’re a good example of how you don’t need to participate in that data intensive ecosystem to market your business. And I’m really proud to work on it.Cristina: Well, thank you, Chuck. I feel the same way. And for those of you listening, if you or someone you know considers themselves to be a privacy-centric marketer, including ad networks and measurement partners, would love to chat, reach out to me on LinkedIn with what you’re doing differently. Chuck, it was really great chatting with you today.Chuck: Always check, great to chat with you too.Cristina: Thanks to everyone who took the time to listen. We have so many more episodes planned on a wide variety of topics, so stay tuned. Bye. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit insideduckduckgo.substack.com

  --------  

  9:32

  --------

  9:32
• Duck Tales: Improving AI chat organization, and feature decisions at DuckDuckGo (Episode 8)

  In this episode, Gabriel (Founder) and Esteban (Design) discuss AI chat organization, from automatic chat naming to ‘pinning’ your most used chats. Disclaimers: (1) The audio, video (above), and transcript (below) are unedited and may contain minor inaccuracies or transcription errors. (2) This website is operated by Substack. This is their privacy policy.Gabriel: Hello, welcome to DuckTales. Inside DuckDuckGo features people, et cetera. You got me as the host again, this time I’m the founder and CEO of DuckDuckGo. And I got Esteban with me today. Esteban, wanna introduce yourself?Esteban: Sure. Hi everyone. I’m Esteban. Hi Gabriel. Esteban, I’m a designer in the team.Gabriel: Sweet. And that’s what we’re talking about today, Duck AI, and in particular, kind of new features we’ve been introducing around conversation organization that Estevan has been designing and working on. And we’ve been releasing kind of a few of these over the last couple of months. You want to just jump in, you want to share your screen and walk us through it. I realize we have some of this on audio now only.Esteban: Sure.Gabriel: Let’s also try to describe what we’re seeing while we do it. I’ll do the same thing.Esteban: Yes, for sure. Let me just share my screen and I’ll walk you through a few of the things that we recently dumped. Yes, so if you’re like me, you have tons of like conversations going on at the same time. What we have seen from users is that people who are very engaged with our platform, they end up having tons of conversations and then sometimes it’s harder to get back to them and to find the one that you needed. So we launched three things. The first one, I’ll show you an example. I was trying to see if I should ask you for a promotion during this podcast. Clearly no. ⁓ But the cool thing was that we, yeah, I will wait for a better time. ⁓ The first thing that we shipped was that we had ⁓ a title, the title of our,Gabriel: Good answer.Esteban: Chats were basically the same first prompt. It was just duplicated. That would make it harder to read. So the first thing that we launched was this automatic titling. We’re using the LLM to come up with a better title at the top. So it’s easier to find. ⁓Gabriel: So this is similar to how ChatGPT and some other competitors are doing it, right? So like we used to do just to repeat, so I understand fully, I think I do, ⁓ having reviewed this when it launched, but just to make sure. ⁓ Yeah, we used to just literally repeat the prompt as your title, like the beginning of the prompt. And so that it was kind of weird sometimes and duplicated sometimes, but now we run in the background something that... ⁓Esteban: Definitely Right.Yeah.Gabriel: Summarizes it for you and then automatically does this. You don’t have to do anything, right?Esteban: Yes. Exactly. And for example, I’m trying a new one. What day is today? That’s my prompt. And then immediately what I get as a title is day to day. The one thing is that sometimes the title is not exactly what you will call it. Like maybe day to day is not super descriptive. So we added this minor option, no? So we can say, I don’t know, day to day, it’s Thursday. Simple but useful.Gabriel: So if you want to do whatever you want, yeah, like if you don’t like our casing or something, you can put everything in lowercase or whatever, you can just rename it at will, yeah.Esteban: Yeah. Exactly. Yes, so after you have you want to name stuff, it’s very helpful when you have like several chats about something similar, but you want to have it personalized so it’s easier to find. So super simple, nothing that I don’t know, it’s blowing innovation in a way, but very useful. The second one is we noticed how ⁓ lots of our users were asking us for ways to save conversations and finding the conversations faster. We also have a limit of how many conversations you can have right now. There’s just 30 chats after the 30th chat. The next one gets deleted. We’re working on that, but we wanted to offer a way for you to say what’s important for you and why are the things that you want to come back to it. So I don’t know, this one. Let’s say it’s something that I was working on today, but I want to come back to it.add it to the top of the list by pinning it. So now it’s pinned at the top and it will always be there. That also means that if DocAI needs to delete one of your chats, it will go to the last one on the list and this one will not get deleted. You can pin up to five chats right now and yeah, it’s always accessible, always at the top, easy to reach.Gabriel: Got it, so it’s kind of the equivalent of like a favorite or a star or a pin in this case. All of these things are accessible from this three dot hover menu next to the ⁓ chat, chat to the individual chat. And then also you’re saying, is good, that ⁓ because the reason why we have the 30 limit at the moment is because all this is stored locally on your browser. It’s not actually stored on our servers. ⁓Esteban: Exactly.Gabriel: we’re working on an encrypted storage that we won’t have the keys to where you can get a much higher limits on it. But at the moment, or if you just want to keep it local, there is a local limit because your browser has storage limits. ⁓ But what this will allow you to do is keep ones around that you really want around, right? So you’re saying if you favorite these or pin them, in our words here, you have a pin section at the top. But if you start making a lot of chats, the non-pin ones will get.Esteban: second.Gabriel: kind of blown away first.Esteban: Exactly. Exactly. ⁓ We have plenty of requests about chat organization and some people are going as far as like, want to create projects, want to create groups, I want to organize my stuff, which it all makes total sense. And I guess up to a point you need those sort of organization tools, but the simple ones will cover most of the needs for most of our users, I would say, because maybe you have a few chats where you keep coming back to them, but then you have a bunch of quick requests, quick checkups with the LLM.And something like this is super simple. It doesn’t require a lot of effort. And yeah, we hope it helps a lot of our users.Gabriel: And you mentioned in there a few times like we did this and we’re working on this, these features in particular because we get a lot of user requests for them. ⁓ So speaking to that a little bit, like my understanding is, you know, we get lots of feedback. ⁓ We’re looking through it all and kind of organizing it, like which are the most like important issues to work on. But then also when we launch features, cause to your point, people ask for all sorts of different things. And then we, and like you in particular, design. And you’re like, well, I think this is gonna be a satisfaction of a lot of people’s requests, even if that’s not exactly the thing they asked for. And then we put it out and then how do we know whether it worked or not? Like, what are we looking at?Esteban: Yes, so to answer your question, we see a usage in particular. We don’t have, of course, data about a particular users, but we know that roughly X amount of people are using this feature. We also know from social media, we got a little bit of love ⁓ after posting that we launched this. And then the other thing that’s a really interesting metric is we see the feedback coming in. ⁓ and comparing with what kind of feedback we were getting a month ago, and we see a big decrease on charge organization requests. As said, there are still things that we can do and we’re working on them, but we see a lot of people, a lot less people requesting for things like this, which is also good news.Gabriel: I love that metric. mean, because it really is, I guess we are lucky that we have enough users and enough sample size where we can be like, wow, chat organization is a category we can ascribe feedback to. And now it’s like halved or whatever after these features come out, right?Esteban: Right. Yeah, so something we did for this project that is super interesting, it was fun for me to do was that we have this category, like chat organization, and then we get feedback directly from our users asking for a specific feature. I went and looked into all the feedback that was related to chat organization, and I tried to see why we’re asking for a specific feature. Some of them actually mentioned it, no, I want this so I can do that. And then those needs, I matched them with what type of features will work, even just by naming different types of features. You said that this was sort of favorites or it could be pinning or it could be saved or it could be bookmarked. We also have bookmarks in the browser. So how do we name the feature related to the benefit that I will have and the need that it will solve, but also how much effort will require from the users to actually get the benefit that they were asking for? ⁓ Create projects, it’s a lot of effort.And they will get a lot of benefit, but not many people are willing to spend time organizing on their chats. But pinning is one tap away So that’s a sort of ⁓ prioritization exercise that we did to define exactly what are the new features that we’re going to launch.Gabriel: Yeah, that’s a super interesting point because like all different features have different levels of complexity for us to build. And then also for the user to actually use to your point, like I’ve seen, yeah, I’ve seen lots of requests for people wanting really complex things, but then very small percentage of people would actually go through the effort to use those things. Whereas to your point here, pinning, especially the chat title is just automatic. We get that for free to everybody. But then the pinning is just literally just a one click. You don’t have to type in a name for it, a folder name for example. You just get the pinning at the top.Esteban: Right. And in some cases you actually need to go and give effort to the users in a way, because we thought automatic title would solve the problem. No, like we just add automatic title to everything. That’s it. And then by testing and seeing how some of the titles reacted, we knew that we were, it’s just not going to be bulletproof. Like in some cases you want to have your own title. So we went back and said, okay, let’s add a manual option. ⁓ Cause then we went, then that way we were solving everyone’s needs. Yeah.Gabriel: You’re like covered. Yeah, you’re covered every, at least there’s a backstop. That’s super interesting. So what’s next, if anything? Are you moving on from chat organization at the moment or are you thinking about some other kind of deeper aspects of it?Esteban: It’s still there and it’s still one of our top requests. You mentioned that we’re working on finding ways to give you a bigger list of like bigger limits, have more chats, maybe syncing between devices. And we are also thinking about search, of course, ⁓ so you don’t have to read your whole list of chats, just go straight into that answer that you remember. ⁓ from a week ago. So those are things we’re working on and I’m sure there will be plenty more organization features we could do but for the moment that’s a plan.Gabriel: Sweet. Well, thank you. I’m excited to have you back and someone, maybe I hope I’m the host, but somebody to talk about these more organization features in the future. But yeah, thanks for coming on and thanks everybody for listening. Bye everybody.Esteban: Okay. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit insideduckduckgo.substack.com

  --------  

  11:52

  --------

  11:52
• Duck Tales: How DuckDuckGo protects users from different types of scams (Episode 7)

  In this episode, Gabriel (Founder) and Thom (Security Team) discuss Scam Blocker. How it works, the types of scams it protects against, and why our ‘bad pages’ list is updated so often. Disclaimers: (1) The audio, video (above), and transcript (below) are unedited and may contain minor inaccuracies or transcription errors. (2) This website is operated by Substack. This is their privacy policy.Show notes: See the full blog post on Scam Blocker. Gabriel: Hello, welcome to DuckTales. I’m Gabriel, CEO and founder of DuckDuckGo. DuckTales is everything kind of inside DuckDuckGo. Today we have a new topic. I don’t think we have discussed much about security in our browser. I got Thom here. Thom, you want to introduce yourself?Thom: Yeah, sure. Hi, I’m Thom. I’m one of the security engineers here at DuckDuckGo. I spend most of my time kind of in and out of browser security, product security, that kind of stuff. Yeah, that’s the kind of stuff I love.Gabriel: Sweet. And I think we’re here today to talk about our Scam Blocker. If you follow our blog, we actually had a pretty big article about this when it launched a few months ago. And so you can always check that out too, but we’re going to tell you all about it here and some of the inside info on how it came together. Yeah, Thom, you want to just explain generally what it is? What is Scam Blocker exactly?Thom: Yeah, sure. So I guess Scam Blocker is what we call our in-browser phishing and scam protection. It kind of runs in the background and checks websites as you visit them all locally in the browser. And we kind of have a pretty big data set here that we get from Netcraft. So we can protect against all sorts of scams — this isn’t your standard phishing protection. We try and protect against cloned e-commerce sites, fake crypto exchanges, scareware like fake virus pages, and advertising of fake products and stuff. So we have quite a lot that we’re trying to protect against, but this feature as a whole is that warning page that you get when you’re about to visit something that could be scammy or phishing related.Gabriel: So let’s talk about that distinction a little bit. I guess backing up a little, how did this come together? How did we end up building this and then building it kind of differently than other companies?Thom: Yeah, so it came from a long way back. Originally, we had this idea that we wanted to improve our tracking protection and all of this stuff — trying to make our browsers as safe as possible for our users. We knew that we wanted to do something in this space, but the challenge was that it’s quite easy to build a feature like this where it ends up looking like you need to check people’s browsing activity — and we can’t do that from a privacy perspective. So we knew that we had to do this in a privacy-preserving way, and we didn’t like the idea of sending any data to Google or Microsoft because they pretty much own this space in terms of browser protections. We weren’t comfortable with that, so that kind of led us down the path of building it ourselves.Gabriel: Interesting. So like at a high level, our browser has a privacy protection list instead of blocking that we built ourselves because we didn’t believe anyone else was doing it up to the standard that we think it should be. But that’s all kind of behind the scenes on pages that you visit, assuming that was a page you actually wanted to visit. Privacy and security overlap, but as I understand it, some pages you visit are actually bad for you — not because there’s hidden trackers, but because the page itself has malware or scams. Those are the pages we wanted to cover. And in doing that, you need to have a list of bad pages.Thom: Yeah.Gabriel: Everyone else seems to be using Google or Microsoft, and all the other browsers are just kind of riding on Google Safe Browsing. But we wanted to go somewhere different. So we found this vendor Netcraft, who maintains a big list, and it turns out they have an even bigger list than Google’s because they cover these other categories, right?Thom: Yeah, exactly.Gabriel: Like some of these scam categories that you mentioned are not traditional malware phishing. They’re theoretically legitimate businesses that are scamming you. So for whatever reason, they’re not on Google’s list. Is that kind of how to think about it?Thom: Yeah. That’s a good way of saying it. Some of these are quite unique. One of the interesting cases I like to refer to is that sometimes even a blog post could be a scam. If this is a blog post advertising a fake product that’s going to steal your money, that’s a problem. A lot of these scam sites start somewhere trusted, like a Medium article or GitHub page, and then send you down fishy paths until you end up somewhere meant to steal your money. That’s the kind of thing we’re looking at here with Netcraft. We get data that lets us look at the source of it rather than waiting for you to click through multiple times to get there.Gabriel: So we license this data set from Netcraft who’s aggregating all of these scams from different signals. And then what do we do with it exactly? How does it work to be embedded in the browser?Thom: Basically, we pull this data — it’s constantly evolving, which is one of the challenges. We have to update it pretty much every five minutes on the backend. We pull it, process it, filter out some of the lower-risk things, and then compress it.Gabriel: Five minutes is so quick. So it’s really happening in real time. I didn’t realize we were doing it that real time.Thom: Yeah, it’s rapid. If you take a random phishing link now and look again in five minutes, chances are it’s gone.Gabriel: And that’s because all these people are reporting these things, right? It’s an arms race — things get blocked quick, they switch domains, and all sorts of crazy stuff.Thom: Exactly. It’s this constant cat-and-mouse game.Gabriel: Cool. Sorry to interrupt. Every five minutes, we’re updating this list on our backend.Thom: Yeah, and then we compress this into a small format. Our browsers pull this data every 10 to 20 minutes depending on platform. That’s how the update mechanism works.Gabriel: Got it. So once it’s sitting in the browser, the browser checks against the list. If you’re going somewhere that’s on the list, that’s when you see the warning page. Are we similar to others where you get a big warning page but can accept the risk? And do all these warning pages look the same or are there different types?Thom: Yeah, pretty much the same. You get a warning page explaining the case. We have three types of warning pages — they vary slightly in iconography and copy. They’re for malware, phishing, and scam. Malware means you might download something malicious, phishing is about credentials or credit cards, and scam is broader — like a dodgy e-commerce site.Gabriel: Got it. So any surprises in building this or challenges that arose getting it live to production?Thom: Yeah, a few. The first one is that we have four browsers — four different platforms. The core part of the feature is constantly updating, but the other challenge is intercepting navigation requests. Every browser does this differently. So we had to map out how each does it and figure out ways to do it efficiently. We pride ourselves on our browsers being quick — we don’t want to affect load times. So we had to make sure the check runs quickly, just before a page loads. There’s a lot to consider. That was one of the biggest challenges.Gabriel: Yeah, that makes sense. It basically seems like one project, but it’s four big projects — MacOS, Windows, Android, and iOS. Cool. So how has it gone? Any good response? I know we put out a blog post and got some press when it launched. It seemed positive from my view, but from your point of view, what did you think?Thom: I think we had good positive feedback. One unique thing about this feature is that it’s in the background — its success hinges on people not really seeing it. If loads of people are seeing the error page, then we’ve probably done something wrong. But overall, it’s gone well.Gabriel: Yeah, that’s a good point. It’s like our other privacy protections — always on, not breaking sites, contributing to peace of mind. It’s protection that’s there, not in your face.Thom: Precisely. People who’ve come across it said it works well and gives them peace of mind.Gabriel: Cool. So it sounds like it kind of went off without a hitch. Is there anything left to do now? Are we kind of in maintenance mode with it?Thom: Yeah, pretty much in maintenance mode. We have about three or four people monitoring metrics. But we’re exploring ways to enhance the data, maybe adding new or better data sets. We might tailor data sets by platform — for example, malware is more prevalent on Windows, scams more on mobile. I’ve also been reading about using small language models fine-tuned to detect scammy websites locally. It’s promising research — local-only, privacy-preserving — though I don’t see it in the browser anytime soon.Gabriel: That sounds fun. A good hack day project — and who knows, lots of those end up in the product. I definitely think we should ship local models or get access to local ones on the device. The problem’s been that either local models aren’t very good or the downloadable ones are too big, like three gigs. But I think it’s coming. I think there’ll be a future where we have local models in the browser, shipped by default or opt-in, maybe with extra protection. That would be an interesting incentive to download a local model if it gives extra security protection.Thom: Yeah, exactly — extra security protections. I’d love that.Gabriel: All right. Well, we’ll end here. Thanks, Thom, for coming on. Hope everyone enjoyed hearing about security, and maybe when you launch something new, come back and we’ll talk about it again. All right, bye everybody.Thom: That was great. Thanks a lot, Gabriel. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit insideduckduckgo.substack.com

  --------  

  14:57

  --------

  14:57
• Duck Tales: The internet’s privacy problem, and how DuckDuckGo is solving it (Episode 6)

  In this episode, Cristina (SVP, Marketing) and Peter (Director, Product) discuss digital fingerprinting, privacy washing, and how hidden trackers appear in the majority of popular websites. Plus, the steps you can take to protect yourself online. Disclaimers: (1) The audio, video (above), and transcript (below) are unedited and may contain minor inaccuracies or transcription errors. (2) This website is operated by Substack. This is their privacy policy.CristinaHi, and welcome to DuckTales, where we go behind the scenes at DuckDuckGo and discuss the stories, technology, and people that help provide privacy tools for everyone.In each episode, you’ll hear from employees about our vision, product updates, approach to AI, or how we operate as a company. Today, we’re going to chat about the online privacy problem and DuckDuckGo’s web protections. I’m Cristina. I’m on the marketing team. And today, I’ll be interviewing Peter. Peter, would you like to introduce yourself, maybe what team you’re on and where you spend a lot of your time? ⁓Peter Absolutely.Hi, Cristina. I’m Peter. I’m on the product team at DuckDuckGo, which I typically work on our browsers and our privacy protection. So happy and excited to talk about the mystifying world of online tracking and privacy today.CristinaAwesome, likewise, well let’s jump in. So I think a lot of people would be surprised to hear just how much information about them is being tracked online. Some seemingly irrelevant to what they’re doing and some pretty creepy in how detailed it is and how all the dots are being connected. Can you give some examples of the pervasiveness of this tracking?Peter Absolutely. know, anyone I talk to about online privacy, the first thing they’ll tell me, and I’m sure you’ve heard the same, is microphones must be listening to them. ⁓ Yeah, everyone can give an example of a conversation in their household where not too long thereafter, they’re seeing advertisements, creepy advertisements, following them around online based on, you know, what it is they were talking about. ⁓ And the reality is the amount of surveillance that happensis like microphones are listening to you everywhere, but the methods are not actually microphones. The methods are actual trackers on websites, on search engines and browsers and apps, which we’ll talk about that are always collecting information about you. ⁓ So just to break those down a little bit, most people, if you think about someone in their daily life, they’re going to go do a search online, whether it’s on their smartphone or on their computer.The search engine that most people use is, of course, Google, most dominant search engine in the world. They collect basically anything and everything about you. ⁓ And so that search engine is one source of this data collection. And then ⁓ the browser you use to actually do those searches, often owned by some of the same companies like Google, ⁓ like Google Chrome specifically, these browsers also directlycollect information about you. So if you’re not using a private search or a private browser, a lot of information is directly collected about you. But then, of course, after you do a search and you get onto a website, the websites themselves have trackers embedded in them. And specifically, we’ve done actually a lot of analysis on this. 85 % of the top websites on the web have Google trackers included in them, and about 36 % haveMeta or Facebook trackers overall. And these trackers are pieces of code that run on the websites that send information about you, what you’re doing on the site, what products you’re looking at, what’s in your shopping cart, and so on to companies that are not the owners of the websites. The same is true of your mobile apps. So just as it happens, the surveillance on websites, it happens in your mobile apps. ⁓ In fact, 96 % of the popular top free AndroidApps send data to third-party companies. And of those, 87 % send data to Google, 68 % send data to Guest It, Meta, and Facebook. Top two trackers overall. And then, of course, there’s other sources too. When you use emails, emails contain trackers. When you open them, little code fires. It tells the email sender when you open their email, where you were when they opened the email. And then there’s a lot of other scenarios too. Like if you go to the store,What do they ask you when you make a purchase at the store? Can we have your email address? And they say, oh, it’s for a loyalty program. You can get points or whatever it is. But the reality is they’re actually usually taking that email address and then directly uploading it to Facebook, to Instagram, so that they can buy advertisements targeting you later. And so you combine all this. And you have this pervasive tracking and then targeting that’s happening.that makes it feel like ultimately there must be microphones listening to you, but it’s just happening throughout your day overall.CristinaIt’s pretty chilling that I could be on almost any site or Android app or reading email or at the mall buying a new shirt and companies like Google are tracking me. So what type of information are they collecting?Peter So they’re typically after two sets of things. And when I say they, I use Google and Meta, Facebook as examples, but there’s thousands of other ad tech companies that are often in the mix trying to collect something about you as well. ⁓ They’re looking first for an identifier. So they want something that’s gonna be able to tie what you’re doing to an identity so they know who it is, or even if they might not know who exactly it is, they wanna know it’s the same person. So of course, email address could be an identifier, your name could be an identifier, phone number could be an identifier. Those are the obvious ones that they would want. And by the way, this is why so many websites try to get you to log in on those websites, often with your Google login, because then they can tie all this, whatever you’re doing on that website to your identity. And then of course, I think most people have heard of cookies, and seen cookie banners come up when they visit websites.Cookies are another form of identifier, might not be your name or your email address, but it is a unique code. And so that when these trackers that are across all these websites see the same cookie identifiers across those websites, they all, this is the same person. And so whatever you did on this site, we can link it to whatever you did on this other site. And then there’s a couple other identifiers such as ⁓ digital fingerprints, which really use information about your device, like your screen resolution and your battery, literally the state of your headphone jack on your smartphones, they piece this together into a digital fingerprint that is unique. And so if they see the same set of attributes about your device on a different website or different app, again, they can infer this is the same person overall. So that’s the first thing they want, identifiers. And then the second thing they want is something about you, behavior, interests, actions. ⁓ And so it might be as high level as Cristina’s into snowboarding. ⁓But it could be as low level as the specific things that you had in your shopping cart, what you purchased in real life in Home Depot last week. ⁓ Whatever it is, they basically want to collect it, put it together into a behavioral profile that they can then turn around to advertisers and offer very hyper-targeting to these individuals overall. And just to give you a sort of creepy example, we’ve done a lot of studies on this with websites and apps.And we looked at health websites and health applications, ones where you may look up health conditions or prescription drugs. And we literally observe these trackers included in these apps or websites sending information about your health conditions, your sexual orientation, and even prescription drug information to third-party companies overall, things that people would be absolutely shocked to hear overall.CristinaThat’s definitely not information I want shared without my permission. ⁓ And while historically I might have thought something like, ⁓ battery life or headphone jacks, whatever, don’t care, when you start piecing it together to make this fingerprint like you’re talking about, yeah, it gets super scary. You know, I’ve heard some people say, ugh, it’s impossible to do anything when it comes to these giant companies and all these clever ways they’re collecting information. Anything I could do would just be a drop in the ocean. How is DuckDuckGo thinking about a user-led approach to solving the privacy problem?Peter DuckDuckGo, obviously, most people know us through our private search engine. And of course, our private search doesn’t collect information about users. That’s what sets it apart. And even our advertisements themselves on DuckDuckGo search are just based on what you’re searching for. But ⁓ we realized that protecting people in their searches is not enough. We needed to protect people’s privacy more broadly. And so that’s why DuckDuckGo introduced you some years back. ⁓browsers as well. And so you could use our search and our browser to more broadly protect you. ⁓ Let me share my screen a little bit here just to show you a sort of comparison we put together. So we put together a comparison for people. I won’t go over all the details. feel free to take a look at this later, duckduckgo.com slash compare dash privacy. But ⁓ basically, when you’re trying to protectCristinaThat’d be great.Peter privacy broadly through all these threats I step through. You really need protections for each one of those threats and the methods of data collection. And so that’s what we try to incorporate into our browser overall. And so you’ll see our browser has a bunch of different web tracking protections. We block these third party trackers that are on the websites. We block link trackings, a little codes embedded in the links you click on that can reveal information about you.We block the cookies, the third party cookies that are used to track you and a lot more. can kind of see, you know, going down this list, all this sort of comprehensive protections we have in addition to, of course, the private search that I mentioned. And you can see that comparison, you know, relative to Chrome here. ⁓ Most people in the world from a browser perspective are using Chrome. And you can see out of the box, Chrome does not protect you fromreally any of these threats. ⁓ And a lot of these companies that own browsers like Chrome will say, well, we offer user choice and you can configure things to protect your data how you want. And the reality is most people will not understand the details of all these tracking methods and they won’t know how to go into the settings in Chrome and configure it, know, granularly to stop some of these things. And many of these things you can’t actually prevent using Chrome settings as well.And so the DuckDuckGo browser, we try to make it very comprehensive and it really gives you a broad set of protections in a bunch of scenarios. And that extends to even email and on Android protecting you in other apps, ⁓ when you’re using other apps on your device with their app tracking protection. So feel free to take a look at this, scroll through it and compare whatever browser you currently use to what DuckDuckGo offers overall.CristinaThat’s a great chart. Thank you for sharing that. ⁓ It also helps unpack some of ⁓ the privacy washing that’s been happening. Do you want to touch on that briefly?Peter Absolutely. So we often describe how other browsers say, we offer privacy, we’re private, or we offer user choice. And we describe that as privacy washing, in that they’re making you think that they are private. But in fact, they’re really not offering you a comprehensive suite of protections that is necessary to stop all the data collection in these different circumstances overall. So don’t be fooled by a lot of the you know, sort of fancy advertisements you see, you know, do take, go do your research, use a comparison chart like ours. We tried to really dig in on the details. If you want to dig in granularly and see exactly how it works on, you know, Windows and Mac, and we actually offer learn more links here. You can click through into our help pages ⁓ and we offer, you know, full explanations on how it all works in detail for those that are interested.CristinaAwesome. Yeah, it certainly seems like there’s a lot of intentional conflation of security and privacy and every company, even beyond browsers, want to talk about how private they are, even the most are far from it. ⁓ Maybe you want to stop sharing your screen and then can you leave us with some parting thoughts for those people who still may not be convinced, who still may say, isn’t needed because I have nothing to hide. Why else should they care?Peter Yeah, actually, won’t stop sharing the screen because I’ll show something to illustrate this a little bit further. So of course, stopping the data collection itself will lead to all kinds of benefits for you. No creepy ads following you around online. But there’s a lot of other benefits that come along with these privacy protections. Just to illustrate one of those, I think I’ll use a particular website here, but it’s notCristinaOkay, great.Peter you know, anything out of the ordinary, you’ve all seen these cookie banners that come up on websites all the time. Some of them are huge like this. They take up most of the page before you can even use the website. You have to read all this legalese and then make a decision about cookie usage. Most people don’t understand any of these details and they will click off of this as soon as possible. But the reality is if you click, yes, I accept, what you’re typically doing is givingthe authorization for these cookies, these identifiers I mentioned earlier to be used to track you and store information about you ⁓ overall. And this screen is an annoyance. think everyone’s experienced this on every website you go to. DuckDuckGo out of the box offers something called ⁓ Cookie Pop-Up Protection. I turned it off here for the purpose of illustrating that cookie banner, but I’ll turn it on so you can see, and this is the default that you’ll get in DuckDuckGo so you can see this benefit.Now, next time you go to this website or in general, when you visit sites like this, Dite.go, you can see it came up and then these cookies managed at the top. We are automatically seeing that this cookie banner came up and selecting the most private option for you and then dismissing it. And so it’s a huge benefit in terms of annoyance reduction online. And you’ll see as a result, there are no tracking requests anymore found on this page. ⁓because we picked the most private option for users overall. That plus just a lack of creepy ads you’ll see online, you’ll see a lot fewer ads. And then the last thing I’ll say, because AI is such a hot topic, many people are starting to use AI tools. ⁓ These privacy issues I’m talking about are just going to get worse in the world of AI.because a lot of the AI companies have really stated their intention to collect a lot about the user so that they can use that information to tailor these AI results and responses in AI chat and so forth. So it’s important that you really use products like DuckDuckGo search, browser, protected privacy, and Duck.AI is our foray into the AI world that will help protect your privacy in AI as people start to use these new tools.CristinaThanks for that additional detail. think most folks, regardless of their views on AI, can agree that privacy will probably get worse with it. And yeah, I love that you shared the cookie pop-up example. I think that’s a really good example of good intentions, terrible execution. And if I never saw one of those again, I’d be a very happy person. Well, I hope folks are convinced enough to go learn more.Peter Absolutely, you and me both.Cristinato try out DuckDuckGo. Peter, it was lovely chatting with you. Thank you so much for your time today.Peter Lovely chatting with you and hopefully we didn’t scare too many people right before Halloween with this Hanwan world of trackers.CristinaExactly. Well, thanks to everyone who took the time to listen to our conversation. We have many more episodes planned on a wide variety of topics, so stay tuned for more. See you later!Peter Thank you. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit insideduckduckgo.substack.com

  --------  

  16:18

  --------

  16:18
• Duck Tales: More ways to customize DuckDuckGo — now you can exclude certain websites from search results (episode 5)

  In this episode, Gabriel (Founder) and Greg (Product, Search) discuss how we’re giving users even more ways to customize their search experience with site exclusions — an easy way to remove certain websites from appearing in search results.Disclaimers: (1) The audio, video (above), and transcript (below) are unedited and may contain minor inaccuracies or transcription errors. (2) This website is operated by Substack. This is their privacy policy.Gabriel:Hello again, welcome to DuckTales, our inside DuckDuckGo podcast video thing. I don’t know what you call us exactly. Today I have Greg with us. Greg, you want to introduce yourself?Greg:Hello, ⁓ I’m Greg Fiorentino. ⁓ I ⁓ work on the product team here at DuckDuckGo. I’ve been here almost seven years, which is wild, time flies, ⁓ but yeah.Gabriel:That is a long time. And you’re underselling yourself a little bit. Yes, you’re on product team, but for the last while and for the future, you’re running our search engine, correct?Greg:Yeah, that’s right. Search retention, ⁓ I have worked across local search, the search ads, ⁓ lots of different things. ⁓Gabriel:Sweet, and today we are talking about a relatively new search feature that we launched that people are liking. And you know what, I won’t even introduce it. I’ll leave you to share your screen and let’s walk through it.Greg:Sure. So ⁓ we now ⁓ have the ability to, ⁓ for users to exclude ⁓ individual domains ⁓ from their search results. So I’ll kind of show real quick what this looks like. Let’s say I’m doing a, I’m writing some code and I want to do a technical search. I want to figure out how to do an array of strings in TypeScript.Gabriel:Those who don’t know TypeScript is a programming language. Yes, right. JavaScript-ish.Greg:Programming language, yeah, yeah, yeah. Super set of JavaScript. So let’s say I want to know how to do this and I get a bunch of search results and I see some here. And some of these are sites I know and like, and maybe some of them I want to exclude. I don’t want to throw too much shade, but let me just pick one and kind of go. So let’s say I don’t want to get results from W3 schools.Gabriel:I’ve seen so many comments about people wanting to get rid of W3Skulls, not to throw shade. I’ve used W3Skulls before and I don’t find it that bad, but there’s a lot of people who seem to not like it who would probably want to remove it, so.Greg:Yeah I’ve used it too. Yeah. Yeah, and I would say, mean, this feature, I think, is particularly good for use cases like this, where there’s a site that maybe comes up a lot, and for whatever reason, a user has kind of a disposition that they just don’t want to see that site. We have other ways to accomplish this. ⁓ You can just put minus site and then the domain in your query.Gabriel:So you could do that for a long time, right? This minus sign thing. But this menu, which people don’t even maybe realize exists a lot of people, is relatively new, like maybe a year ago or something like that.Greg:Yeah, we added this menu a little over a year ago to all organics, and organics being these text results. And at first, And in fact, I can just show if I click this redo search without this site, you’ll see it adds that syntax right to the query ⁓ and excludes it from the results. ⁓ So we’ve had that since we first launched this menu about a year ago. ⁓ And it works pretty well. We got some good feedback about that when we first launched it. ⁓ We also added that menu to give us the ability to have users flag specific results ⁓ for a variety of reasons. So users can tell us about individual results that they don’t like if they click Share Feedback about this site. ⁓ But the new feature is that you can now choose to block this site from all results. So you don’t have to add that syntax to the query every time you want to remove it. So if I do that, you get this little message saying that it’s been blocked successfully. And I’m not sure if my screen is showing it, but you get a message at the top that tells you that you have one result hidden from a site that you’ve blocked. And you can also go into your settings and you can see the sites that you’ve blocked and manage them.Gabriel:Sweet and reception so far. don’t think, cause I think it was new. I don’t think we’ve done a lot of announcements of this yet. ⁓ by the curious, like, is it starting to get usage? Like that kind of thing.Greg:Yeah, we’re seeing a relatively ⁓ growing number of searches per day that use this block in some form. The vast majority are only blocking a single site. ⁓ We’ve talked about it little bit in a couple of places ⁓ on social and also just have users write in through our usual feedback channels to tell us about it. ⁓ You know, I think the theme here is that... We just are giving users more choice ⁓ in how their search results work. They can ⁓ do some level of customization to their own needs. ⁓ And so this is kind of another feature that helps to accomplish that. And I think that’s generally appreciated. There are some limitations also to this that we’ve heard about too, and we’re thinking about how to make it even better. But yes, growing usage and some positive results. reaction so far.Gabriel:Sweet, yeah, I agree. We’ve been doing customization for a long time. mean, like this, the settings screen you’re just showing shows how many settings we actually support in terms of customization, which is a lot. And it reminds me of the AI filter that we also recently launched to remove ⁓ some AI image search results. ⁓ This, like you said, it’s a little different because it’s more like... specific domains that are coming up a lot that you really don’t like. ⁓ But yeah, I’m curious, like, given the feedback so far, and I remember now seeing several subreddit people finding it and posting positive things about it, subreddit posts. But yeah, like, where are we thinking of taking this in the future? Or like, are there other features, kind of like the AI one that kind of merges or circles around this same idea of like removing things?Greg:Yeah, there are a couple of things. mean, you know, as a starting point, we had a limitation of five domains, up to five domains that users could do. You know, part of that was based on this hypothesis that most users really would only want to block one or two, which I think is what we’re seeing. We have had people ask us for more. We’re exploring how we would do that. You know, these things are always...Gabriel:In pause of that, partly a couple follow-up questions. One is, it’s client-side now, right? Like, you’re, you block the domains, you’re actually getting the results back, but then your client is removing them based on your settings.Greg:That’s correct, yeah, the result is there, it’s just not shown.Gabriel:Got it. And the second thing is like, I think we were also talking about like, if you remove too many, that’s probably the way I put the message up. Like you may actually want them sometimes when they’re really relevant. And then if you remove tons of domains and then you remove actually good stuff sometimes, then you’re going to think our search results are terrible because you actually removed stuff that was important that one time.Greg:That’s right. One of the things we tested when we built this was how often do we see just a page of all the same domain, such that if a user removed that domain, they would get a no results page and think that the search engine was broken. ⁓Gabriel:You’re like, no results that time, yeah.Greg:It’s not zero, right? If I, for example, typed in, you know, I wanna see something on W3 schools from that example from a minute ago and got all results from there, it would just be an empty page. So we wanna be able to say, hey, you’ve made some customization here that’s hiding some results from you and you have the option then to see them.Gabriel:But nevertheless, we’re, I we set five initially, but we’re thinking about increasing it at least a little bit.Greg:That’s right. They’re also, ⁓ right now they only apply to those organic texts. link results. We’re looking at expanding that to other kinds of content on the page that it should also apply to. ⁓ And there’s potentially overlap with the AI image feature that you talked about. ⁓ Certainly, there’s some use cases around ⁓ news or videos or other kinds of content that users might want to have a little bit more customization around.Gabriel:And it’s also, I it’s also possible that, you know, similar to the AI image list, we could use a kind of organic AI list to have a different feature, but a similar kind of toggle to like remove AI organics or something like that.Greg:Yeah, that’s definitely something we’re looking at too. I mean, it’s a similar kind of ⁓ challenge and part of the challenge there is just that there are so many new sites kind of popping up every day. ⁓ And so this feature is less geared around that. I would put that in more of the sort of... ⁓ spam category, results that are ⁓ things that maybe very, very rarely get clicked ⁓ on, very fresh, ⁓ but not a ton of original content. ⁓ There are potentially other things that we wanna add on top of this feature to kind of supplement that and help users not have so many of those showing up in their results too.Gabriel:I guess related to that, I you showed the menu where we have, and you could submit feedback. think we’ve also, I mean, you could submit feedback there that it’s a spam site. I think we might’ve also recently added, you could submit that it’s an AI spam site, but we actually use that information. And to the extent that we ultimately make a feature that might toggle off some of that, like we would use that feedback. So if you’re out there and you wanna submit us feedback, that’s a good way to do it for like sites that you’re finding you don’t. are completely not relevant,Greg:Yeah, that’s exactly right. Maybe I’ll just show that real quick because...Gabriel:Yeah, that’s good. I mean, we want more feedback on this particular variety.Greg:We do. mean, the more feedback we get about it, the better. ⁓ So say I come in here and go share feedback about this site. ⁓ You can select that a site ⁓ is AI generated. You can sort of tell us anything you might want to tell us about that, or you can just send that and it will flag it for us to review. we obviously, we get a bunch of these every day now. ⁓ We only added this AI generated option a couple of weeks ago even, we’ve had the spam option, which we’ve used ⁓ for a while. ⁓ But we’re sort of looking at these, ⁓ we’re investing in other ways to help us kind of verify that something is in fact AI generated. ⁓ And it’s a pretty new ⁓ space and I think we’re sort of learning what works well for that. again, if you’re out there and you want to tell us about these, ⁓ we are kind of building up our capabilities around this and making use of that feedback directly.Gabriel:Sweet. Great. Anything I missed about this feature or you didn’t tell us that you want to share?Greg:⁓ I think that just kind of on the topic of choice and customization, we put a decent amount of thought into ⁓ how we make it clear to users that ⁓ this feature is in effect, that you’ve blocked a site, ⁓ how you kind of manage the list of blocked sites once you... ⁓ you know, once you’ve done that. I think, you know, we’d love to hear other feedback about how well that’s working, how clear that is. ⁓ You know, we kind of build these things and put them out there. We test them a lot. But, you know, as we add more functionality to this, you know, we’re always looking for... ⁓ for feedback about how well it works and ways to make it better. So, you know, that’s one particular piece that to me was really important when we built it was, you know, we don’t want to create a feature kind of thinking it’s useful and then, you know, make something that is... inadvertently creating confusion or making it harder for users to find what they’re looking for. So that’s something we’re kind of on the lookout for as we try to improve it.Gabriel:That’s great. It reminds me of one last thing, which I think we should just basically have a future episode about. just to tease out, I’m sure we’re going to get this point of feedback in the next, this is prediction, in the next month from our subreddit. I set these sites that I don’t want to see, and then I cleared all my settings, and now I have to redo them. ⁓ Unfortunately, outside of our browser, we don’t really have a lot of control with that because settings... We don’t have accounts and settings are getting stored in browser storage. And if you clear all the browser storage for an up to go, then this goes away. However, we are working on ⁓ syncing your search settings to your browser settings. So if you’re using our browser, ⁓ we won’t lose your search settings. And that is a thing that people have been asking for for literally a decade. And so I’m very excited about working on it. Not that we’re done with it yet, but like ⁓ maybe when we first... have that working, could come back and do another episode with somebody.Greg:Yeah, I think it would be great to showcase that. we’ve tried a number of ⁓ technical solutions to try to reduce the ⁓ accidental clearing of settings. ⁓ And yeah, we have less control outside of our browsers. But even there, think we’ve made some strides. ⁓ Within our browsers, there’s a lot more we can do ⁓ and then ways to allow users to sync. ⁓ So we could definitely showcase that.Gabriel:Cool. Well, thank you, Greg, for coming on to DuckTales and thank you everybody for listening. And until next time.Greg:Thanks, Gabriel. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit insideduckduckgo.substack.com

  --------  

  14:57

  --------

  14:57

More Business podcasts

Trending Business podcasts

About Inside DuckDuckGo