DuckDuckGo announced today that they will now be blocking all third-party Microsoft tracking scripts in their privacy browser after failing to block them in the past.
This change comes after the company faced massive blowback in May for not blocking some third-party Microsoft trackers in the DuckDuckGo browser due to a syndicated search content agreement between the two companies.
This was in stark contrast to the DuckDuckGo browser's past description, which stated that they block hidden trackers found on websites.
"Tracker Radar automatically blocks hidden third-party trackers we can find lurking on websites you visit in DuckDuckGo, which stops the companies behind those trackers from collecting and selling your data," explains the Apple App Store page for the DuckDuckGo Privacy Browser.
The fact that some Microsoft trackers were allowed was discovered by security researcher Zach Edwards, who found that the DuckDuckGo browser blocked Google and Facebook trackers but allowed some of Microsoft's trackers on Linkedin and Bing domains.
Blocking all Microsoft trackers, most of the time
Today, DuckDuckGo announced that it would begin this week to block all third-party Microsoft tracking scripts in its mobile DuckDuckGo Privacy Browser (iOS/Android) and DuckDuckGo Privacy Essentials browser extensions (Chrome, Firefox, Safari, Edge, and Opera).
"Recently, I’ve heard from a number of users and understand that we didn’t meet their expectations around one of our browser’s web tracking protections. So today we are announcing more privacy and transparency around DuckDuckGo’s web tracking protections," reads an announcement by DuckDuckGo CEO Gabriel Weinberg.
The blocking of Microsoft trackers is being rolled out through the 3rd-Party Tracker Loading Protection feature, with DuckDuckGo telling BleepingComputer that scripts from the following twenty-one URLs will be blocked:
adnxs.com
adnxs-simple.com
adsymptotic.com
adv-cloudfilse.azureedge.net
app-fnsp-matomo-analytics-prod.azurewebsites.net
azure.com
azure.net
bing.com
cdnnwlive.azureedge.net
clarity.ms
dynamics.com
fp-cdn.azureedge.net
licdn.com
linkedin.com
live-tfs-omnilytics.azurewebsites.net
msecnd.net
nlo-stl-web.azureedge.net
nuance.com
pestcontrol-uc1.azureedge.net
sdtagging.azureedge.net
serviceschipotlecom.trafficmanager.net
However, as DuckDuckGo relies on Microsoft Advertising for ads shown in the search engine, there will be some limited allowance of Microsoft trackers when using the privacy browser.
When clicking on an advertisement in the DuckDuckGo search, the DDG browser will allow tracking scripts from bat.bing.com to execute once on the advertiser's site. This allowance enables advertisers to track how well their advertising campaigns are working.
However, DuckDuckGo will block all further calls on that site that attempt to load trackers from bat.bing.com.
This is not a perfect solution, but DuckDuckGo says that they are hoping to replace bat.bing.com trackers in the future with private ad conversion implementations that are currently in development by Firefox and Safari.
Microsoft says they are pleased with this solution, as it allows DuckDuckGo to increase users' privacy while also allowing Microsoft advertisers to continue tracking the performance of their ads.
"Microsoft has policies in place to ensure that we balance the needs of our publishers with the needs of our advertisers to accurately track conversions on our network," Microsoft told BleepingComputer.
"We have been partnering with DuckDuckGo to understand the implications of this policy and we are pleased to have arrived at a solution that addresses those concerns."
Finally, Weinberg announced more transparency around its web tracking protection features by launching a dedicated help page and sharing the list of blocked trackers on GitHub.
Comments
lonegull - 1 year ago
Good luck! Microsoft has literally millions of IP address and hundreds of domains to route tracking through (plus third party platforms), this is a futile effort (I've tried many times). Can't block many because they support features and Windows updates, IP addresses of updates always changes. You are going to be tracked, there is no way around it!!
ardsur - 1 year ago
<p>don't despair. You can do something to make it far far more difficult for M$ to track you. e.g. - delete WIndows and switch to any Linux distro, as any linux distro is more protective to you than anything windows can offer. - get rid of Edge browser, which is full of trackers, just get rid of it complete, there are so many better browsers - get rid of Bing, sorry for this one as you must not use Bing already, I used already DDG, but after this tracking disaster are now using search engine. - don't use OneDrive from M$, as it is full of trackers and allows to read all you documents, there are many trustworthy no-knowledge clouds, e.g. Meta, Nextcloud,ProtonDrive - don't use Office 365, Microsoft365 or whatever it is called, it is full of trackers and records all you do, it also (tries) to store all you documents in OneDrive and collect all your contacts on the collaborate with you, - don't use MS Teams, but a safer one and I can continue, in short avoid MS products as if it were the pest.</p>
TairikuOkami - 1 year ago
DDG had too many strikes to be trusted and usually fixing them after being caught.
blzimbub - 1 month ago
I think they are legit trying to make a secure browser, but need more time before they get things 100% right. They are not even version 1.0 yet.