How to Protect the Most Privacy with the Least Effort: Change Search Engines
If you use Google, Yahoo, Bing, or any other service that tracks your search terms, there is no reason not to change search engines today.
When you do a search with these companies, they log your IP address and search terms, and store that data for varying periods of time. If you are logged in with them, they know much more about your identity, and can combine your search history with other sensitive information they have about you. And of course, these records, once stored, can be (among other things) obtained by government agencies very easily under the Patriot Act and other laws. In the last half of 2013, for example, Google reports that it was required to hand over information about 42,648 user accounts.
Everybody today realizes that our privacy is under assault. There are things you can do to protect yourself, but a lot of them require varying degrees of technological expertise and/or willingness to put up with inconveniences. Changing to a privacy-protective search engine, however, may be the one step that will do the most to protect one’s privacy with the least amount of cost, effort, or expertise.
That’s because search query records can be one of the most personal and revealing data streams that we create. They are a rich reflection of our problems, our interests, our work, our hobbies—and often our every fleeting thought. And aside from opening ourselves to such broad scrutiny, there are often particular searches that we may be especially keen not to have recorded. Curious what that odd-sounding sexual fetish that you saw referenced is all about? Writing a screenplay and searching for details on how to commit a heinous crime? Curious about some horrible disease, but not eager to have some internet company thinking you might have it?
In 2006, AOL, as a public service to researchers, released a large set of searches that had been conducted on its sites. The identity of the searchers was removed and replaced with an arbitrary number, though all the searches by the same individual were still gathered under the same identifier. The New York Times quickly found that it was not hard to identify many of the searchers through the content of their searches, which often revealed information such as home town, neighborhood, age, sex, and other details. AOL apologized and took down the database, but the incident has become a defining example of how search engine history can have powerful privacy implications. CNET went through the database and found many personal and often disturbing search sets. Together they provide an electrifying sense of just how intimate and revealing the information one “shares” with a search engine can be. To take just one of the examples found by CNET, an AOL user whose searches revealed him or her to be a resident of Ohio’s Mahoning County had a search record that included:
calories in bananas
aftermath of incest
how to tell your family you're a victim of incest
pottery barn
curtains
surgical help for depression
oakland raiders comforter set
can you adopt after a suicide attempt
There are several search engines out there that promise not to retain records of searches. Last year, after many years with Google as my home page, I decided to take what felt in some ways like a radical step: switching to the search engine DuckDuckGo. DuckDuckGo promises that they do not store user’s IP addresses or any other personalized information that can create a record of your searches. If you do two searches on DuckDuckGo, the service doesn’t even have a way of knowing that they were both done by the same person. It also doesn’t forward your search terms to the sites you click through to.
So what did I think? The one downside of switching was something I felt right away: the undefinable and irrational psychic discomfort of simply seeing a new user interface, which was slightly disconcerting at first after so many years of staring at Google’s screens. But that wore off quickly. More important was functionality. In terms of search results, I haven’t noticed any quality difference between DuckDuckGo and Google. Of course I have a link to Google on my shortcut bar so I’m only one click away and when a DuckDuckGo search doesn’t get me the result I need, I can try Google. Though almost always I find their results are no better. The only exception is when I have searched for my own or other ACLU-related work, where (I assume) Google’s personalization is at play. In other words, in those cases Google is giving me better results because they know who I am. No thanks. I’m willing to lose that in exchange for privacy—and can always pull up Google if I want to. (It can also be nice to find refuge from the filter bubble—to know you’re seeing the same results as everybody else.)
There are other privacy-protecting options besides DuckDuckGo, including Startpage, which delivers Google search results while acting as an intermediary to hide your identity from Google. How-To Geek has a roundup of some alternative engines.
I should note that any search engine, if served with a lawful order by the government, would be required to begin retaining and handing over any records of searches you perform after receipt of that order. But if they don’t have a record of your past searches, that’s one less thing they would be turning over. Note also that spyware or certain other programs and apps running on your computer may reveal your searches separately. In particular, if you are signed in to a browser such as Chrome that is set to synch your browser history, Google will store your search history through the URLs that it collects that have your search terms embedded in them. Google does offer the option to locally encrypt synced data, however. Such encryption takes place by default when syncing with Firefox.
Overall, there’s no reason to continue letting your search info flow to a non-private search engine when switching is a high-benefit, zero-cost proposition.