Has DuckDuckGo ever been accused of selling user data or sharing it with advertisers?
Executive summary
DuckDuckGo has been accused — in reporting and by security researchers — of allowing advertising trackers from partners (notably Microsoft) to bypass its tracker blocks in its Privacy Browser, which critics framed as a betrayal of its privacy promises [1] [2]. DuckDuckGo formally denies selling personal information and says it does not track or share search/browsing histories, while the disputed behavior relates to a technical exception for partner integrations rather than a straightforward sale of user data [3] [2].
1. The core accusation — privacy promises vs. an exception for partners
Multiple outlets and researchers raised alarms after discovering that DuckDuckGo’s browser made an exception that allowed some Microsoft-owned tracking scripts to function, leading critics to accuse the company of “lifting the velvet rope” and betraying its marketed privacy ethos [1] [2]. Coverage framed this not as a covert data marketplace transaction but as a technical pathway by which partner domains could see requests in ways that might enable cross-site tracking unless mitigated [1] [2].
2. The technical detail at issue — partner requests and “on behalf of” behavior
Reporting explained that DuckDuckGo’s implementation routes certain requests through its own infrastructure so partners “see those requests as though they came from us instead of our users,” a mechanism DuckDuckGo described as not passing unique identifiers while enabling integrated search and content features — a nuance central to the controversy [2]. Critics argue that even anonymized or proxied requests can enable corporate trackers on Microsoft-owned domains like Bing or LinkedIn to observe activity that would otherwise have been blocked, thereby undermining the practical privacy protections users expect [2].
3. Company response — categorical denial of selling data, contextual defense
DuckDuckGo’s public help pages state flatly that the company has “never sold personal information to anyone” and that it does not track users or save and share search or browsing history when people use its services [3]. At the same time, the company’s CEO offered clarifications defending the policy as related to the mobile Privacy Browser app and not to DuckDuckGo’s search engine, portraying the change as a product-integration decision rather than an admission of selling or directly handing user profiles to advertisers [2].
4. How reporting and commentators framed the issue — betrayal vs. nuance
Wired and other outlets highlighted the discovery as a reputational shock, casting it as an exception that appeared inconsistent with DuckDuckGo’s marketing and prompting broader debate about whether technical partner arrangements amount to “selling” user data or simply a pragmatic tradeoff for features [1] [2]. Some commentators and blog pieces pushed a sterner narrative that DuckDuckGo “can’t be trusted,” while other reports focused on the limited scope — an app-level integration with Microsoft — and the company’s claims of anonymization [4] [5].
5. Assessment — accused of enabling partner tracking, not proven to have sold data
Based on the available reporting, DuckDuckGo has been publicly accused of permitting Microsoft-affiliated tracking behavior in specific product contexts and criticized for how that squares with its privacy branding, but the company maintains it has not sold personal information and insists no unique identifiers are passed in the partner request flow; the dispute centers on whether such exceptions constitute sharing data with advertisers or merely technical interoperability [1] [2] [3]. Reporting does not document a factual admission or regulatory finding that DuckDuckGo sold user data to advertisers, only revelations and accusations about partner exceptions and ensuing public backlash [1] [2] [3].