What changes did DuckDuckGo make after the 2022 criticisms and have independent audits confirmed those fixes?

1. The 2022 controversy and what was actually exposed

In mid‑2022 researcher Zach Edwards and others reported that DuckDuckGo’s mobile browser and extensions allowed certain Microsoft-owned tracking scripts on third‑party sites because of a search syndication agreement, a discovery that undercut the company’s “blocks hidden third‑party trackers” messaging ^{[1] [4] [3]}. DuckDuckGo’s CEO later acknowledged the exception and the reporting made clear the issue centered on contract language tied to Bing/LinkedIn ad conversion tracking rather than a covert, company‑wide policy to ignore trackers ^{[4] [1]}.

2. The immediate product and contractual changes DuckDuckGo made

After the disclosure DuckDuckGo announced it had amended terms with Microsoft and planned to expand blocking of Microsoft scripts across iOS and Android apps and browser extensions (Chrome, Firefox, Safari, Edge, Opera) with rollouts following the August 2022 change, a move publicized by the company and covered by TechCrunch ^[1]. Multiple review pieces and privacy writeups corroborate that DuckDuckGo removed the special‑case carve‑out for Microsoft and updated its blocking lists and app behavior to include those previously exempted scripts ^{[2] [4]}.

3. What independent researchers and audits have confirmed so far

Independent security researchers were the ones who revealed the original exception and validated that DuckDuckGo subsequently altered behavior to block Microsoft‑owned scripts in the affected contexts; TechCrunch cites the independent researcher who found the backdoor and the company’s public pledge to change the contract ^[1]. However, several industry and privacy reviewers note that DuckDuckGo has not subjected itself to a comprehensive, formal privacy audit covering all product surfaces, and observers keep pointing out the lack of an overarching independent verification that every claimed fix is complete ^{[3] [2] [5]}.

4. Remaining scrutiny and later findings that complicate the narrative

Reporting in later years continued to raise concerns: some audits and writeups published after 2022 flagged additional technical and transparency issues—examples include claims that audits found exposures on sites using outdated web tech and persistent user skepticism about undisclosed practices—which suggests fixes have been iterative rather than once‑and‑done ^{[6] [3]}. At the same time, review sites reiterate that while the Microsoft carve‑out was removed, the company still hasn’t aligned with privacy tools that undergo repeated, public third‑party audits ^{[2] [5]}.

5. Conflicting viewpoints, incentives and what the evidence supports

DuckDuckGo framed the change as a contractual renegotiation that restored the product’s intended blocking behavior, and Microsoft publicly said it worked with DuckDuckGo to address publisher/advertiser concerns ^[1]. Privacy advocates and some reviewers, however, view the episode as evidence of opaque dependencies—DuckDuckGo’s reliance on Bing search results and contractual tradeoffs—that demand independent validation rather than company statements alone ^{[2] [5]}. The available evidence supports that a specific, serious problem was fixed (Microsoft scripts were added to blocklists), that independent researchers corroborated both the problem and the fix, but that no broad, formal audit has been published that definitively certifies all of DuckDuckGo’s privacy claims across platforms ^{[1] [3] [2]}.

6. Bottom line: fixes implemented, but full independent confirmation is incomplete

DuckDuckGo implemented the concrete change critics demanded—removing the Microsoft tracking exception and expanding script blocking in apps and extensions—and researchers verified that change in practice, yet the company has not produced (and reviewers note the absence of) a comprehensive, public third‑party audit that would definitively confirm every aspect of its privacy posture and rule out other technical exposures ^{[1] [3] [2]}.