What specific technical evidence did researchers publish about Microsoft trackers in DuckDuckGo’s mobile browser in 2022?

1. What the published technical evidence actually showed

Edwards’ audit produced concrete network-observation artifacts and a screenshot/POC demonstrating that pages loaded in DuckDuckGo’s mobile browser were making outbound requests to Microsoft-owned endpoints (notably bing.com and linkedin.com) despite other third‑party trackers being blocked; reporting summarized that the Workplace.com page, for example, was observed sending information to Bing and LinkedIn ad domains ^{[1] [5] [2]}.

2. Method and artifacts cited by researchers and reporters

The evidence presented took the form of a Twitter thread with logs and images showing third‑party script loads and subsequent HTTP requests to Microsoft ad domains, and publications cited those logs as demonstrating data flows to Microsoft Advertising/Bing and LinkedIn ad endpoints ^{[6] [7]}. Reporters described Edwards’ work as a security audit and data-usage test that traced which scripts the DuckDuckGo browser blocked versus allowed to execute ^{[1] [3]}.

3. Which trackers and domains were named in the evidence

Multiple sources reproduced the core technical claim: DuckDuckGo’s browser blocked Google and Facebook trackers but allowed certain Microsoft scripts from bing.com and linkedin.com to load on third‑party sites; coverage repeatedly cites links to bat.bing.com and other Microsoft ad measurement endpoints as part of the observed flows ^{[7] [8] [9]}.

4. DuckDuckGo’s technical and contractual explanation

DuckDuckGo’s founder acknowledged the observations in public replies and explained that the browser already blocked Microsoft third‑party cookies and many tracking methods, but that some Microsoft scripts were not blocked “due to a search syndication agreement” with Microsoft—language that was reported and quoted directly in several outlets ^{[3] [10] [2]}. DuckDuckGo also stated that most other browser protections remained in place and that ad-click attribution behavior (e.g., bat.bing.com after a DuckDuckGo ad click) would continue for measurement and billing purposes ^[9].

5. What changed after the evidence and why it matters technically

Following the published evidence and community pressure, DuckDuckGo expanded its “3rd‑Party Tracker Loading Protection” to include identified Microsoft tracking scripts across its mobile apps and browser extensions and published its tracker protection list to GitHub; outlets reported this rollout in August 2022 as a direct remedial step ^{[4] [11] [9]}. Reuters later noted DuckDuckGo’s August announcement that the prior carve‑out had been eliminated ^[12].

6. Limits of the published evidence and alternative framings

The published technical artifacts showed network requests and script execution to Microsoft domains, but reporting and DuckDuckGo’s statements stressed distinctions: DuckDuckGo said it did not associate ad‑click data with persistent user profiles and that many Microsoft tracking mechanisms (e.g., third‑party cookies) were already blocked ^{[10] [3]}. Coverage also highlights that the findings applied to the browser apps and extensions, not DuckDuckGo’s search engine itself, and that the later policy change materially narrowed the original concern ^{[3] [12]}. Where the sources do not provide packet‑level captures or full forensic logs in their articles, the reporting relies on Edwards’ thread and company statements rather than independent public PCAPs published alongside the story ^{[1] [6]}.