Inside DuckDuckGo – Details, episodes & analysis

In this episode, Cristina (SVP, Marketing) and Peter (Director, Product) discuss digital fingerprinting, privacy washing, and how hidden trackers appear in the majority of popular websites. Plus, the steps you can take to protect yourself online.

Disclaimers: (1) The audio, video (above), and transcript (below) are unedited and may contain minor inaccuracies or transcription errors. (2) This website is operated by Substack. This is their privacy policy.

CristinaHi, and welcome to DuckTales, where we go behind the scenes at DuckDuckGo and discuss the stories, technology, and people that help provide privacy tools for everyone.

In each episode, you’ll hear from employees about our vision, product updates, approach to AI, or how we operate as a company. Today, we’re going to chat about the online privacy problem and DuckDuckGo’s web protections. I’m Cristina. I’m on the marketing team. And today, I’ll be interviewing Peter. Peter, would you like to introduce yourself, maybe what team you’re on and where you spend a lot of your time? ⁓

Peter Absolutely.

Hi, Cristina. I’m Peter. I’m on the product team at DuckDuckGo, which I typically work on our browsers and our privacy protection. So happy and excited to talk about the mystifying world of online tracking and privacy today.

CristinaAwesome, likewise, well let’s jump in. So I think a lot of people would be surprised to hear just how much information about them is being tracked online. Some seemingly irrelevant to what they’re doing and some pretty creepy in how detailed it is and how all the dots are being connected. Can you give some examples of the pervasiveness of this tracking?

Peter Absolutely. know, anyone I talk to about online privacy, the first thing they’ll tell me, and I’m sure you’ve heard the same, is microphones must be listening to them. ⁓ Yeah, everyone can give an example of a conversation in their household where not too long thereafter, they’re seeing advertisements, creepy advertisements, following them around online based on, you know, what it is they were talking about. ⁓ And the reality is the amount of surveillance that happens

is like microphones are listening to you everywhere, but the methods are not actually microphones. The methods are actual trackers on websites, on search engines and browsers and apps, which we’ll talk about that are always collecting information about you. ⁓ So just to break those down a little bit, most people, if you think about someone in their daily life, they’re going to go do a search online, whether it’s on their smartphone or on their computer.

The search engine that most people use is, of course, Google, most dominant search engine in the world. They collect basically anything and everything about you. ⁓ And so that search engine is one source of this data collection. And then ⁓ the browser you use to actually do those searches, often owned by some of the same companies like Google, ⁓ like Google Chrome specifically, these browsers also directly

collect information about you. So if you’re not using a private search or a private browser, a lot of information is directly collected about you. But then, of course, after you do a search and you get onto a website, the websites themselves have trackers embedded in them. And specifically, we’ve done actually a lot of analysis on this. 85 % of the top websites on the web have Google trackers included in them, and about 36 % have

Meta or Facebook trackers overall. And these trackers are pieces of code that run on the websites that send information about you, what you’re doing on the site, what products you’re looking at, what’s in your shopping cart, and so on to companies that are not the owners of the websites. The same is true of your mobile apps. So just as it happens, the surveillance on websites, it happens in your mobile apps. ⁓ In fact, 96 % of the popular top free Android

Apps send data to third-party companies. And of those, 87 % send data to Google, 68 % send data to Guest It, Meta, and Facebook. Top two trackers overall. And then, of course, there’s other sources too. When you use emails, emails contain trackers. When you open them, little code fires. It tells the email sender when you open their email, where you were when they opened the email. And then there’s a lot of other scenarios too. Like if you go to the store,

What do they ask you when you make a purchase at the store? Can we have your email address? And they say, oh, it’s for a loyalty program. You can get points or whatever it is. But the reality is they’re actually usually taking that email address and then directly uploading it to Facebook, to Instagram, so that they can buy advertisements targeting you later. And so you combine all this. And you have this pervasive tracking and then targeting that’s happening.

that makes it feel like ultimately there must be microphones listening to you, but it’s just happening throughout your day overall.

CristinaIt’s pretty chilling that I could be on almost any site or Android app or reading email or at the mall buying a new shirt and companies like Google are tracking me. So what type of information are they collecting?

Peter So they’re typically after two sets of things. And when I say they, I use Google and Meta, Facebook as examples, but there’s thousands of other ad tech companies that are often in the mix trying to collect something about you as well. ⁓ They’re looking first for an identifier. So they want something that’s gonna be able to tie what you’re doing to an identity so they know who it is, or even if they might not know who exactly it is, they wanna know it’s the same person. So of course, email address could be an identifier, your name could be an identifier, phone number could be an identifier. Those are the obvious ones that they would want. And by the way, this is why so many websites try to get you to log in on those websites, often with your Google login, because then they can tie all this, whatever you’re doing on that website to your identity. And then of course, I think most people have heard of cookies, and seen cookie banners come up when they visit websites.

Cookies are another form of identifier, might not be your name or your email address, but it is a unique code. And so that when these trackers that are across all these websites see the same cookie identifiers across those websites, they all, this is the same person. And so whatever you did on this site, we can link it to whatever you did on this other site. And then there’s a couple other identifiers such as ⁓ digital fingerprints, which really use information about your device, like your screen resolution and your battery, literally the state of your headphone jack on your smartphones, they piece this together into a digital fingerprint that is unique. And so if they see the same set of attributes about your device on a different website or different app, again, they can infer this is the same person overall. So that’s the first thing they want, identifiers. And then the second thing they want is something about you, behavior, interests, actions. ⁓ And so it might be as high level as Cristina’s into snowboarding. ⁓

But it could be as low level as the specific things that you had in your shopping cart, what you purchased in real life in Home Depot last week. ⁓ Whatever it is, they basically want to collect it, put it together into a behavioral profile that they can then turn around to advertisers and offer very hyper-targeting to these individuals overall. And just to give you a sort of creepy example, we’ve done a lot of studies on this with websites and apps.

And we looked at health websites and health applications, ones where you may look up health conditions or prescription drugs. And we literally observe these trackers included in these apps or websites sending information about your health conditions, your sexual orientation, and even prescription drug information to third-party companies overall, things that people would be absolutely shocked to hear overall.

CristinaThat’s definitely not information I want shared without my permission. ⁓ And while historically I might have thought something like, ⁓ battery life or headphone jacks, whatever, don’t care, when you start piecing it together to make this fingerprint like you’re talking about, yeah, it gets super scary. You know, I’ve heard some people say, ugh, it’s impossible to do anything when it comes to these giant companies and all these clever ways they’re collecting information. Anything I could do would just be a drop in the ocean. How is DuckDuckGo thinking about a user-led approach to solving the privacy problem?

Peter DuckDuckGo, obviously, most people know us through our private search engine. And of course, our private search doesn’t collect information about users. That’s what sets it apart. And even our advertisements themselves on DuckDuckGo search are just based on what you’re searching for. But ⁓ we realized that protecting people in their searches is not enough. We needed to protect people’s privacy more broadly. And so that’s why DuckDuckGo introduced you some years back. ⁓

browsers as well. And so you could use our search and our browser to more broadly protect you. ⁓ Let me share my screen a little bit here just to show you a sort of comparison we put together. So we put together a comparison for people. I won’t go over all the details. feel free to take a look at this later, duckduckgo.com slash compare dash privacy. But ⁓ basically, when you’re trying to protect

CristinaThat’d be great.

Peter privacy broadly through all these threats I step through. You really need protections for each one of those threats and the methods of data collection. And so that’s what we try to incorporate into our browser overall. And so you’ll see our browser has a bunch of different web tracking protections. We block these third party trackers that are on the websites. We block link trackings, a little codes embedded in the links you click on that can reveal information about you.

We block the cookies, the third party cookies that are used to track you and a lot more. can kind of see, you know, going down this list, all this sort of comprehensive protections we have in addition to, of course, the private search that I mentioned. And you can see that comparison, you know, relative to Chrome here. ⁓ Most people in the world from a browser perspective are using Chrome. And you can see out of the box, Chrome does not protect you from

really any of these threats. ⁓ And a lot of these companies that own browsers like Chrome will say, well, we offer user choice and you can configure things to protect your data how you want. And the reality is most people will not understand the details of all these tracking methods and they won’t know how to go into the settings in Chrome and configure it, know, granularly to stop some of these things. And many of these things you can’t actually prevent using Chrome settings as well.

And so the DuckDuckGo browser, we try to make it very comprehensive and it really gives you a broad set of protections in a bunch of scenarios. And that extends to even email and on Android protecting you in other apps, ⁓ when you’re using other apps on your device with their app tracking protection. So feel free to take a look at this, scroll through it and compare whatever browser you currently use to what DuckDuckGo offers overall.

CristinaThat’s a great chart. Thank you for sharing that. ⁓ It also helps unpack some of ⁓ the privacy washing that’s been happening. Do you want to touch on that briefly?

Peter Absolutely. So we often describe how other browsers say, we offer privacy, we’re private, or we offer user choice. And we describe that as privacy washing, in that they’re making you think that they are private. But in fact, they’re really not offering you a comprehensive suite of protections that is necessary to stop all the data collection in these different circumstances overall. So don’t be fooled by a lot of the you know, sort of fancy advertisements you see, you know, do take, go do your research, use a comparison chart like ours. We tried to really dig in on the details. If you want to dig in granularly and see exactly how it works on, you know, Windows and Mac, and we actually offer learn more links here. You can click through into our help pages ⁓ and we offer, you know, full explanations on how it all works in detail for those that are interested.

CristinaAwesome. Yeah, it certainly seems like there’s a lot of intentional conflation of security and privacy and every company, even beyond browsers, want to talk about how private they are, even the most are far from it. ⁓ Maybe you want to stop sharing your screen and then can you leave us with some parting thoughts for those people who still may not be convinced, who still may say, isn’t needed because I have nothing to hide. Why else should they care?

Peter Yeah, actually, won’t stop sharing the screen because I’ll show something to illustrate this a little bit further. So of course, stopping the data collection itself will lead to all kinds of benefits for you. No creepy ads following you around online. But there’s a lot of other benefits that come along with these privacy protections. Just to illustrate one of those, I think I’ll use a particular website here, but it’s not

CristinaOkay, great.

Peter you know, anything out of the ordinary, you’ve all seen these cookie banners that come up on websites all the time. Some of them are huge like this. They take up most of the page before you can even use the website. You have to read all this legalese and then make a decision about cookie usage. Most people don’t understand any of these details and they will click off of this as soon as possible. But the reality is if you click, yes, I accept, what you’re typically doing is giving

the authorization for these cookies, these identifiers I mentioned earlier to be used to track you and store information about you ⁓ overall. And this screen is an annoyance. think everyone’s experienced this on every website you go to. DuckDuckGo out of the box offers something called ⁓ Cookie Pop-Up Protection. I turned it off here for the purpose of illustrating that cookie banner, but I’ll turn it on so you can see, and this is the default that you’ll get in DuckDuckGo so you can see this benefit.

Now, next time you go to this website or in general, when you visit sites like this, Dite.go, you can see it came up and then these cookies managed at the top. We are automatically seeing that this cookie banner came up and selecting the most private option for you and then dismissing it. And so it’s a huge benefit in terms of annoyance reduction online. And you’ll see as a result, there are no tracking requests anymore found on this page. ⁓

because we picked the most private option for users overall. That plus just a lack of creepy ads you’ll see online, you’ll see a lot fewer ads. And then the last thing I’ll say, because AI is such a hot topic, many people are starting to use AI tools. ⁓ These privacy issues I’m talking about are just going to get worse in the world of AI.

because a lot of the AI companies have really stated their intention to collect a lot about the user so that they can use that information to tailor these AI results and responses in AI chat and so forth. So it’s important that you really use products like DuckDuckGo search, browser, protected privacy, and Duck.AI is our foray into the AI world that will help protect your privacy in AI as people start to use these new tools.

CristinaThanks for that additional detail. think most folks, regardless of their views on AI, can agree that privacy will probably get worse with it. And yeah, I love that you shared the cookie pop-up example. I think that’s a really good example of good intentions, terrible execution. And if I never saw one of those again, I’d be a very happy person. Well, I hope folks are convinced enough to go learn more.

Peter Absolutely, you and me both.

Cristinato try out DuckDuckGo. Peter, it was lovely chatting with you. Thank you so much for your time today.

Peter Lovely chatting with you and hopefully we didn’t scare too many people right before Halloween with this Hanwan world of trackers.

CristinaExactly. Well, thanks to everyone who took the time to listen to our conversation. We have many more episodes planned on a wide variety of topics, so stay tuned for more. See you later!

Peter Thank you.

In this episode, Gabriel (Founder) and Greg (Product, Search) discuss how we’re giving users even more ways to customize their search experience with site exclusions — an easy way to remove certain websites from appearing in search results.

Disclaimers: (1) The audio, video (above), and transcript (below) are unedited and may contain minor inaccuracies or transcription errors. (2) This website is operated by Substack. This is their privacy policy.

Gabriel:Hello again, welcome to DuckTales, our inside DuckDuckGo podcast video thing. I don’t know what you call us exactly. Today I have Greg with us. Greg, you want to introduce yourself?

Greg:Hello, ⁓ I’m Greg Fiorentino. ⁓ I ⁓ work on the product team here at DuckDuckGo. I’ve been here almost seven years, which is wild, time flies, ⁓ but yeah.

Gabriel:That is a long time. And you’re underselling yourself a little bit. Yes, you’re on product team, but for the last while and for the future, you’re running our search engine, correct?

Greg:Yeah, that’s right. Search retention, ⁓ I have worked across local search, the search ads, ⁓ lots of different things. ⁓

Gabriel:Sweet, and today we are talking about a relatively new search feature that we launched that people are liking. And you know what, I won’t even introduce it. I’ll leave you to share your screen and let’s walk through it.

Greg:Sure. So ⁓ we now ⁓ have the ability to, ⁓ for users to exclude ⁓ individual domains ⁓ from their search results. So I’ll kind of show real quick what this looks like. Let’s say I’m doing a, I’m writing some code and I want to do a technical search. I want to figure out how to do an array of strings in TypeScript.

Gabriel:Those who don’t know TypeScript is a programming language. Yes, right. JavaScript-ish.

Greg:Programming language, yeah, yeah, yeah. Super set of JavaScript. So let’s say I want to know how to do this and I get a bunch of search results and I see some here. And some of these are sites I know and like, and maybe some of them I want to exclude. I don’t want to throw too much shade, but let me just pick one and kind of go. So let’s say I don’t want to get results from W3 schools.

Gabriel:I’ve seen so many comments about people wanting to get rid of W3Skulls, not to throw shade. I’ve used W3Skulls before and I don’t find it that bad, but there’s a lot of people who seem to not like it who would probably want to remove it, so.

Greg:Yeah I’ve used it too. Yeah. Yeah, and I would say, mean, this feature, I think, is particularly good for use cases like this, where there’s a site that maybe comes up a lot, and for whatever reason, a user has kind of a disposition that they just don’t want to see that site. We have other ways to accomplish this. ⁓ You can just put minus site and then the domain in your query.

Gabriel:So you could do that for a long time, right? This minus sign thing. But this menu, which people don’t even maybe realize exists a lot of people, is relatively new, like maybe a year ago or something like that.

Greg:Yeah, we added this menu a little over a year ago to all organics, and organics being these text results. And at first, And in fact, I can just show if I click this redo search without this site, you’ll see it adds that syntax right to the query ⁓ and excludes it from the results. ⁓ So we’ve had that since we first launched this menu about a year ago. ⁓ And it works pretty well. We got some good feedback about that when we first launched it. ⁓ We also added that menu to give us the ability to have users flag specific results ⁓ for a variety of reasons. So users can tell us about individual results that they don’t like if they click Share Feedback about this site. ⁓ But the new feature is that you can now choose to block this site from all results. So you don’t have to add that syntax to the query every time you want to remove it. So if I do that, you get this little message saying that it’s been blocked successfully. And I’m not sure if my screen is showing it, but you get a message at the top that tells you that you have one result hidden from a site that you’ve blocked. And you can also go into your settings and you can see the sites that you’ve blocked and manage them.

Gabriel:Sweet and reception so far. don’t think, cause I think it was new. I don’t think we’ve done a lot of announcements of this yet. ⁓ by the curious, like, is it starting to get usage? Like that kind of thing.

Greg:Yeah, we’re seeing a relatively ⁓ growing number of searches per day that use this block in some form. The vast majority are only blocking a single site. ⁓ We’ve talked about it little bit in a couple of places ⁓ on social and also just have users write in through our usual feedback channels to tell us about it. ⁓ You know, I think the theme here is that... We just are giving users more choice ⁓ in how their search results work. They can ⁓ do some level of customization to their own needs. ⁓ And so this is kind of another feature that helps to accomplish that. And I think that’s generally appreciated. There are some limitations also to this that we’ve heard about too, and we’re thinking about how to make it even better. But yes, growing usage and some positive results. reaction so far.

Gabriel:Sweet, yeah, I agree. We’ve been doing customization for a long time. mean, like this, the settings screen you’re just showing shows how many settings we actually support in terms of customization, which is a lot. And it reminds me of the AI filter that we also recently launched to remove ⁓ some AI image search results. ⁓ This, like you said, it’s a little different because it’s more like... specific domains that are coming up a lot that you really don’t like. ⁓ But yeah, I’m curious, like, given the feedback so far, and I remember now seeing several subreddit people finding it and posting positive things about it, subreddit posts. But yeah, like, where are we thinking of taking this in the future? Or like, are there other features, kind of like the AI one that kind of merges or circles around this same idea of like removing things?

Greg:Yeah, there are a couple of things. mean, you know, as a starting point, we had a limitation of five domains, up to five domains that users could do. You know, part of that was based on this hypothesis that most users really would only want to block one or two, which I think is what we’re seeing. We have had people ask us for more. We’re exploring how we would do that. You know, these things are always...

Gabriel:In pause of that, partly a couple follow-up questions. One is, it’s client-side now, right? Like, you’re, you block the domains, you’re actually getting the results back, but then your client is removing them based on your settings.

Greg:That’s correct, yeah, the result is there, it’s just not shown.

Gabriel:Got it. And the second thing is like, I think we were also talking about like, if you remove too many, that’s probably the way I put the message up. Like you may actually want them sometimes when they’re really relevant. And then if you remove tons of domains and then you remove actually good stuff sometimes, then you’re going to think our search results are terrible because you actually removed stuff that was important that one time.

Greg:That’s right. One of the things we tested when we built this was how often do we see just a page of all the same domain, such that if a user removed that domain, they would get a no results page and think that the search engine was broken. ⁓

Gabriel:You’re like, no results that time, yeah.

Greg:It’s not zero, right? If I, for example, typed in, you know, I wanna see something on W3 schools from that example from a minute ago and got all results from there, it would just be an empty page. So we wanna be able to say, hey, you’ve made some customization here that’s hiding some results from you and you have the option then to see them.

Gabriel:But nevertheless, we’re, I we set five initially, but we’re thinking about increasing it at least a little bit.

Greg:That’s right. They’re also, ⁓ right now they only apply to those organic texts. link results. We’re looking at expanding that to other kinds of content on the page that it should also apply to. ⁓ And there’s potentially overlap with the AI image feature that you talked about. ⁓ Certainly, there’s some use cases around ⁓ news or videos or other kinds of content that users might want to have a little bit more customization around.

Gabriel:And it’s also, I it’s also possible that, you know, similar to the AI image list, we could use a kind of organic AI list to have a different feature, but a similar kind of toggle to like remove AI organics or something like that.

Greg:Yeah, that’s definitely something we’re looking at too. I mean, it’s a similar kind of ⁓ challenge and part of the challenge there is just that there are so many new sites kind of popping up every day. ⁓ And so this feature is less geared around that. I would put that in more of the sort of... ⁓ spam category, results that are ⁓ things that maybe very, very rarely get clicked ⁓ on, very fresh, ⁓ but not a ton of original content. ⁓ There are potentially other things that we wanna add on top of this feature to kind of supplement that and help users not have so many of those showing up in their results too.

Gabriel:I guess related to that, I you showed the menu where we have, and you could submit feedback. think we’ve also, I mean, you could submit feedback there that it’s a spam site. I think we might’ve also recently added, you could submit that it’s an AI spam site, but we actually use that information. And to the extent that we ultimately make a feature that might toggle off some of that, like we would use that feedback. So if you’re out there and you wanna submit us feedback, that’s a good way to do it for like sites that you’re finding you don’t. are completely not relevant,

Greg:Yeah, that’s exactly right. Maybe I’ll just show that real quick because...

Gabriel:Yeah, that’s good. I mean, we want more feedback on this particular variety.

Greg:We do. mean, the more feedback we get about it, the better. ⁓ So say I come in here and go share feedback about this site. ⁓ You can select that a site ⁓ is AI generated. You can sort of tell us anything you might want to tell us about that, or you can just send that and it will flag it for us to review. we obviously, we get a bunch of these every day now. ⁓ We only added this AI generated option a couple of weeks ago even, we’ve had the spam option, which we’ve used ⁓ for a while. ⁓ But we’re sort of looking at these, ⁓ we’re investing in other ways to help us kind of verify that something is in fact AI generated. ⁓ And it’s a pretty new ⁓ space and I think we’re sort of learning what works well for that. again, if you’re out there and you want to tell us about these, ⁓ we are kind of building up our capabilities around this and making use of that feedback directly.

Gabriel:Sweet. Great. Anything I missed about this feature or you didn’t tell us that you want to share?

Greg:⁓ I think that just kind of on the topic of choice and customization, we put a decent amount of thought into ⁓ how we make it clear to users that ⁓ this feature is in effect, that you’ve blocked a site, ⁓ how you kind of manage the list of blocked sites once you... ⁓ you know, once you’ve done that. I think, you know, we’d love to hear other feedback about how well that’s working, how clear that is. ⁓ You know, we kind of build these things and put them out there. We test them a lot. But, you know, as we add more functionality to this, you know, we’re always looking for... ⁓ for feedback about how well it works and ways to make it better. So, you know, that’s one particular piece that to me was really important when we built it was, you know, we don’t want to create a feature kind of thinking it’s useful and then, you know, make something that is... inadvertently creating confusion or making it harder for users to find what they’re looking for. So that’s something we’re kind of on the lookout for as we try to improve it.

Gabriel:That’s great. It reminds me of one last thing, which I think we should just basically have a future episode about. just to tease out, I’m sure we’re going to get this point of feedback in the next, this is prediction, in the next month from our subreddit. I set these sites that I don’t want to see, and then I cleared all my settings, and now I have to redo them. ⁓ Unfortunately, outside of our browser, we don’t really have a lot of control with that because settings... We don’t have accounts and settings are getting stored in browser storage. And if you clear all the browser storage for an up to go, then this goes away. However, we are working on ⁓ syncing your search settings to your browser settings. So if you’re using our browser, ⁓ we won’t lose your search settings. And that is a thing that people have been asking for for literally a decade. And so I’m very excited about working on it. Not that we’re done with it yet, but like ⁓ maybe when we first... have that working, could come back and do another episode with somebody.

Greg:Yeah, I think it would be great to showcase that. we’ve tried a number of ⁓ technical solutions to try to reduce the ⁓ accidental clearing of settings. ⁓ And yeah, we have less control outside of our browsers. But even there, think we’ve made some strides. ⁓ Within our browsers, there’s a lot more we can do ⁓ and then ways to allow users to sync. ⁓ So we could definitely showcase that.

Gabriel:Cool. Well, thank you, Greg, for coming on to DuckTales and thank you everybody for listening. And until next time.

Greg:Thanks, Gabriel.

In this episode, Gabriel (founder) and Beah (VP, Product) discuss functional and non-functional product delight, how we’ve created 350+ versions of our mascot (and counting), and why AI is so bad at adding mustaches to Ducks.

Disclaimers: (1) The audio, video (above), and transcript (below) are unedited and may contain minor inaccuracies or transcription errors. (2) This website is operated by Substack. This is their privacy policy.

GabrielHello again, welcome to Duck Tales. ⁓ I think this is gonna be episode four. Hopefully it’s getting better. Today I am not interviewing Beah. Beah’s actually gonna interview me about a feature that’s fun that I think you’ll enjoy. But Beah, you wanna introduce yourself?

BeahSure. I’m Beah. I’m on the product team here at DuckDuckGo. Been here about six years. So seen a lot of things that have happened in recent DuckDuckGo product history. I, Delight is a favorite topic, a theme of mine. So I’m glad to be doing this conversation.

GabrielYes, indeed. Yes, speaking of the light, my favorite dog is behind you. Because I don’t have a dog. Well, I don’t have a dog, and it’s the dog I interact with most. Friday.

BeahHe’s your favorite. Certainly the one that attacks you the most, playfully attacks you the most. Yeah. Yes, that’s that’s Friday, everyone. He is usually not so low energy as he looks right now.

GabrielThat’s true. Yeah. The bar might be low. But yes, so I forgot to say DuckTales is obviously inside DuckDuckGo, behind the scenes kind of information about things we’re doing and how the company works and features we’re building and all that kind of stuff. ⁓ And as you noted, we have a delightful feature ⁓ that we’d like to talk about today. But I worked on it, it was actually part of Hack Days. We had a previous episode, it was also a feature came out of Hack Days. But yeah, shoot some questions at me and I will respond.

BeahSure. Tell us the origin, Gabriel. How did you come to decide to work on this?

GabrielYes, so what are we talking about? First of all, if you ⁓ search some special words, often characters like Spider-Man, Batman kind of thing, ⁓ the logo, our logo, Dax the Duck for those people don’t know, will change and he will be costumed ⁓ in that character ⁓ in the little logo on the search engine. We actually did this a long time ago. So we used to do like our version of Google doodles or whatever on the homepage. Maybe like literally 15 years ago at this point, ⁓ up until maybe 2012 ish. ⁓ We stopped doing it because it was hard to do. It took a lot of time to make the, make the especially logos. It also confused a lot of people because we put it up in like kind of random situations, like someone may have died or hollowed something and people who didn’t know about that person or holiday were just like what what what is going on with this but a lot of people really liked it and especially liked just the idea and the fun I would call delight as we’re gonna get to the the changing logo and that just the funness of dressing up a character ⁓ and I also am in that category so I’ve been wanting to bring this back for like 10 years but had no great way to do it

⁓ And then enter, enter AI. I thought that AI could be useful ⁓ making these specialty logos in some way. ⁓ When I first tried it, it was not, and I tried different versions of image models. But then finally I was hack days a few months ago, got it to work. ⁓ And so now we’ve been making them.

BeahOkay. Okay.

GabrielOne of suggestions of the community and team members and putting them up as Easter eggs. Yeah.

BeahDo you want to just say what hack days is for anybody who doesn’t know.

GabrielYeah, so Hack Days is every quarter, anyone who wants to participate in the company, and we’re about 300 people at this point, maybe 350 or something, can get together and create work on anything they want, really. It often is like features, ideas, and maybe designer, engineer, new, don’t have to be a product person, but they don’t have to be engineering a product, they can just join and collaborate, come up with something exciting. It could be like little things like fixing bugs or things in our product, but often like things people are really excited about like this for me. I actually tried it in two different ways. I wanted to do this idea, but I also wanted to get back into programming and try out all the AI programming tools. So in doing this, I actually used AI for the first time, like end to end to like write the code.

BeahOkay. Okay. ⁓what AI tools do you use?

GabrielI used Curser to kind of manage the creation of the tool. And then I used ⁓ the ChatGPT Create Image API to really be the generation of this. I can share my screen a little bit and we can look at

BeahYeah, show us some.

GabrielYeah, let me do that. Sharing screen, window. Okay. Let me actually. this way. Okay, can you see this? Sweet. Okay, so ⁓ this is one of my favorites. So if you search the dude, which is a character from The Big Lebowski, I move this so I can see you still. ⁓ And you put your mouse over, you can see Dax is now decked out in the sweater and sunglasses. And I put this in a new tab so you can see it ⁓ zoomed in a bit. ⁓

BeahOkay. Okay.

GabrielSo this is kind of the idea. A few of my other favorite ones so you can get the ideas. If you search Hydra, ⁓ you get this,

Gabrielyou know, and multi-dex, if you will. Moona Nights, for those who don’t know, that’s an Aqua Teen Hunger Force character. ⁓

BeahJust for the record. I did not know that.

GabrielAre you serious you know or you didn’t know it? Okay, you might have noticed there’s a big Moon poster in our office. You walk through it because we go there sometimes. And the final one I throw up is the white rabbit from Alice in Wonderland. I just like the idea that Dax is a duck, but you can also make this work with like a mixture of animals, which is fun. Yeah, okay. So a couple of things I want to point out.

BeahHmm. Yeah. did you decide how to like, how did you figure out who to do this for, what characters to do this for?

GabrielYes, best part about this is, I didn’t for the most part. I put this up and we came up with some guidelines internally, like we’re not doing alive people, that kind of thing, mainly characters. And I just asked ⁓ for suggestions internally. Once I had like initial set, I posted it and I’ve been getting internal suggestions from the get-go. So at this point, I just go ⁓ every few weeks.

And there’s magically more suggestions from our team members in there. And I haven’t heard of, would say, 60 % of them. And I will just kind of make them happen. The tool that does that, just to show you this a little bit, which is kind of fun, is, so this is an internal tool. I did this for suggestions that are real suggestions right now. So this is like internal stuff. These might come. I have no idea what Podman is, by the way. I just said this this morning.

GabrielI literally just gave it the word Athena and it based on this big image prompt that I can show you in a minute and it’ll generate 10 probe and I suggest variations and then we’ll pick one that seems like it matches the best. Often times, sometimes about 50 % of the time it’s pretty good off the get go like this. And then another 50 % of the time. It doesn’t know what to do. Like this is, there’s mustaches all over the place. We talk about that. I don’t know what pod man is exactly, but I’m assuming none of this is great for it. So what I’m to have to do for this one is figure out what pod man is and then give it a little more instruction. And this is another one that I think is kind of working for the most part. ⁓ Wednesday Adams, although it looks a little angry. So like we want to keep it friendly. So I probably will give a little suggestion about that.

Beah⁓ You want to talk about the mustache problem?

GabrielYeah, so you pointed this out after we had about 100 that like AI is really bad at placing mustaches on decks. It like, you can see in the array of these, they don’t even ask for a mustache on this one. But like this one’s like on the beak. This one’s in the beak, I guess he’s eating it.

BeahYeah. Yes, those are my favorite when they’re eating their own mustache. My theory for tell me how outlandish this is, my theory is that the internet doesn’t have a lot of pictures of ducks with mustaches and thus the training material is inadequate. Although I think with this initiative, probably improving on that.

GabrielI’ve been trying to just avoid it at this point. I think it’s a good theory. I have definitely tried, I tried for like a couple of days to like get better mustache instructions and it did not work. A couple of things I wanted to highlight. So what’s actually been most fun about this now is that, because the intention was to delight people from Easter eggs. The community, especially on our subreddit, very excited about this. So much so, especially this one.

BeahHahaha.

Gabrielcommunity member, actually I don’t know how to pronounce it so I might get this wrong. think they might be French, Sean Mack, apologies if I did that wrong, actually has made a categorizing all the ones that they found ⁓ and also taking suggestions which is gonna be helpful for us. But what’s been fun is they’ve been trying to find them. We haven’t told them which ones exist. So there is infinite theoretical possibilities here. We haven’t even really told them how many there are, I think we should reveal it on this podcast. We have our own internal logo file, this one, so I’m not gonna show them all of them, but there might be one on this page that they haven’t seen. But at the bottom, I have my own count here. There’s 364 currently. And their count,

BeahThe big reveal.

Gabrielyes, their count is 322.

So that is 44 that they need to or that are out there to find.

BeahBut by next week the number might be larger. Is that right?

GabrielYes, it probably will be larger, if that is correct. And then the one last thing I wanted to show you, which you might find interesting, let me, it’s a different screen. Let’s see here. This is actual code, but I’m not actually gonna go crazy with the code. I just wanted to show, because I think it might be interesting, how this works, the prompt.

BeahOkay. ⁓

GabrielIt was a lot of iteration to actually get it to work. And this is the current prompt, which changes a little bit, but it basically takes our logo and it takes in at the end. I’m gonna make this a little bigger. Do the whole thing. It plugs in the theme that

you give it at the end and any additional guidance. But this whole part here is just instructions of getting it to modify our current logo in a way that tries to keep the beak structure intact, like the parts of the logo intact that are important, but add things to the theme. And we don’t need to walk through this or anything, but this is kind an example of what a of evolved deep AI prompt looks like that is doing this thing.

BeahOkay. Okay. Nice. Okay.

GabrielCool. All right. I’m gonna stop sharing. So I know we were also going to talk a little bit about Delight because this feature is intended to Delight, but at a higher level, we as a company have a focus on Delight this year, probably next year. We always wanted Delight users, but we have a particular focus on trying to build and Delight into our product. I know you’ve been thinking a lot about that.

This is a good example of it, but generally any thoughts you can give us on delight.

BeahYeah, I mean, first, like, maybe it’s worth just defining what I think delight means, what product delight is. It’s not a very fancy definition. I just think it’s ⁓ product experiences that make people feel good. So you can have product experiences that work in the sense of they accomplish some goal or meet some, you know, acceptance criteria, but they don’t make people feel good.

Maybe they make people feel grumpy or frustrated or sad, or maybe just they don’t make people feel anything. ⁓ And that’s fine sometimes, but it’s nice to feel good. We’re all, humans and not robots. And ⁓ it is good to use products and interact with the world in a way that is, that makes you feel things and feels delight and joy. And so we want that. ⁓ And I think it is, it’s, it’s a, ⁓tricky in lots of ways. One is that different people feel good about different things. And so that’s been an interesting.

⁓ challenge is trying to figure out like what are the forms of delight that we think are going to meet our users where they’re at given we have an extremely diverse user base and we value that and value the differences in that user base. But I think we’ve had some good successes. can give a few examples of places where we have delight in our product. ⁓ An old... Yeah.

GabrielYeah, please. We have question for you. Do you think, I I think Delight’s wider than, I mean, the Easter egg kind of stuff is Delight. It’s like things that you find that are...

I also think of delight, I think you think of the same way, but let me know if not. It could be a really just good polished regular workflow. ⁓ You’d have to notice it, and you get to notice it, you’re saying, to feel delightful, but it could be more just a regular product thing, not like this like special thing, you know?

BeahYeah. Yeah. I think so. I mean, think in fact, the best forms of delight actually make the product work better for you than it would if you did it in a non-delightful way. So like when you can like find the intersection of, you know, the product actually delivering on its promise and doing so in a like somewhat surprising delightful way that makes you feel something, I think that’s like, that’s the top of the pyramid of good delight.

GabrielLike this app just like accomplished what I wanted to accomplish and it did it amazingly.

BeahYeah, yeah, yeah. I think sometimes that can just come in the form of really nice touches and polish. I think sometimes, I think there’s just a whole spectrum of how you can do that. An example maybe that’s not super obvious in this respect, the way that you clear data in the DuckDuckGo browser is with the fire button. And so there we’re using an analogy and something from the natural world.

to do something that you can do in other browsers. ⁓ But we’re also bringing it forward so that it’s just always there in one tap away. We gave it a personality. And I think that’s delightful. And I think it’s delightful in a way that does actually enhance the functionality. Like I said, it’s just you don’t have to go through menus and choose a lot of things. You can just hit a button and get the effect you want.

And yeah, I mean, there’s something satisfying about like something being burned up, you know? And so in as much as it actually like lets people delete their data when they want to, like it makes that actually work better for them. It makes it more accessible to them. I think that is probably merging functionality and delight.

GabrielYeah. Yeah, it’s a great example. Yeah, not only have we made it front and center, which makes it really easy to do, which I think people just like, because I hear that feedback all the time, but we also, it has a visual flair. Like we added a visual element to it. Like when you hit the fire button, you see, like you said, literally burning up your tabs, which I think is like it ends. It ends in a, has a good ending, has a climactic ending. Are there any others you want to point out?

BeahYeah. Yeah. Yeah, maybe two at totally different ends of the spectrum. One is, this probably doesn’t help with the functionality, it’s just purely cute in my opinion and I like it and I suspect many people haven’t realized this, but the shield that we have in the URL bar in our browsers and elsewhere at DuckDuckGo is actually in the shape of a duck foot. ⁓ I’ve always really appreciated that.

GabrielYeah, do too. Yeah, I don’t think many people notice, but yeah, I agree. If you do notice, really is kind of an Easter egg. Yeah, exactly. You cannot see it. Perfect.

BeahYeah, you can’t unsee it. Um, and then another one at the opposite end of the spectrum, think, is, uh, cookie pop-up blocking. So like, this one’s weird because it’s, we’re taking something that you see all the time on the internet that’s kind of annoying and not helpful and we’re removing it. And so it’s a little tricky to do that delightfully because like, how do you make something delightful that people, when you’re actually like removing, you know,

a cognitive experience from how people are using your product. One of the ways, I mean, I do think to some extent, like if you’ve been in a different browser and you’re visiting a lot of sites with cookie pop-ups and you’re just like tired of it, I think just, you know, spending a day in our browser and not having that experience is probably delightful to some. But we also did add like a little animation in the URL bar that just kind of shows you that we blocked a cookie pop-up that...

I think is like a nice reminder that we remove some friction without putting friction back in front of you and interrupting you because it’s just like in the URL bar while you can still interact with the page and so forth.

Gabrielgood example. Yeah I’ve always found it tricky because yeah you know you really need to know that we did it to be delightful fully but you don’t want to interrupt people to let you know that you did it because that’s another pop-up. ⁓ Yeah interesting. So one that I would like us to do eventually which I keep pulling forward with another hack days is like various people have made games ⁓ that we could somehow

BeahYeah, exactly.

Gabrielput in the browser, especially in the 404 situation. ⁓ Flappy Bird ⁓ is the one that I’ve seen the most from Hackdays, and I would love to get that in, but maybe somebody will do that at some point. ⁓ Any closing thoughts?

BeahClosing thought, yes, I have one, is that in trying to navigate what kind of delight do we want to create, what is actually going to be delightful to ⁓ the majority of our users, one heuristic that we’ve used internally that I really like is looking for things at the intersection of delight and trust. ⁓

DuckDuckGo’s vision is to raise the standard of trust online, and I think trust is one of our greatest assets as a company. ⁓ And so I think in the space of delight, you could maybe err by finding things that are funny to some people or amusing to some people or charming to some people, but they’re actually annoying or self-promotional. And those things would not build trust. ⁓ Doing things that are respectful of the user, that are

authentically us that are approachable, that increase transparency. I think those are, tend to be things that build trust and are delightful. And so that is the filter that I’ve been trying to put on ⁓ thinking about how we design things. And I think the team has as well.

GabrielSo you put the shield and cookie pop-up management in that that bucket.

BeahI think so. I don’t know if having a duck foot ⁓ shield builds trust. I mean, maybe in as much as it tells you a little bit about just like who we are and in that way.

GabrielYeah, guess it’s not really protection. It’d more like the animation we have around the shield where it’s showing you what trackers we’re blocking, that kind of thing. Yeah.

BeahYeah, yeah,I think so. ⁓ I think so. think like the another example that maybe is like, we encourage feedback from users and we try to create like open lines of communications with users and we try to make it really easy to report when something is wrong and we try to like, and we actually read those reports and we act on them and we like, change the product and we try to be responsive on, you know, Reddit, for instance. ⁓which is a place where we can actually respond to people on like if somebody just sends us feedback through ⁓ search. I don’t know, that’s I think another example of building trust and that we’re actually like humans behind this thing that care and like want to know if something’s going wrong. ⁓ If there’s things that we’ve launched that we are excited about, but we know might disrupt people in some way and we’ve tried to proactively message those and make it really easy to get feedback. ⁓

So that’s one of my favorite examples to a product manager of me, suppose.

GabrielNo, I think that’s great. Okay, cool. Well, let’s wrap. I suspect you’re gonna be back a lot being a host for other things. So I guess a recurring character on DuckTales. So thank you, Beah, and we’ll see. You’re alive, so no live people. Making me make an exception. But yes, till next time, thank you for tuning in. See you later, everybody.

BeahHahaha.

Maybe I can get a DAX. ⁓

In this episode, Gabriel (Founder & CEO) speaks with Nirzar (Duck.ai lead) about how we’re making AI more useful by letting users choose the tone and length of AI responses.

Disclaimers: (1) The audio, video (above), and transcript (below) are unedited and may contain minor inaccuracies or transcription errors. (2) This website is operated by Substack. This is their privacy policy.

Gabriel Hello again, welcome to Duck Tales, where we go behind the scenes at DuckDuckGo and talk about things going on inside the company and features for building, cetera, et We’re gonna talk AI again. Today I have Nirzar with me. Nirzar, you wanna introduce yourself?

NirzarYeah, sure. the designer for Duck.ai. I kind of lead the product. And yeah, we’ve been working together. Yeah, mean, yeah, it’s actually been super nice to have like that product here. And yeah, I’ve been kind of working on Duck.ai for last two years. Actually, we started like doing the MVP together, Gabe, you and I, we were kind of playing around.

Gabriel You’re more than a designer. You’re more than a designer at this point.Yes, indeed. So Duck.ai is our chat equivalent, AI chat equivalent. ⁓ It’s private chat. You can access popular models from within it. What are the model providers we have now? Here’s our.

Nirzar Right now we are offering GPT4 Mini which is our default. We also started offering GPT5 Mini which is the newest model from OpenAI. Actually a lot of people are using it a lot more than we expected. But we also like focusing on open source models obviously. So the OpenAI is open source model, Llama and Mistral as well and Cloud Antropiq. So yeah, it kind of fits into our idea about just giving a lot of choice to the users, yeah.

Gabriel Model choice, all the major providers. Yeah, okay. So my quick spiel on our AI approach that I gave last time, but for anyone new. Approach to AI, private, useful, optional, private. In this case, know, it applies to all our AI features, but in this case, you know, we anonymize chats. We don’t train on data. We have bunch of other privacy features in there. Do you want to hit on a couple?

Nirzar Hmm.Yeah mainly I think the storing the chats on your local devices, I think a big one. Yeah. Yeah. And I think the like the biggest sort of thing that we’ve been pursuing is also having like retention of chats and like not having any retention in most cases, which is actually like most industry standard. ⁓

Gabriel Yes, if you have recent chats, they’re gonna be stored on your local device, not on DuckDuckGo servers.

Nirzar And we’re also looking into some private inference stuff, but we’ll get to that later.

Gabriel Great, mainly anonymous and not training. Useful, we’re gonna get to that in a second, because we’re gonna talk about customization, which I think is a super useful feature that we added recently. And then optional, just a couple words on that. ⁓ All our AI features are optional, including Duck.ai. I mean, obviously you can choose not to use it if you don’t wanna use it in general. In our integrations into our search engine and browser, we have settings that will turn it off.

Gabriel So there’s no integration of the search engine if you don’t want it. No integration of the browser if you don’t want the entry points. Although we do think you should check it out because we do think it’s useful in private. ⁓ But we understand people who don’t want to do that for various reasons.

Nirzar Yep. If you’re gonna use it somewhere else, it’s better to use it here if you care about privacy.

Gabriel That’s a good way to put it. Yeah. Okay. So back to useful customization. We’re here today to talk about feature that we’ve been working on. You want to introduce it, maybe share screen.

Nirzar Yeah, I can go through it. Yeah, no, I just like remember where it came from when you asked me to talk about it and I remember you were kind of annoyed at like use of emoji and responses and also like how big the responses are. I sometimes like it but I gotta get that and I think what you mentioned was like if like I don’t like it, I’m pretty sure a bunch of people don’t like it as well. So we kind of talked about like, hey.

Gabriel Yes, I’m very Gen X and I don’t like emojis. ⁓Yes.

Nirzar Like I think what kind of we concluded was just the idea that like there is not like a single personality that we can land on that will like kind of suit everyone. And we always try to give choice to users. ⁓ So I think this kind of fits into the choice and control obviously. And this kind of fits into that ⁓ category. Let me just give you a demo quickly of how it works.

Gabriel Yeah, while you’re doing that,

where I was coming from with that too, was like chatting, this whole feature of chatting is very obviously conversational. like you’re talking to somebody, know, that we’re personifying the AI in this case. I mean, there are people you like to talk to and there are people you don’t like to talk to, there are people you like their texts and there are people you don’t like their texts. Here you can control that. And that would be the idea is to give users control about like what kind of responses. If you’re going to be chatting with this thing a lot.

NirzarYeah.

Yeah

Gabriel Like, what do you want it to sound like, you know? I think that’s kind of the idea for me. And not everybody would choose the same thing.

Nirzar Yeah, it’s very personal. think this personality thing is very kind of difficult to nail down on anything. In those cases, it’s just better to sort of give that ⁓ to each user. They can decide what they want. So I’ll just show one quick thing. By the way, I think a lot of this was like, it’s reusing a lot of these tools. like ChatGPT also has something similar, but I think what you and like what we wanted to do is just like putting it like friend and center. So basically like this is a very small example. Don’t take greetings to chatbots are any popular anymore, but let’s say you are, no?

Gabriel I’m not seeing it yet, Nirzar. I got a black screen, so, nah, weird. Try to reshare. It worked before. We tested this. Try it one more time. it doesn’t work, I’ll try mine. there you go. Yeah, it works now. Go for it.

Nirzar Yeah, we tried that. I would be surprised. All right, perfect. ⁓ Yeah, so we also wanted to like kind of put it front and center. And this is one example of just like saying.

Gabriel I think that’s super important because it’s like it’s a front and center thing. you’re going to, this is a very important thing to change the personality. So it’s not hidden behind settings. That’s a big design departure.

NirzarYeah, yeah, yeah, I don’t think like anybody else had this like this prominent and it kind of like incentives to use it as well. Try it out, see how it works. If you don’t like it, that’s fine. ⁓ So yeah, I think the personality thing that we were talking about was just like, like the tonality, like use of emojis, for example, but like, as you can see, this is like a base model. It’s like Claud, Sonnet 4 and if you ask it,

How’s it going? It’s like, it’s nice to connect with you. How are things on your end? This is like not a very good way to like, these words just like make me a little bit irk. But yeah, like I mean, this is like if you just customize it and this is what we came up with to begin with, which is like just the idea of like customizing the tone or like how long the response should be or like naming is also pretty good.

Nirzar Like if I just ask it to call me by name. By the way, all of this is kind of stored on your local device to protect your privacy again.

Gabriel Yeah, actually, one thing we didn’t say is you don’t even need an account to use Duck.ai. You can just show up at Duck.ai and start doing this without anything. And you can use pseudonyms too, you know.

Nirzaryeah. Actually, you know what?

Yeah, but you know what like when we didn’t think about it when we like made Duck.ai without logins But like when we released it like the biggest positive thing was like people were like, I don’t have to sign up It’s like a huge deal apparently but like I don’t think we thought about it that much but it’s really good I think that that’s why it worked really well. Anyway, sorry coming back to this I digress ⁓

Gabriel That’s what we would call a strategy credit for being a privacy company since we don’t have accounts. We didn’t even have an ability to log in.

Nirzar Hahaha Sorry, we..Sorry, I meant we thoroughly thought about it and it was a great decision. ⁓ Okay, so I’m gonna ask it to call me by my new real name and I’m gonna say my tone, I want it to be like a little bit more playful, as I said connect with you. This is pretty simple. If I apply it, it’s going to store it on your thing. there is a much great I like it. ⁓ Anyways, but instantly just like such like just a very different response to the same model. And this is what we mean by like, like even a little bit of instructions can like make the most out of it. ⁓ This just made me like want to talk to it. I don’t know. Just calling it by your name or your nickname.

GabrielAnd we, and like you mainly, but you like built in these options, right? Like you, like the ones that you suggested there.

Nirzar Yeah. Yeah, so I think we worked a lot on these. I really like the ducky one that you wrote, these instructions which are pretty cool. Kind of pretends to be a duck, which is fun. And actually I use it a lot in like work stuff, because it kind of adds a little bit of these like...

Gabriel Yeah.It was more like a throwaway idea, but yeah.

Nirzar⁓ But yeah, just battling around digital port. It’s kind of stupid, but I like it. But yeah, I think we worked on this. The thing that we worked on the most was like this AI roles. ⁓ I think like it was actually kind of fun to write a bunch of these.

I particularly like Chef one, cause I cook a lot and I think I used all my cooking knowledge to kind of inform to like all write all the instructions for Chef, like with the templates and stuff. like if you ask for a recipe, it’s gonna like give you a very specific template. The other thing I really like here is the instructions part. And this is kind of like goes to transparency thing. ⁓ We show like whatever we tell to. what instructions we provide to Duck.ai. All of this is transparent. You can see exactly what instructions are getting passed onto the model, which is kind of nice. But yeah, I think it seems very simple on the front, but there’s a lot of complexity behind it running in the background. And I think that was kind of the goal for designers as well, to make it super simple and doing all this work in the background.

Gabriel Sweet. All right, you can stop sharing your screen if you want. Let’s drill down to a couple things though there. So we were talking about the tone and response, which I think is critical if you’re gonna talk to something all day and like it. But then the AI roles that you mentioned briefly, like the chef, that is kind of a separate thing. Because now we’re saying, hey, independent of how you wanna talk to me, could you act like a teacher or a chef or a weightlifting assistant or we have like 20 of them or something. And as I understand it, like, you you especially with the team went and, you know, found some good instructions to help the AI become that role. And if you actually want to do that kind of thing and jump into that role, it’s just like, you get a lot better response.

Nirzar Yeah. Yeah. Yeah.

You get a lot more. I mean, we did a lot of testing on like how much it differs and how good it is at following the instructions. ⁓ I think one thing that I would say is I think the hardest part was to like make, because we offer so many models, like it’s so difficult. Like if you ask the same instruction to Mistral versus to Claude, it’s like Mistral won’t do something certain times and Claude will do it. And then you just have to like figure out how to like do the prompt engineering.

So that was kind of challenging, but I think we got, I don’t know, we got like pretty good set of instruction that are like very, like we’re trying to get to like more predictable sort of responses where we can, you know, assume it’s gonna follow these instructions.

GabrielGot it. And then you also showed, I think I wanted to highlight is the system prompt. the, you, using an industry term here, but the, user prompt is what you’re typing in. The system prompt is what we’re talking about changing here, which is like the instructions that were given to the AI that apply to all the responses. But we’re actually showing you what the system prompt looks like in terms of these changes, how it applies. And you could, there was another box there. You can.

Gabriel You can change, you can add your own to, the end of it. So like if you, to your point, if you’re switching models and there’s something about the model you like or you don’t like, that particular model, you could add to it.

Nirzar Yep. Yeah, I mean, it’s already such a black box about like how things are working behind the screen. Like, do you want to add one more layer of like, okay, there is something else happening on top of what the model is doing. like, think giving that much at least like transparency is helpful in my opinion. Like, you just don’t know what’s happening behind the screens.

Gabriel Agreed. Okay, so what is next? What are we working on next with this, if we can say?

Nirzar Yeah, so I’ve been kind of noticing how I’m using it. Actually, I haven’t talked about this a bit with you before this conversation, but the way I’ve been using it is like, I think I’m like trying to figure out like there are kind of two different ways I’ve been using it. One is sort of this tone and like things that I kind of generally looking for in any of the conversations I’m doing versus these like tasks.

So like I do a lot of like these repeatable things. So like an example is like I’m learning how to code better. I’m a designer, but like I’m doing that. And like, I have this like set of instruction that I always kind of append to a blog of code so it can explain what the code is doing to me as a designer. And this is like a repeatable task. So like there are some of these customizations that are like good for particular conversations. And some of the instructions are like particular for overall sort of like always on your entire Duck.ai experience. And I think we’ve got to find out like how we can like make that distinction better and make the interface better so that we can kind of support both of these like doing the task like over and over again every single time versus ⁓ something that kind of like exists in everything. ⁓ Can I share my screen? I can show you.

Gabriel Yeah, I was kind of seeing it semi blurry. So it’s like, it’s possible Adam’s going to make us record this whole thing again. But so we may just want to like talk about it briefly and then share after, but instead, but I would say that I haven’t talked to you about this yet, but I completely agree with everything you said. in fact, I was coming out from a different angle, which is

GabrielActually two different angles one is I have prompts that I want to use all the time remember repeatedly and right now I have to copy and paste them and There really seems like there should be a way to like have that bank saved, you know and then independently the roles like I find myself not using them as much as I actually want to or should because It seems like it’s mixing the what I want to be constant as my system prompt for tone and this one-off task for a role. So it does seem like I know I advocate for combining them into one interface, but we probably should split them at some point, maybe in some of this and why don’t we talk after and then we’ll maybe we’ll have another episode about it. Any, yeah, cause we’re at like, I don’t know how long we’re supposed to go, but I think we’re, we exceeded the 15 minute mark on this.

Nirzar Yeah. Hahaha ⁓ Yeah? Yeah, sure sure.Okay.

Gabriel Okay, closing thoughts, Nirzar. ⁓ What about usage response feedback? Has it been positive?

Nirzar Feedback has been good. mean, you know, a bunch of people already like were asking for it but like tech savvy people obviously like ask for it more so they’re gonna be like, can...is like I don’t like emojis and like you have to kind of figure out where that balance is so people who are asking for it obviously happy about it.

And others I think like yeah like I just pulled up some numbers. 20 % people use tone which is like the highest usage of any of the customizations. The next one is the 16 % people use the role of the chatbot and then everything else is kind of like long tail after that. But yeah overall it’s been nice like 6 to 7 % of like all the Duck.ai chats right now happening are using some sort of customization which is like again a bit higher than I expected because we kind of did this yeah we kind of did this like throw away thing to begin with to kind of see the appetite and I think a lot of people are using it so I think it’s it’s worth sort of like spending more time on this to make it better

Gabriel Yeah, it’s higher than I expected too. Yeah. Cool, okay, so I realize I didn’t construct a closing line for these episodes yet. That I’m gonna have to do. So, here’s our, yeah. Thank you for coming. Thank you everyone for listening and until next time.

Nirzar Let’s chop. Yeah.

In this episode, Gabriel (Founder & CEO) introduces our vision for AI and speaks with Rachel (front-end team) about our newly released AI image filter.

Disclaimers: (1) The audio, video (above), and transcript (below) are unedited and may contain minor inaccuracies or transcription errors. (2) This website is operated by Substack. This is their privacy policy.

Show notes: See the full post on our approach to AI — private, useful, and optional.

GabrielHello, hello everybody. Welcome to DuckTales. This is our series where we go behind the scenes at DuckDuckGo. I'm the founder of DuckDuckGo. I have Rachel here who works at our company. Hi, Rachel.

RachelHi!

GabrielSo, DuckTales is really about discussing the technology we use, the people working on it, how we're building privacy tools. We hope you'll join us. You'll hear about all aspects of DuckDuckGo essentially.

Today, we are talking about AI a bit and in particular a feature that we recently released that allows you to filter out AI generated images on our search results. Taking a step back, our approach to AI is, we wrote a whole post on this if you want to check it out, maybe we can figure out how to put things in show notes.

But three things: private, useful, and optional. So private kind of goes without saying, that's what we do at DuckDuckGo. But with AI in particular. You know, we're focused on, you know, Rachel, you know this, so just saying this for everybody else listening. We're focused on keeping it anonymous and also not training on your data. And then useful is we're really trying to make AI tools that are actually useful, not just for the sake of using them, but...so they're actually useful. So on the search engine, you know, we have answers now at the top that kind of help you figure out what you're trying to look for without having to click through a lot of results. Although you're welcome to, of course, and the sources are clearly labeled there. But the third pillar is optional. So not everybody wants to use AI. We realize that.

And so we've been approaching it by making everything optional. And so you can turn off those answers at the top of the search engine. You can turn off our chat product, Duck.ai, which brings us to the AI image filter, which is a little different type of feature because it's not something that we're doing generation of images, although we're probably going to end up doing that sometime. It's more in that optional camp, taking AI away if you really would like to. You want to explain it a little bit?

RachelYeah, so the AI Image Filter, actually let me just share my screen so I can quickly demo it as we talk about it. So the AI Image Filter is a feature you can find on our image filter bar. So up here, this is the filter here. And you can also find this feature on our user settings page. But yeah, it's literally what the name suggests.

A filter that filters out AI-generated images. At a high level, you can put in a query. And if we detect that you've enabled the feature, then our images service is going to do some basic pattern matching against a block list that we have and return the filtered results.

The list itself is actually from an open source project called Ublock Origin. And I did want to take a second to give a shout out to the project maintainer, Laylavish and the 40 plus contributors to the project. I think they started this project like a year ago and they've been doing a great job frequently updating the list. So huge props to them for helping make this feature possible.

GabrielSo great query. I have two cats. Is the filter list that we're currently using for this, is that at a domain level?

RachelDomain, like the file of the image and where that domain or where the file lives in that domain.

GabrielSo it could be, it's kind of like the general UBlock rules. It's like a reg X type of thing, but it could be at the URL pattern, whatever people want.

RachelExactly, URL pattern matching. That's exactly it.

GabrielGot it, and so it works now where if it's on that list and you select this filter, we'll just remove it client side from you.

RachelExactly.

GabrielCool. And have we looked at other lists? I mean, is that like the main list we found? Did we kind of look at other things? Are we looking at other things?

RachelYeah, this was the main list that we had found. There are definitely a handful of other lists that were maybe not as frequently updated. And so I think this one was probably the most reliable one to use.

GabrielGot it. Let's speak to why people might want to use this. It's gotten a, well, first of all, let's say that it's gotten a lot of support when we put this out. It was high on like Reddit technology. Saw all sorts of articles about it and it's being reported in our subreddit a lot of people really appreciate the feature. And kind of to think about why, you know, there's clearly value in AI generated images because you can get things that didn't exist. And so there, I think there's definitely value in seeing AI images, but then there's also value in when you want to use something in real life that it wasn't AI. You want to know that it wasn't AI generated.

RachelRight, yeah. I mean, one of the big reasons why we built it was because we were seeing a huge spike from users about not wanting to see AI. And it's understandable. So many things on the internet now are generated by AI. And it can be really mentally exhausting to have to process. Like, is this AI or is this not? I just want to find the thing that I'm looking for. Yeah, the users were really vocal about just not wanting to deal with it.

GabrielInteresting. And then, so I understand that we're, you know, certainly after the support, it's a feature we're definitely going to keep. And so now we're also trying to improve it if we can. What areas of improvement are you looking towards that we're exploring?

RachelMm-hmm. Yeah, so as soon as we launched, we got immediate feedback from users again on little things that we could do to improve the feature. I think one of the most frequently requested feature was the ability to flag images that they believe were AI generated. So I'm actually going to roll this out right after we finish recording this. So we're going to have that ability for flagging images.

I think once we start getting reports in, there's a lot of different directions we can go from there. If we get enough reports on a specific domain, we'll probably do some sort of vetting process to improve the block list itself. I think we could also potentially allow for users to create their own custom block list, sort of like how we allow users to exclude certain domains for organics.

And I think more like in the long term, we do have people on the team exploring other open source solutions and classifiers and also like the image metadata, like how we can leverage that to better determine if an image is AI generated. But it's still like a matter of figuring out what the right balance is between those options, just because like image metadata, for example, anyone can tamper with the image. They can strip the metadata, can edit it or crop it or whatever. So it's still a pretty fragile source of truth and even the classifiers, like best ones maybe will get 80-90% of accuracy but it's not going to be bulletproof. So yeah, we're trying to figure out what combination is the right one for getting enough accuracy and also keeping cost and latency in mind.

GabrielYeah, so a couple of follow-ups on that. So again, it is important for us to be clear that it's definitely not 100% accurate in either direction. It could let things through that are AI generated, and it can also theoretically flag some things as AI generated that are not AI generated. And so it's an effort here, and we're going to try to improve it, but it probably will never be 100% accurate.

RachelYeah, yeah. No, I mean, it's sort of, yeah, the problem is really interesting. And in some ways, I'm like wondering if it's probably a longer discussion. But like, if we don't have some sort of change at, like, I don't know if this is the right term, but like at a policy or an infrastructure level on how we actually maintain, like we need a consistent way to be able to really know if the data on the image is reliable.

And It's sort of like playing whack-a-mole right now, but if we can contain the mole, then it would be maybe a little bit easier. But right now, if we don't have that, I think the issue will unfortunately become more prevalent and even harder to solve.

GabrielI have heard some rumors at least in some reports of some standards being worked on in that regard. It possibly would help. The other thing you mentioned was, you know, we're using the block list, which is obviously kind of on or off of it. So it's very fast. Whereas if we were starting to use classifiers, that might be too slow in real time to like do it on the search results. And then it's also expensive to offer for these. And so I think that's...

RachelExactly. Yeah.

Gabriel...the trade off there with the classifier. It's also interesting to note of using AI to stop seeing AI generated images.

RachelThe irony there, yeah. Especially because we're dealing with hundreds of millions of images a day. Even with a good caching layer, I think it'll still be a difficult problem to solve there.

GabrielCool, well, is there anything else from working on this so far? Do you want to flag anything interesting or, I don't know, that we didn't talk about?

RachelI think the biggest thing is the problem itself is super interesting. For me personally though, if I could share when I started this project, I was only four months in at DuckDuckGo, so everything was surprising and then I was still getting to know the product and the users. It's kind of a funny story how the project even came to be.

We knew this problem was happening. I think like over 50% of user complaints about images was about not wanting to see AI. So we knew we had to do something. It's just that the problem was huge. And then like we talked about it for a while, kind of punted on it. And then summer came around with the hack days and I kind of decided to revisit the problem. And I think the interesting thing about a hackathon is that it's just two days. You're really forced to think, like, what am I actually going to get done here? And coincidentally, at the time, I was looking into a bug that users were reporting. So there were some users who already had this block list and the U-block browser extension installed, and they were dealing with some bugs. And I was looking into that, and that's actually how I came across the block list.

And I figured, you know, if there are users who are going out of their way to install this extension, put this list on, and this is the solution that's sort of working for them for the time being, like, why not make this more widely and easily accessible for users? So the solution actually was really inspired by our users. And I really love how this feature was like end to end, like purely user driven. Like it was built based on user feedback. The solution itself is something that users came up with, and then even now, after we've launched, we're constantly listening to what users are suggesting to help move the feature further along.

GabrielAwesome. Yeah, future for these episodes should definitely ask where this project came from. The list of questions we need to ask. But yeah, it's great that you took the initiative to do it. It's also great to hear that it came out of user feedback in that channel and the hack is working too. Like, yeah, it's a great story all around. So okay, so thanks for coming on.

RachelYeah. Mm-hmm. Mm-hmm? Yeah.

GabrielWhoever is watching this, thanks for joining our episode number two, I guess, of DuckTales, but we'll do many more.

RachelYeah. Thanks for having me. Bye.

In this episode, Kamyl Bazbaz (VP of Comms) talks with Tim Raybould (AI Lead) about the design of DuckDuckGo’s AI-assisted Search Assist — why it defaults to concise answers, and how the new “More” button lets users dive deeper when they choose.

Disclaimers: (1) The audio, video (above), and transcript (below) are unedited and may contain minor inaccuracies or transcription errors. (2) This website is operated by Substack. This is their privacy policy.

Kamyl BazbazHi, welcome to Duck Tales, where we pull back the curtain on DuckDuckGo to share stories, tech, and people building privacy tools for everyone. Today, my guest is Tim Rae Bold, who leads AI development at DuckDuckGo. Welcome, Tim.

Tim RaybouldThank you, Camille... Baz... Baz?

Kamyl BazbazThat's right. Pretty good. We're going to talk about a new feature that we just shipped on the old SERP at DuckDuckGo, which is the More button on assist. Can you briefly explain what the More button does and why we decided to add it to the AI assist answers?

Tim RaybouldYep, sure. Well, search assist, first of all, is the AI-generated answer that goes on the top of results for about a fifth of queries. That's whenever we think that the query is asking for information that can be answered concisely. And then the main thing we pride ourselves on with assist is that it is just the answer to your question and nothing more. It's unique in that way, I think, across the AI answers industry, in that it really tries to get the job done in a very short amount of words. But users for some queries were asking it to go deeper on topics, and that's the answer to the more button question. So it's a pretty simple feature. Right below the concise answer is a button that says more, and you click it, and then it will go and expand its answer into more of a... maybe like a traditional answer that you'd see in an AI chatbot that has tables and headings and it lays things out.

Kamyl BazbazVery cool. And so what problem do you feel like users were experiencing that led to this feature?

Tim RaybouldYeah, it was really just a request to go deeper on some percentage of topics. The short concise answers are just what the doctor ordered for many, many of them. But the click rate on the more button has been really good so far. It's about 10% of people are clicking that button. Around that portion of queries, the topic they asked about is they just want a little more depth with the answer.

Kamyl BazbazWhat was the biggest technical challenge you had in implementing this expanded answer?

Tim RaybouldMm-hmm. Well, I don't know how far back you want to pull the curtain. Your intro said you were pulling the—OK, well, I mean, the SERP is written in, largely written in Perl. Perl has a—it is challenging to stream the response back in Perl. So when you use an AI tool like DuckAI, our chatbot tool, the response will stream back, which means that every single set of words, it doesn't wait until the end of its response to give it to you. It gives you the response as it's going. And it's a much faster experience for users because they can start to read it as the AI is generating word after word after word. That's called streaming. In SearchAssist, we don't need to stream that concise response. We wait until it's done. We run some safety checks on it even, and then we present the answer on the page. But with the more button, it would just be too long to wait to take that same approach. So we needed to figure out streaming. And in some cases, that's not a hard technical problem at all. In our particular environment and setup, that happened to be the hardest problem. Second hardest problem is you need to come up with a prompt that explains to the AI what type of response we're looking for. Our initial prompt, as we've been saying, is very focused on being concise. But this one, we needed to figure out the right words to tell the AI to say what type of answer we want out of an expanded answer and how we wanted to lay it out and talk to the user.

Kamyl BazbazGotcha. And so how are you—I mean, it sounds like in the development of this, you were trying to balance the speed and simplicity people expect from DuckDuckGo with getting a more comprehensive answer to their question. Does that sound right?

Tim RaybouldYeah, it does sound right. Yeah. And I mean, it seems simple in retrospect that a simple button to click more was the answer, but we, as we were building search assist, you know, we knew we wanted to give more in some cases to some answers. And it was, you know, sort of a lightbulb moment to just say, well, the first step we can take is just to ship the user a button and the user can decide when they want more. So that took the burden off of us to figure out which query exactly deserves to have more of an answer. And then from a speed standpoint, that sort of solves that problem too. Because once they're engaged and clicking more, they've presumably read the concise answer, and the new answer is going to stream back, so they're going to get to read something almost right away. The speed piece there, we have a little bit more leeway to take a few seconds to deliver the answer, whereas the concise answer is coming along with a SERP and people want a fast SERP. So, can't delay that.

Kamyl BazbazWhat's been the feedback so far and then sort of what kind of data are we seeing?

Tim RaybouldIt was the number one feature request before we built it. And it has largely satisfied that request—that people asking for it has died down, as you would expect. Our overall—the main metric we use to track user satisfaction for this feature is the ratio of people clicking the thumbs up over the thumbs down. That's at the bottom of each answer. It says, was this helpful with these two options? So after we shipped the more button, the overall thumbs up to thumbs down ratio increased noticeably. People seemed to like it.

Kamyl BazbazAnd if you're thinking about the differences between DuckDuckGo, what you would see on Google, and then if you are using ChatGPT or like a Perplexity, now that DuckDuckGo has more and is easily connecting to DuckDuckAI, how would you place our offerings in that context?

Tim RaybouldYeah, well, when it comes specifically to these AI responses, I still think the main differentiator is that we play the 80-20 rule really well with the length of the answer at first. In most cases, giving the user the direct answer in a way that they don't have to spend a lot of time parsing or reading is the preferred experience. And we've heard users say that—specifically say that—your answers are so much shorter. I didn't even know I wanted that, but that makes a lot more sense in most queries. Letting the user expand into this more button is the first step into some queries do deserve a richer, deeper answer. It deserves more work from the AI to be able to do for the user. So this more button is the first step along that path. But I think there's other tools that started there and they're coming back to what people want in a search engine—the core search engine experience. They're having to add on to the core AI experience. And we just started the other way around. We started with a great search engine that already gave a bunch of instant answers that were not AI-generated—stocks and sports and weather and things like that. This, you know, our search assist tool fits right into the wider search experience for people.

Kamyl BazbazHow does this fit into, you know, the DuckDuckGo, you know, looking to the future here? How do you see this evolving? What do you think is next for these kinds of—for the search assist answer on DuckDuckGo?

Tim RaybouldWell, I think both of our AI tools will evolve. And Duck AI will get more and more ability to do things that search engines do. And a search engine will get more and more ability to lay out a search engine results page, a SERP, with the benefit of generated content from AI. The difference right now is primarily the types of queries that people are bringing to these two tools. Whether or not people's behavior merges into one tool is anybody's guess. It's a very interesting question. Right now on the search engine, most of the queries are four words or fewer. You're not typing big long prompts or asking long complicated questions. So the search assist lives on the SERP and is built for those types of queries more so. Whereas in Duck.ai we see—we don't see actually, because we don't save any of the prompts. And that can be annoying from a building a product standpoint. We know from other data sets and other tools and benchmarks that when people go to AI tools, they don't just type in four words. They're being a little bit more conversational in the way that they prompt the model. So that deserves a different—yeah, those queries are—the user is asking something different. Obviously the answer is going to be differently natured.

One more thing on the future. So right now the search assist concise answer—it goes to the model one time. One shot is the terminology in AI land. And we give it context from the web and it has all the information it needs to answer the question, and it comes up with a concise answer. But it has one shot to do that. And it's to us to feed the LLM with the right context to answer the question. But sometimes—you've seen these deep research tools around this, probably—where you could imagine that for some queries, it might want to search twice, not just once, but twice. So if I say, who is older, person A or person B, it might do two searches: how old is person A and how old is person B. And then it has all the information it needs to answer your question because probably nowhere on the internet was it written person A is older than person B. You just have to do two separate searches. That's sort of the next step, but you could imagine that going much more complicated into many searches. And maybe not just searches, but it could also use different tools other than search to gather information to answer the question. So at some point, you know, we are starting to do this on Duck AI. And it's also interesting to start to do this on search assist—to let the model, if the user tells us that they want more, they're willing to wait 10 seconds or even a minute for an answer, that we can use that time to have the LLM do a lot more things and do one thing, sort of in the loop, to answer the question.

Kamyl BazbazGot it. That sounds fascinating. People get better answers. Final question. What's one thing about building AI search features that might surprise people outside the industry?

Tim RaybouldA lot of our answers come from a cache. I think maybe that's surprising.

Kamyl BazbazCash money.

Tim RaybouldCash money, yeah, exactly. Cache with an E, yes, yes, yeah. Wu Tang was right. The cache rules. In terms of AI.

Kamyl BazbazWith an E. I see. So in that context, you're not searching for a new answer. It's something someone's already searched for before.

Tim RaybouldYeah, it's something that someone already has searched for. And what we do to make this experience quick is if someone is searching for something—even if they did not request a search assist answer—if we notice it's being searched multiple times, we will proactively generate an answer in the background so that the next person that comes along to search that will have an answer delivered instantaneously. Because when they come from the cache, from the database of existing answers, it's instant on page load. I don't know. That surprised me just how important the role of a database of already generated answers was. That brings a lot of complications with storing those answers and invalidating them at the right time. Information changes. Who is the current president or how old is this person? Those answers are not good forever. They change. So there's those types of things, but I don't know. Maybe if I had a little more time, I could come up with a more surprising thing, but that's not.

Kamyl BazbazSure, sure. I won't surprise you next time. Thank you, Tim, for joining us. Have a ducky day.

Tim RaybouldNo problem.

Tim RaybouldYou too. See ya.

In this episode, Gabriel (Founder) and Thom (Security Team) discuss Scam Blocker. How it works, the types of scams it protects against, and why our ‘bad pages’ list is updated so often.

Disclaimers: (1) The audio, video (above), and transcript (below) are unedited and may contain minor inaccuracies or transcription errors. (2) This website is operated by Substack. This is their privacy policy.

Show notes: See the full blog post on Scam Blocker.

Gabriel: Hello, welcome to DuckTales. I’m Gabriel, CEO and founder of DuckDuckGo. DuckTales is everything kind of inside DuckDuckGo. Today we have a new topic. I don’t think we have discussed much about security in our browser. I got Thom here. Thom, you want to introduce yourself?

Thom: Yeah, sure. Hi, I’m Thom. I’m one of the security engineers here at DuckDuckGo. I spend most of my time kind of in and out of browser security, product security, that kind of stuff. Yeah, that’s the kind of stuff I love.

Gabriel: Sweet. And I think we’re here today to talk about our Scam Blocker. If you follow our blog, we actually had a pretty big article about this when it launched a few months ago. And so you can always check that out too, but we’re going to tell you all about it here and some of the inside info on how it came together. Yeah, Thom, you want to just explain generally what it is? What is Scam Blocker exactly?

Thom: Yeah, sure. So I guess Scam Blocker is what we call our in-browser phishing and scam protection. It kind of runs in the background and checks websites as you visit them all locally in the browser. And we kind of have a pretty big data set here that we get from Netcraft. So we can protect against all sorts of scams — this isn’t your standard phishing protection. We try and protect against cloned e-commerce sites, fake crypto exchanges, scareware like fake virus pages, and advertising of fake products and stuff. So we have quite a lot that we’re trying to protect against, but this feature as a whole is that warning page that you get when you’re about to visit something that could be scammy or phishing related.

Gabriel: So let’s talk about that distinction a little bit. I guess backing up a little, how did this come together? How did we end up building this and then building it kind of differently than other companies?

Thom: Yeah, so it came from a long way back. Originally, we had this idea that we wanted to improve our tracking protection and all of this stuff — trying to make our browsers as safe as possible for our users. We knew that we wanted to do something in this space, but the challenge was that it’s quite easy to build a feature like this where it ends up looking like you need to check people’s browsing activity — and we can’t do that from a privacy perspective. So we knew that we had to do this in a privacy-preserving way, and we didn’t like the idea of sending any data to Google or Microsoft because they pretty much own this space in terms of browser protections. We weren’t comfortable with that, so that kind of led us down the path of building it ourselves.

Gabriel: Interesting. So like at a high level, our browser has a privacy protection list instead of blocking that we built ourselves because we didn’t believe anyone else was doing it up to the standard that we think it should be. But that’s all kind of behind the scenes on pages that you visit, assuming that was a page you actually wanted to visit. Privacy and security overlap, but as I understand it, some pages you visit are actually bad for you — not because there’s hidden trackers, but because the page itself has malware or scams. Those are the pages we wanted to cover. And in doing that, you need to have a list of bad pages.

Thom: Yeah.

Gabriel: Everyone else seems to be using Google or Microsoft, and all the other browsers are just kind of riding on Google Safe Browsing. But we wanted to go somewhere different. So we found this vendor Netcraft, who maintains a big list, and it turns out they have an even bigger list than Google’s because they cover these other categories, right?

Thom: Yeah, exactly.

Gabriel: Like some of these scam categories that you mentioned are not traditional malware phishing. They’re theoretically legitimate businesses that are scamming you. So for whatever reason, they’re not on Google’s list. Is that kind of how to think about it?

Thom: Yeah. That’s a good way of saying it. Some of these are quite unique. One of the interesting cases I like to refer to is that sometimes even a blog post could be a scam. If this is a blog post advertising a fake product that’s going to steal your money, that’s a problem. A lot of these scam sites start somewhere trusted, like a Medium article or GitHub page, and then send you down fishy paths until you end up somewhere meant to steal your money. That’s the kind of thing we’re looking at here with Netcraft. We get data that lets us look at the source of it rather than waiting for you to click through multiple times to get there.

Gabriel: So we license this data set from Netcraft who’s aggregating all of these scams from different signals. And then what do we do with it exactly? How does it work to be embedded in the browser?

Thom: Basically, we pull this data — it’s constantly evolving, which is one of the challenges. We have to update it pretty much every five minutes on the backend. We pull it, process it, filter out some of the lower-risk things, and then compress it.

Gabriel: Five minutes is so quick. So it’s really happening in real time. I didn’t realize we were doing it that real time.

Thom: Yeah, it’s rapid. If you take a random phishing link now and look again in five minutes, chances are it’s gone.

Gabriel: And that’s because all these people are reporting these things, right? It’s an arms race — things get blocked quick, they switch domains, and all sorts of crazy stuff.

Thom: Exactly. It’s this constant cat-and-mouse game.

Gabriel: Cool. Sorry to interrupt. Every five minutes, we’re updating this list on our backend.

Thom: Yeah, and then we compress this into a small format. Our browsers pull this data every 10 to 20 minutes depending on platform. That’s how the update mechanism works.

Gabriel: Got it. So once it’s sitting in the browser, the browser checks against the list. If you’re going somewhere that’s on the list, that’s when you see the warning page. Are we similar to others where you get a big warning page but can accept the risk? And do all these warning pages look the same or are there different types?

Thom: Yeah, pretty much the same. You get a warning page explaining the case. We have three types of warning pages — they vary slightly in iconography and copy. They’re for malware, phishing, and scam. Malware means you might download something malicious, phishing is about credentials or credit cards, and scam is broader — like a dodgy e-commerce site.

Gabriel: Got it. So any surprises in building this or challenges that arose getting it live to production?

Thom: Yeah, a few. The first one is that we have four browsers — four different platforms. The core part of the feature is constantly updating, but the other challenge is intercepting navigation requests. Every browser does this differently. So we had to map out how each does it and figure out ways to do it efficiently. We pride ourselves on our browsers being quick — we don’t want to affect load times. So we had to make sure the check runs quickly, just before a page loads. There’s a lot to consider. That was one of the biggest challenges.

Gabriel: Yeah, that makes sense. It basically seems like one project, but it’s four big projects — MacOS, Windows, Android, and iOS. Cool. So how has it gone? Any good response? I know we put out a blog post and got some press when it launched. It seemed positive from my view, but from your point of view, what did you think?

Thom: I think we had good positive feedback. One unique thing about this feature is that it’s in the background — its success hinges on people not really seeing it. If loads of people are seeing the error page, then we’ve probably done something wrong. But overall, it’s gone well.

Gabriel: Yeah, that’s a good point. It’s like our other privacy protections — always on, not breaking sites, contributing to peace of mind. It’s protection that’s there, not in your face.

Thom: Precisely. People who’ve come across it said it works well and gives them peace of mind.

Gabriel: Cool. So it sounds like it kind of went off without a hitch. Is there anything left to do now? Are we kind of in maintenance mode with it?

Thom: Yeah, pretty much in maintenance mode. We have about three or four people monitoring metrics. But we’re exploring ways to enhance the data, maybe adding new or better data sets. We might tailor data sets by platform — for example, malware is more prevalent on Windows, scams more on mobile. I’ve also been reading about using small language models fine-tuned to detect scammy websites locally. It’s promising research — local-only, privacy-preserving — though I don’t see it in the browser anytime soon.

Gabriel: That sounds fun. A good hack day project — and who knows, lots of those end up in the product. I definitely think we should ship local models or get access to local ones on the device. The problem’s been that either local models aren’t very good or the downloadable ones are too big, like three gigs. But I think it’s coming. I think there’ll be a future where we have local models in the browser, shipped by default or opt-in, maybe with extra protection. That would be an interesting incentive to download a local model if it gives extra security protection.

Thom: Yeah, exactly — extra security protections. I’d love that.

Gabriel: All right. Well, we’ll end here. Thanks, Thom, for coming on. Hope everyone enjoyed hearing about security, and maybe when you launch something new, come back and we’ll talk about it again. All right, bye everybody.

Thom: That was great. Thanks a lot, Gabriel.

In this episode, Beah (Chief Product Officer) and Emanuele (Engineering) discuss Sync — which lets you have consistent bookmarks, passwords, and AI chats across devices — how it’s unique from a privacy perspective, and what’s coming next.

Disclaimers: (1) The audio, video (above), and transcript (below) are unedited and may contain minor inaccuracies or transcription errors. (2) This website is operated by Substack. This is their privacy policy.

Beah: Hi, welcome to Duck Tales, where we go behind the scenes at DuckDuckGo and discuss the stories, technology and people that help build privacy tools for everyone. In each episode, you’ll hear from employees about our vision, product updates, engineering or approach to AI. In this episode, we’re going to talk about our Sync feature. So today, Emanuele has joined me. I’m Beah. You haven’t met me before. I’m on the product team here at DuckDuckGo and Emanuele is, well, I’ll let you introduce yourself.

Emanuele: Yeah, thanks. Hi, Beah. Welcome everyone. I am Emanuele. I have been at DuckDuckGo for about six plus years and I’ve been involved in Autofill and Sync almost from the start. Yeah.

Beah: Cool. All right, well let’s dig in. I have a few questions for you. So first of all, what are we even talking about? What is Sync?

Emanuele: Sync is a feature that lets you synchronize your data from one device to another. For example, you may have a collection of bookmarks on your desktop and you want to see the same bookmarks on your mobile device. You set up Sync and all your data is showing across both devices seamlessly.

Beah: It sounds very handy. So you can sync bookmarks. What else can you sync across devices?

Emanuele: Yeah, you can sync also autofill data, credentials, and credit cards. You can also sync, well, we said bookmarks. Recently, we added Chat Sync, so you can sync your Duck AI chats across devices. This is currently only available for our own first-party applications, but we are expanding to other browsers as well.

Beah: Nice. So like, just to kind of paint a picture here, I have a MacBook Pro, I have a Windows laptop, I have an iPhone, and have an Android phone as well. And I’m like, you know, trying to log in to Reddit in all these places. If I save my Reddit credentials, my login, my username and my password on any of those devices, then it can automatically sync to all of those. So then the next day when I’m like out and about on my phone, if I logged in on my laptop, like the password just autofills and I can log right in. Is that right? And then now with that...

Emanuele: Exactly. Yeah.

Beah: Duck AI chats, as you’ve mentioned as well, if I wanted to like, so what’s the yeah, tell me about chats. What’s the use case there? Why do I care that it’s across my devices?

Emanuele: Well, the use case, I use it a lot personally when I chats on the desktop and then I want to continue in the evening on the couch, I can resume the same chat and continue the conversation with Duck AI from there. I also use it for looking at older chats and basically maybe I chatted with Duck AI for something a while ago, and all of a sudden I remember, oh, well, there was this information that I already discussed with Duck AI, and I can go when I’m on the go outside with a friend and show my finding even when I’m on the go. Well, with Duck AI specifically, the Sync feature also increases the limits of how many chats you can store in Duck AI. The limits used to be 30, we bumped it at 100, but with Sync you have a lot more storage, so you can store a lot more chats with Sync activated.

Beah: Nice, so if I’m like chatting on my phone, chatting on my computer, I’m like, you kind of need it because you potentially are like doubling or whatever, multiplying the volume of chats that you’re having and you don’t want to be like penalized, like lose those because they’re synced across devices. You just want them available.

Emanuele: Right. Yep.

Beah: Yeah, that makes sense. Tell me, like, let’s talk about how we do Sync from a privacy perspective. Like, are there any considerations there? How do we do it in a way that is not identifying and protects all of our users’ privacy?

Emanuele: Yeah. First of all, all of the data in Sync is encrypted end to end, which means nobody but you can access your data, not even us. We don’t have the decryption key, so the information stays encrypted on our servers and nobody can access them. We went a step further in that we don’t really ask you for emails to sign up on anything. We don’t ask you for your passwords or anything. We just set up an account in a way that’s secure with basically a random string that is used to encrypt, I’m kind of simplifying things, but like a random string that is used to encrypt your data and then the string stays locally on your device. This ensures that, you know, whatever happens in the server, the data cannot be decrypted by a malicious actor. And we, as a company, cannot know who you are. We don’t have any information on you and we don’t have any way to tie your data with a specific person.

Beah: How does that compare, like, how unique is that? Like, is that what everybody does with sync and password management or is that pretty unique and how so?

Emanuele: The end-to-end encryption is a pretty common pattern in password managers specifically. Not as much maybe in browsers, I don’t think. But the fact that the account is... that you don’t need an email to log into your account, that’s pretty unique. I don’t know that there are many other companies that do anything like this.

Beah: Yeah, I can’t think of any mainstream, well-adopted examples anyway where you don’t need an account. Cool. How hard has that been in practice? What technical challenges did it create? Or was it just hunky dory?

Emanuele: Yeah, no, it’s not easy, especially when you create an account that doesn’t have an email associated with it, it means that certain things that users are accustomed to, that they expect, they’re not there. So you have to kind of create user experiences that allow users to use their accounts seamlessly without thinking about an account, but with all the features that they expect. Specifically, the recovery part is the complex part because we don’t have data. We don’t have any way to retrieve your data. Therefore, you have to save a recovery code to decrypt the data on your side. The complexities that we face are both in terms of UX, as explained, but also there are complexities on the engineering side, as we need to ensure every time that all the flows are accounted for in this sort of accountless account. And yeah.

Beah: Yeah.

Emanuele: When we start to connect certain things together, like the chats and Sync and, you know, so we will look into subscriptions as well. We’re basically connecting different systems that all are sort of blind to the user concept, but they still have to sort of contain this data. So that’s a high level.

Beah: Yeah, as you were talking, I was thinking, this is like a great example of one of those things that’s like deeply, deeply complex. And like for it to work, you just have to like, you have to boil down that complexity and like, shield the user from that complexity and present a very simple, it works, very little room for human error, no requirement of deep understanding of how it works. And I think that is a really interesting challenge.

Emanuele: Yeah, I think our UX for setting up the account has this advantage that you don’t have to type anything and you just set it up and when you have to transfer it to another account, you just scan a QR code and the data is automatically transferred via that QR code scan. I think that’s kind of handy in the setup step. But again, it poses a few challenges then in the recovery phase.

Beah: Yeah, like you don’t have to remember a password or remember what email you used. You just have a device, another device, and then let them talk to each other. But getting there was really hard. I mean, and maybe there’s still places that we want to improve the UX, but I just, I know we’ve been like finessing it for a long time. Now I’m somebody who like has to sync things all the time because I’m constantly like uninstalling and reinstalling and trying new devices as part of my job, like testing and you know, understanding our products and looking for gaps and like, so I go through the Sync setup, you know, way more often than any normal user should have to. And it has gotten a lot better. Like I, there are moments when I’m like, that was easy, which is what we’re going for.

Emanuele: Magic.

Beah: Yeah, magic. Magic.

Emanuele: Yeah. We are actually working right now on an improvement to the Sync screens. We are going to launch an experiment on iOS first. And we hope that the Sync flow will be easier, even easier for users to understand specifically the very first step when you decide whether you want a new account or you want to connect to an existing device, that should be easier. But they’re just improvements around the existing flows rather than a new different flow.

Beah: Yeah, I think one of the things you’ve done really well as a leader of this work, Emanuele, is continuing to watch the data and poke holes in the flow and basically make sure that we’re simultaneously building new features and optimizing what we have and just making it better and better and better as we learn more. I’m curious if there are any kind of in that vein or you can leave that direction if you want. You can say whatever you want. If there are things that have surprised you in the process of building Sync and getting feedback and watching the data points and so forth.

Emanuele: Yeah, I think one sort of surprising thing was that the people were not really finding the feature organically. As soon as we started building entry points where they were useful to the user flow, meaning when you are saving a password, when you are watching a specific screen, like you are looking at your bookmarks, for example, and we show at that point a prompt that says, do you want to move this bookmark to your other device? And we do that in several touch points. And again, these have been studied to be the least intrusive possible, but also to pop up at the right moment when the feature is more salient to the user case. When we started doing these promotions, we call them promotions, we can call them entry points, basically making the feature discoverable. User adoption shot up quite dramatically and basically we were very happy to see the trajectory of adoption once we start to put in Sync front and center for the users. Basically it allows them to use DuckDuckGo, like enter the ecosystem and sort of buy into the whole system. And your data is there, your browsing is easier, your bookmarks are there, you can save something on desktop and again read that on your commute on mobile. Yeah, these entry points have been really effective.

Beah: Yeah, if you build it, they won’t come unless they see that it exists and you make it easy for them. Yeah, nice. All right. Tell me what, yeah, you kind of already touched on this, but anything that’s coming up, coming soon to Sync that you want to talk about?

Emanuele: Exactly. Yep. Yeah, a couple of things we are working on. The first is allowing third party browsers to sync their chats as well. This is the first time that we are actually building Sync on a third party browser that is not integrated with our apps basically. So that’s coming fairly soon. The new screens, we just touched on the new onboarding screen for iOS. And we’re also starting to sync subscription status. So if you have a subscription, a DuckDuckGo subscription on your mobile device, currently to move it to your desktop device, it’s quite a convoluted process. Whereas with Sync, again, we move to the QR code scanning. So if you have Sync already active, the data will start syncing automatically. And if not, you will be able to set up Sync again with a QR code right from the subscription screens and move your subscription information across very easily, which means your advanced model for Duck AI, they will transfer automatically and you can resume your advanced model chats across devices.

Beah: Nice. I am personally looking forward to that because I also go through the, you’re a subscriber, let’s retrieve your subscription flow somewhat regularly. Cool.

Emanuele: Yeah, it’s a bit convoluted. And we will also look into tab sync, which is a pet peeve of mine. I’m looking forward to that, which means that your open tabs on one device will be accessible from another device, you know, seamlessly through Sync.

Beah: Cool. Awesome. Well, I think we should wrap it up. Is there anything that you want to say that you haven’t already before we close? This is your moment, man. Go nuts. Yeah, that’s a good one. Set up Sync. It is awesome. I can vouch for that. Cool. Well, thanks so much for joining. Really appreciate it. Yeah, see you around DuckDuckGo.

Emanuele: You know, set up Sync, it’s awesome. Thank you, Beah. Bye-bye.

Beah: Thanks everyone.

In this episode, Greg (Product) and Karl (Design Engineering) discuss how we build, design and decide when to show Instant Answers. Plus, how we’re balancing instant answers with optional AI generated answers.

Disclaimers: (1) The audio, video (above), and transcript (below) are unedited and may contain minor inaccuracies or transcription errors. (2) This website is operated by Substack. This is their privacy policy.

Greg: Hello and welcome to DuckTales where we go behind the scenes at DuckDuckGo and discuss the stories, technology and people that help build privacy tools for everyone. In each episode you hear about our vision, product updates, engineering, our approach to AI from employees at DuckDuckGo. I’m Greg, I work on the search engine here at DuckDuckGo and with me today is Karl. Karl, would you like to introduce yourself?

Karl: Yeah, sure. Yeah, so I’m Karl. I’m a design engineer here at DuckDuckGo and I work across the search engine on instant answers and our Search Assist AI module.

Greg: Awesome. And that’s actually what we want to talk about today. DuckDuckGo Instant Answers, how we show instant answers for different search queries. Obviously, in a search engine, we show links to websites. But there’s a lot of other content that we show on the page as well, which I think broadly we sort of refer to as instant answers. You know things like if you search for the weather, you know, we might show a weather module at the top of the page. I’ll just share a couple examples of these. You know, so you search for weather and we try to show, you know, relevant information about the weather at the top of the page in addition to then all of the, you know, the links to different websites.

Karl: Nice.

Greg: We have things like unit conversions. If you search for a temperature and you want to convert it from Celsius to Fahrenheit, different calculations, all of these things are kind of within the umbrella of instant answers. We have had instant answers for a long time. I think really early in the history of the company and the product, recognized that when you’re pulling information from a lot of different sources, you have the ability to present that information in different ways to help the user find what they’re looking for, whether that is looking for a website that they want to navigate to, looking for an answer to a question, or looking for something a little bit more complicated. So yeah, we have lots of different instant answers, and thought we’d talk a little bit more about that today. So I guess as a starting point, I’m curious to talk about, and you mentioned being a design engineer, what are some of the challenges involved in designing and building instant answers?

Karl: So I think one of the things that I’ve always found working on these is it’s very easy to just basically take everything we get. So we will work with like a provider. Let’s say if we’re doing where to watch something, let me share my screen actually as well and we can have a look at this. We are working with a provider. So in this case, we’re working with JustWatch and using their API data. When you come to design something like this, it’s very easy to look at that and say like, okay, cool, let’s go to JustWatch’s website and have a look at what’s available. We can see their website, how they present the information they have and they give us. And you could kind of jump to say like, well, we’ll just take what they’ve done. They’ve got that data, we’re using the same data, let’s just copy the way that they’ve presented that information. That would be like the easy solution. But then you’ve got all of these sort of legacy things to deal with, like we talked about a bit earlier, we’ve had instant answers for a long time. We’ve got ways that we present our information on the search engine and we need these modules, whether they’re pre-existing or they’re new, like we need them to all feel like they belong together in some way. So it needs to sit in the search engine nicely, you know, and feel kind of like it belongs. So we can’t just do like a one-to-one copy, which, you know, as designers anyway, we don’t want to just copy what someone else has done. But when the data is so vast and so complex, it can be kind of hard if you’re not familiar with the domain so much as an individual to just figure out like, what do I even care about here? So like, here’s an example with a movie, we were trying to figure out where you can watch this, but like, where are you in the world? You know, because that’s like the first thing that’s probably one of the biggest challenges is we can’t show you the same thing if you’re in the US or the UK or Australia. You’re going to see something different.

Greg: I think you touched on a lot of important pieces to this that make this challenging. One is just understanding the user’s context. Obviously, we have limited information about our users based on our privacy policy and our privacy standards. We can approximate things like location accurately enough to be able to do things like the weather one that I showed, or this where to watch example. But that does limit us in what we are trying to do where we’re not trying to overly personalize the things that we’re showing down to a very specific user profile. And so, we have to kind of generalize and try to figure out just from the search query and that limited bit of information, what is it that we’re going to show to try to answer the user’s query. The other thing you touched on that I think is important to highlight is just the fact that this search query here is very specific and I think has a pretty clear intent where to watch a specific movie. Sometimes the intent is a little bit harder to unpack. And so you might have more different things that you could show. If you just searched for the movie title, for example, maybe someone’s trying to figure out where to watch it. Maybe they’re interested in the release date or different news about it. If it’s an upcoming movie, maybe they want to know what the cast is like. So trying to figure that out and then present the information in a way that gives users the ability to see what they’re looking for and also then refine their search down to the more specific thing. I think that adds some challenge as well.

Karl: No, I agree. I think probably one of the biggest things that I found difficult around this is exactly that is the like figuring out the query, figuring out the query space, and then defining the data set, the golden data set, as we call it, that helps us to understand when do we trigger? How do we decide what we trigger? And entertainment is especially challenging because we have three different modules that are part of the class of entertainment. We have the titles module, which is the overarching piece that tells you, you know, this movie is from this date. This is a brief synopsis and you can get to the two other modules. So this where to watch module. And then also you can get to the cast module from that parent module. But like you say, you have to trigger these differently and figure it out. And so we can do these really clear ones where someone puts the keyword in that we’re looking for, but sometimes we’ve got to try and use all these other signals from what we get from the organics or like other pieces of information that we’re retrieving to say like, actually we think this is best and you will know better than I, but like it’s incredibly hard and sometimes, you know, it doesn’t matter how hard you try, the intent might feel really obvious to the person typing it, but as far as we can derive from that information, we can’t always figure out the right thing to show you. And so we do our best, but you know, there’ll be misses sometimes.

Greg: Yeah, I want to ask you about something that’s on your screen right now because you can see, you searched the query Project Hail Mary cast and we’ve got the cast module at the top left there. We also have that Search Assist box to the right side that attempts to kind of answer the question. I guess, we’ve talked a little bit on previous episodes about Search Assist and what it’s doing. You know, how would you describe how we think about showing those two things next to each other, the different kind of roles they play, and maybe how that’s evolving over time?

Karl: I think, yeah, that’s been a big challenge for us because AI summarization is a really useful tool for some people. It’s not for everybody. And obviously, we’re super careful about giving people optionality and letting you say, I don’t want to see this. But for people who want it, people who are interested in seeing that, we don’t want to just always put that front and center as the key answer to every query. Because in a case like this, for example, Search Assist is giving you the same information, but it’s giving you it as text. And maybe we’re giving you a little bit extra too. But if I’m specifically trying to ask about the cast, there is a high chance it’s because I’m thinking of an individual who I’ve seen in the film, or I’ve heard is gonna be in the film, or what have you. And so I’m trying to see their face to be like, yes, okay, so it is Ryan Gosling who’s in Project Hail Mary. Okay, cool. And so in this case, like that is probably what we feel the most critical piece of information. So we want to give you that module upfront. But at the same time, if you’re someone who’s interested in getting a kind of AI summary as part of your query, we don’t want to then say, just, we won’t show you that tool then. And so we have this like convenient little right rail slot where we can say, actually, we’ll just move this over here. So you get kind of the what we think is the best of both worlds where we can deprioritize Search Assist in this case where the intent is really clear. And then in cases where we’re not so sure, we will do our best to try and figure out like maybe Search Assist is the best answer of this or maybe it’s a different module.

Greg: Yeah, I’ll also note, we have different sort of settings that you can use for Search Assist everywhere from, I never want to see Search Assist at all up through, show it to me as often as you can. You obviously have it set to show often here. I do too. But yeah, I mean, for this kind of query, certainly the use case you spoke to of like, I’m sitting with my family watching a movie, go, wait, who’s that? This is the type of thing where, okay, you can get that information really quickly. But I guess to your point, we recognize with a search engine, you’re walking a line between giving just the immediate information that a user is asking for and then giving them the ability to dive deeper, which a lot of people are using a search engine for. It’s sort of a, people come and type all manner of topics and things into that search box. And we kind of have to be ready for any of it and different user expectations. I would say we do, I’m curious to the extent to which you agree with this, like we do generally try to keep things relatively uncluttered, like we’re not trying to sort of throw everything at the page all at once. You know, I think from my perspective here, this is sort of one of the more kind of rich search results pages you would see on DuckDuckGo. You’ve got the news module down below. You’ve got some kind of imagery within the organic links. And that’s about it. You know, I guess from a design standpoint, how do you kind of see the role of just like the information layout and kind of how much we’re showing on the page at a time.

Karl: Yeah, that’s a good question. I’m a huge clean freak when it comes to design as well. It’s kind of hard trying to walk the line because when we talk to people who use the search engine, we’ll try to understand, how do you feel about the page they’re presenting? Especially if we try and compare to anyone else, what do you think about it? And we always get kind of mixed results, I guess, because some people love a nice clean layout. Some people want to see loads of stuff because they’re just so used to being bombarded with richness of like images here, there and everywhere. And one of the biggest challenges is that we obviously want to meet people where they are. We want to help give them what they’re looking for, but we don’t want to go to the kind of degree that we just say like, we’ll absolve all responsibility and just give you everything that’s available. Like here’s every image and every kind of video and stuff’s auto playing and like just taking up all of your space. Like for me, like you said, this current SERP that we’re looking at is this layout of the page. Like this is very rich for us. And it’s like at that kind of point of balance where I think we are okay with it. And we’re like, that’s good. But you know, if we imagined that Search Assist also had an image at this point as well and other things in there, it starts to make it really difficult for somebody to figure out like, where does my eye need to go, what do I need to look at in this particular point? So we’re trying to kind of keep it really clean and say, you know, cast is this most important piece right now. That’s you’ve got big images, big module, and then we kind of de-prioritize as you go further down. But it is probably one of the hardest challenges and it’s why whenever we’re developing a module like this, it’s not the kind of thing that we can develop in isolation. You know, you can’t sit in a Figma file just with this design of a flat version of a cast module and be like, you know, that looks great. I love it. Because the minute you put it in the SERP, you realize, you know, okay, I’ve got to deal with all of these other visual things and maybe we need to turn some stuff off or change something. And that’s I think, you know, being a design engineer here, it made it possible when we developing these entertainment modules for me to do that. So I was given the kind of the rope to get into the code base and start to put these things in a SERP and play with them. And I guess you just, you get a different feel for what works and what doesn’t work when you actually see it in real place in the code base.

Greg: Yeah, definitely. I’ll also add, similar to the Search Assist setting, we have a setting that lets you basically turn the instant answers off if that’s what you want to, recognizing that some people like more and some people want less. Although I think in a lot of cases, we see users keeping them on and finding a lot of value in them. I’m curious, as we maybe get towards wrapping up our conversation, putting your user hat on for a minute. What are the instant answers that you use the most?

Karl: Well, I will say that I use my entertainment ones all the time, of course, but that’s also just as a kind of, I guess, a curious person who works on them. I have to keep an eye on them. Search Assist is obviously one of my, again, most frequently used, but I think conversions is a surprising one that I use a lot, and I think that’s especially the case because being from the UK but working with a lot of my American colleagues, when people are just chatting about Fahrenheit, I have no idea. So I have to end up getting in there and converting that. But also great for time zones and things like that when you’re trying to figure out when you can do a meeting, you know, like this meeting, for example, I can jump into that. And then weather, again, like one of the simple things that just, it saves a ton of time when you’re already in a search engine doing other things, just pulling up the weather. IA is a super handy one. What about you? I feel like you’re gonna be a sports fan.

Greg: Yeah, well, we haven’t talked much about sports, but I do use the sports modules a lot. The sports ones are interesting because, you know, with something like conversions, you know, that’s pretty consistent as far as the queries we see day in, day out, people like looking for conversions. Sports is going to depend on, you know, the events that are happening, right? Our American football module is probably not triggering very much right now. But when the season starts in the fall, it’ll start showing again. And certainly, the day of the Super Bowl, it’ll be shown quite a lot. I’m a big Philadelphia sports fan. I have some queries bookmarked that I just look at pretty frequently. I find, personally, the instant answers for sports are actually kind of my favorite way to get some of this information. You know, if I’m looking for like the NHL standings and, you know, or kind of, you know, when do the Flyers play their next game or when did they play their last game? Like this search query is really quick for me to do. It loads quickly. I kind of know what all the information is here and where it’s going to be. So I find this pretty handy. And we’ve actually just this week, I think we’ve shipped some new sports. We’ve shipped Formula One, we’ve shipped NASCAR, and we’re planning to add a bunch more sports as well for people who want to get their sports information from DuckDuckGo. So yeah, I guess anything else we missed that we want to talk about before we wrap up?

Karl: I think we’ve covered pretty much everything, yeah, I can think of.

Greg: Yeah, I’m sure we could do future episodes deep dive into more. We didn’t talk about local at all, which is its own answer that has a lot of complexity to it. But yeah, I guess we can wrap up there. Thanks, Karl. This was fun.

Karl: Yeah, awesome, thanks.

Greg: All right, bye.

This episode, Beah (Chief Product Officer) and Dave (Privacy team) discuss our tracker blocklist, how it works, and why most of it is open source.

Disclaimers: (1) The audio, video (above), and transcript (below) have been lightly edited for clarity. However, they may still contain some minor inaccuracies or transcription errors. (2) This website is operated by Substack. This is their privacy policy.

Beah: Hello and welcome to DuckTales where we go behind the scenes at DuckDuckGo and discuss stories, technology and people that help build privacy tools for everyone. In each episode we talk about like something going on with our product or our company or our company vision and or how we operate and today we have our guest is Dave, who’s here to talk about the tracker block list. Hi, Dave.

Dave: Hey, Beah. Thanks for having me on. Yeah, sure thing. Yeah, my name is Dave Harbage. I’m a privacy engineer at DuckDuckGo. I primarily work on identifying privacy threats, building features to protect our users from these threats, and ensuring that we deliver a great web browsing experience.

Beah: Do you wanna introduce yourself briefly? That sounds very important, Dave.

Dave: Yeah, yeah, it’s a constant battle. It’s trying to keep up with the developing environment and give our users a good experience.

Beah: Thanks for fighting a good fight. So if I’ve hosted, if you’ve seen other DuckTales, you might have met me, but if you haven’t, I’m Beah and I am on the product team here. So yeah, let’s talk a bit about the tracker block list. First of all, what even is it?

Dave: Yeah, so our tracker block list is a list of domains and URLs that we found to exhibit what we call cross-site tracking behaviors. We use it in our browsers and browser extensions to block tracking requests and enhance the privacy of our users.

Beah: Sweet. So what’s the point of all that? Why did we even make this thing?

Dave: Yeah, so at DuckDuckGo, we believe that privacy is a fundamental human right. And we believe that people should have the option to live their lives without third parties recording their every move. We realized that protecting users’ privacy on our search engine was only half of the battle. As soon as users leave our search engine page to visit other websites, they’re subject to these third parties tracking their activities anywhere they go on the web. Pretty much. I think you might be shocked at just how many companies are involved in tracking your activity and also the granularity of the data that they’re collecting. For example, we’ve seen individual websites load hundreds of different tracking requests on a single page load. And it’s all hidden to the users. So we decided that we wanted to build a product that protects our users’ privacy not just when they’re searching, but when they’re browsing the web.

Beah: Yeah, do you know like approximately what portion of websites or maybe of web traffic is to a site with or to a page that has trackers on it?

Dave: I don’t have the exact number on the top of my head. It is...

Beah: I feel like the last I looked at the data, which was a little while ago, was like something on the order of 90%.

Dave: Yeah, it’s up there. It’s apps that you install on your phone. It’s websites that you visit in a browser. It’s incredibly prevalent everywhere.

Beah: Yeah, so basic premise here, like I mean I’m sure there’s a lot of people listening who like know this in their sleep, but then for those who don’t, it’s like as you move around the web, there may be these hidden trackers that have no explicit connection to the site itself. Google specifically is on just a ton of pages on the internet. So you’re on some random website, like a community, maybe the school your child goes to or something like that. And Google is actually there watching what you do in some sense, collecting data on your behaviors.

Dave: Yeah, that’s exactly right. There are many different reasons that websites add these third parties to their pages. Sometimes it’s for analytics, sometimes it’s for advertising. But they all are collecting this information about what you’re looking at, how you’re interacting with the page. And it’s all being sent back to these third parties. It’s not even the site that you’re browsing. It’s not clear that they’re getting this information.

Beah: Yeah, got it. So how does that relate to ad blocking?

Dave: So in the general sense, what we offer is not an ad blocker. A lot of the open web is supported by ad revenue, and we’re really not out to destroy that business model. It does, however, block ads that track you. So as I mentioned earlier, a lot of these ads are actually phoning home about your activities. They’re either saying, this user lingered on this ad or they had their mouse over it or they’re on this page, it might be kind of personal. And anytime we detect that kind of behavior, we block that. I think a lot of people just don’t really realize that these ads that they’re seeing aren’t just static images or videos. They’re also data collection apparatuses.

Beah: Yeah, yeah, so we didn’t set out to build an ad blocker, but because a lot of the code that generates ads or that serves ads on a website has tracking in it, we block it as a consequence of blocking that tracking code. And I notice this personally, like if I use a different browser, I’m often surprised at a lot of sites that I go to on the regular. I’m like, in other browsers, these start halfway down the page because there’s this huge ad at the top.

Dave: Yep. Yep.

Beah: So, okay, this tracker block list, we built this, are we using somebody else’s data or did we build this in-house?

Dave: Yes, we built this entirely in-house. When we first started going down this path, we looked at the existing lists, and they didn’t quite meet our needs. So there are a lot of different open source lists out there. But what we found was that it wasn’t always clear why certain domains were on these lists and why other domains weren’t on these lists. That leaves some room for bias potentially, whether intentionally or unintentionally. In order to offer a good product to our users, we really wanted to build a fully objective tracker list. It’s built on real-time activity observed across the web so that any time there’s a tracker in our block list, if someone were to ask, why is that in there, we can tell them exactly why that’s in there.

Beah: Yeah, so actually, do you want to say what the criteria is? What would be the answer to that? How do we decide if something’s a tracker?

Dave: Sure, yeah. So every month, the way that we do this is we crawl hundreds of thousands of websites from all over the world. And we look at the behaviors that are exhibited by the third party requests or third party scripts that are on the page. When we’re trying to determine if something is a cross-site tracker, we focus on really a few key criteria. So the first one is, is it setting cookies or is it storing something locally that then could be accessed to track your activity across websites? The second one is, is it accessing browser APIs that are commonly used to create what’s called a fingerprint of your browser or device? So that might be checking to see how much memory your computer has or what kind of CPU you have or the width of your screen or the pixel density of your screen. A lot of tracking happens that way where they gather all the entropy from all of these different signals and they create what’s called a fingerprint of your device. And then they can uniquely identify you just by comparing that fingerprint across different sites.

Beah: Mm-hmm.

Dave: The third criteria is we look for things that are present on many different independent sites so that we have a lower threshold for what we consider to be a cross-site tracker.

Beah: Gotcha. Do you want to talk about are there any interesting challenges, like either technical or user-facing challenges that we’ve encountered in building out this block list?

Dave: Yeah, absolutely. So the first one is tracking techniques are evolving. So as we develop a better tracker identification method, these tracking companies see that we’re doing that, or they see that others are doing that. And they devise very clever ways to evade that and make it look like they’re not tracking so they don’t get blocked. So we have to continuously update our detection techniques to stay ahead of them. And then I think the most important issue that we run into is making sure that the web works. Because a lot of websites, what they’ve done is they’ve integrated these tracking companies in a way such that if you block those tracking companies from loading, the site often doesn’t work. We’ve developed a very efficient process for reviewing these breakage reports that we get from users. So in our browsers, anytime you hit a site and it’s not working right, you can report that to us. And then we take all those reports, we look at them, we figure out what’s going on. Is this real breakage? And we fix it. And we do that, I think, pretty efficiently at this point. Most of the time we can get things working within a few days.

Beah: Nice. So how, if any listeners are in counter breakage, what exactly should they do to report it to us, our broken site?

Dave: Yeah, so there’s two different ways to do it for our browsers. The first way is you can open the privacy dashboard. There’s a little green, we call it a duck foot icon in the address bar. It’s on the left side. Many people might think it’s a shield. It’s actually a duck foot. If you click that, it’ll open up and it’ll give you like an overview of the privacy of the website.

Beah: It’s both. It’s a shield and a duck foot.

Dave: And there’s a little link there that you can click to submit a broken site report. You can also just submit a broken site report from the primary browser menu in all of our browsers. Yeah, and those come straight to us. And our team reviews them and make sure that everything is working as expected.

Beah: Got it. So if you want the protection of our block list, have to get that. Just going to DuckDuckGo and searching isn’t going to give you the... We can’t use our block list to intervene if you’re in somebody else’s browser, unless you’re in a DuckDuckGo browser or you’ve installed our extension, right? Okay. So if you’re listening and you want this...

Dave: That’s right. That’s right.

Beah: all the benefits of this block list that Dave works hard on. Go install our browsers or extension and then report it when you run into a broken site, if you even do, because again, Dave is working hard to make sure that you don’t. Nice. Okay. So most of this tracking kind of happens behind the scenes. You can’t actually see it happening. Is there a way that users can understand what’s actually going on?

Dave: Yeah, absolutely. We show in our browsers, when you visit a web page, we’ll show a little animation in the address bar that shows the trackers that are being blocked. And then if you click into the privacy dashboard, the duck foot or shield icon, you can see a full list of every tracker that we’ve identified along with the company that it belongs to and a lot more information about the status of the web page, like the security of the site, the privacy practices of the site.

Beah: Yeah, it’s pretty wild. If you haven’t done this already, go to your favorite news site and click around and then click on the Duckfoot Shield and you can just see sometimes dozens of companies. Sometimes Google’s off in there, but sometimes there’s companies you’ve never even heard of that are on the site. It’s pretty wild.

Dave: Yeah, it’s crazy, especially the ones you’ve never heard of, because it’s not always clear what they’re doing with the data. I think some of the big advertising companies, they’re obviously using it to better target you with ads or different content. But some of these lesser known ones, they actually bundle up this data, create a profile of you, and then they sell it to the highest bidder, which is pretty scary.

Beah: Okay. Yeah. Okay, so maybe just before we wrap up, there anything that we haven’t touched on that you want to mention, Dave?

Dave: Most of this stuff is open source, so all of the tools that we use to build our tracker block list, they’re all open source. You can find them and you can use them. They exist on github.com. That’s G-I-T-H-U-B.com slash DuckDuckGo slash tracker hyphen radar. We actually have a few different. Yeah.

Beah: Maybe we can put that in the show. I was like, they can spell GitHub. And I was like, okay, this is getting complicated.

Dave: Yeah. So we have a few different places in our GitHub where we have open sourced all of this. And we’ve actually found that some cutting edge researchers have been using a crawler to find different risks online. It’s pretty good. We try to be as responsive as possible when somebody is trying to use it and has an issue or has a question about why something works the way it does. Yeah. Hit us up.

Beah: Yeah, directly contributing to DuckDuckGo’s mission of raising the standard of trust online.

Dave: That’s right.

Beah: That seems like a good note to end on, so thank you very much, Dave. Appreciate it. And see you around the hood.

Dave: Yeah. Yeah, thank you, Beah. Thanks.

Beah: Later.