03 July 2020
•
4 min read
'System1 is interested in Startpage’s ad revenue, not its data', company says
At the start of the year, we reviewed a number of privacy-focused search engines and reported that one of the oldest contenders, Startpage, had been struck off a list of such tools by the site privacytools.io
The reason for this delisting was the purchase by US advertising company System1 of what was rumoured to be a controlling share of Startpage, followed by a perceived lack of transparency and a failure by the company to adequately explain the terms of the deal. Indeed, at the time our request for more information on the arrangements went unanswered.
However, Startpage has since been relisted on privacytools.io (albeit with a warning), and Startpage co-founder and CEO Robert Beens has come out swinging against other supposedly privacy-based engines, such as Neeva, a new startup setup by ex-Google employees which he refers to as "a hacker's dream, and a user's nightmare."
So, the company seems to have got its mojo back and seems to willing to say a little bit more about the System1 deal.
"System1 is interested in Startpage's ad revenue, not its data," the company said. "The reason a company like System1 openly owns other search engines and consumer tech products like Info.com and Mapquest is that they want to capture that ad revenue that is slowly shifting to private search engines. There has been a steady increase in people using private search engines and therefore a steady increase in their revenue. It is a growing market that they feel will continue to thrive and grow."
"In no way does System1 want to change the privacy practices or process by Startpage, in fact, they legally cannot as all of those decisions are held by the co-founders of Startpage."
Startpage is owned by Surfboard Holding BV, a privately held Dutch company. System1 invested in Surfboard Holding through a subsidiary called Privacy One Group (about which little information is publicly available bar a Delaware registration listing). Beens declined to declare the percentage of shares held by System1, saying this issue is complex, that Surfboard in a private company, and that anyway "any company can give you an overview today and change things tomorrow".
Regarding the danger of the US Cloud Act being used to extract data held by foreign companies, he added: "This is also irrelevant as first of all we don't store personal data of our users to begin with. Nor do we process any in the cloud."
The involvement of System1 will not change the way Startpage serves non-tracking, contextual, keyword-based ads and there will be no diminution of users' privacy, he added, insisting that it will give the firm more marketing firepower and should allow it to drive further improvements.
"The investment will give Startpage users a more robust private search engine. The investment has provided additional funds and resources (especially marketing expertise and connections) to create more traction for our product, especially in the US," Beens said.
Startpage searches are based on Google. The company pays Google to use its APIs but obfuscates users' details via a web proxy, removing all the trackers and logs. This hasn't changed, Beens insists.
"No server logs the details of your search. Third parties do not receive search data unless it's data related to clicking on a contextual ad."
However, there have been some changes to the way anonymised search requests are processed. Previously, Startpage managed these requests directly from its servers, passing the anonymised and fuzzed requests to Google. However, to cope with performance issues the company now has a two tier-set-up whereby after Startpage's servers have anonymised the requests, a second server actually sends the anonymised requests to Google and composes the HTML page returned.
This process has been externally audited and found not to introduce any new privacy risks, Beens said.
Startpage makes play of being based in Europe, where privacy laws are strong. Beens insists that US personnel do not have access to any machines that can establish a direct link to the fuzzing and anonymising servers. "They can only access machines in which PII [personally identifiable information] and search data has already been redacted. This is because of our concerns pertaining to the risk of US national security letters and gag orders."
According to this account, those worried about the privacy implications can rest a little easier. System1 seems to be seeing the way the wind is blowing, especially in Europe but also in states like California, and is hedging its plans accordingly. Recently, this statement appeared on its website. "We are actively building a suite of privacy-friendly products, including search engines, browsers and mapping, and we are very excited to provide these products to millions of users worldwide."
Earlier this year System1 acquired Firefox fork Waterfox.
