Imagine this scenario: you’re worried you may have committed a crime, so you turn to a trusted advisor — OpenAI’s blockbuster ChatGPT, say — to describe what you did and get its advice.
This isn’t remotely far-fetched; lots of people are already getting legal assistance from AI, on everything from divorce proceedings to parking violations. Because people are amazingly stupid, it’s almost certain that people have already asked the bot for advice about enormously consequential questions about, say, murder or drug charges.
According to OpenAI CEO Sam Altman, anyone’s who’s done so has made a massive error — because unlike a human lawyer with whom you enjoy sweeping confidentiality protections, ChatGPT conversations can be used against you in court.
I would imagine that the same is true of search engine queries, and the collection of search engine queries is gonna be a lot larger than ChatGPT prompts.
I’ve seen articles mention search history as evidence for years, so no need to imagine.
I would mention that I use Kagi as a search engine, which doesn’t retain search queries (outside a subset for a limited period of time, like a percentage retained for 7 days to counter DDoS attacks). They also have functionality to let people — people who are more paranoid than I am — pay anonymously via cryptocurrency and use search tokens that don’t link individual searches to each other.
https://kagi.com/privacy
https://blog.kagi.com/kagi-privacy-pass
I’d also add that, search query and AI prompts aside, one’s aggregate YouTube history is also likely to have privacy implications, as I expect that most people have watched a lot of content on YouTube and done many searches on it. In 2025, I can’t suggest a reasonable, privacy-oriented drop-in alternative for that, though.
EDIT: Social media is its own can of privacy worms, but at least there people basically understand that they’re putting content out there for the world to see, albeit maybe wanting to do so pseudonymously.
EDIT2: Actually, I haven’t been using it, but Kagi does have a video search, and a bit of experimentation shows that it does appear to index YouTube. I guess I could use that to hide search queries, though obviously YouTube will still have a “videos watched” history, as one would still connect to YouTube for a video itself. And it’s gonna come with some limitations; NewPipe and similar mobile clients don’t have functionality to issue search queries to anything but YouTube directly, so one wouldn’t be able to use a mobile client for searches. I also don’t know whether they permit filtering on everything that YouTube does (or, if they index multiple video sources, whether it’s even possible to filter things on all those criteria; different video services may not expose the same information).
EDIT3: It also appears to only return 48 results per search, unlike YouTube’s search Web UI, where I believe that you can just keep paging through more results as long as you want.
EDIT4: Ah, they show what they index in the search options, since they let you choose which source the videos are from. Apparently it’s YouTube, Vimeo, TED, TikTok, Twitch, Daily Motion, and PeerTube. Huh. I didn’t even know that it was possible to search Vimeo at all. Last time I went looking for a YouTube alternative, I remember looking at it, seeing that the main page had no search form or list of videos, and thinking that there wasn’t any way to search it at all.
Startpage doesn’t track, and you can view result pages via their anonymous proxy. Use that with tor or a VPN and you’re set. YouTube doesn’t like startpages anon proxy though.
Duckduckgo doesn’t track either, and you can view youtube videos in ddg’s site.
https://www.startpage.com/en/privacy-policy
https://duckduckgo.com/privacy
They can still use the data you send over the internet to convict you. I don’t assume that DDG uses encrypted connections.
In other words, they can get the info from your ISP or other forms of surveillance instead.
99.9% of today’s internet is encrypted by default - https.
DDG definitely does. (Though you want to change the settings on the site from GET to POST for privacy)
The current tls standards in Https/3 /quic is especially resilient for standard encrypted web connections.
So, what you do on a site can’t be seen by anyone other than you and the site.
What a site collects is what you allow them to have. And trusting (or not) to believe their policies.
If you use encrypted DNS (doh, dot, dnscrypt, etc.) your ISP can’t see what you’re looking up. If you use encrypted AND oblivious doh, or anonymized dnscrypt, nobody can tell what sites your DNS is looking for and the DNS resolver itself can’t tell where the request you make comes from.
Ech/esni is the newest standard for DNS where nobody can even tell what sites you are making a secure connection to. (The IP can be seen, but not the domain).
With that, using a half decent secops and basic isolation of accounts, profiles, use cases, and housekeeping, and a VPN/proxy/tunnel, your internet use / history isn’t difficult to manage to keep private.
If I’m coming from a different IP, and a different browser (or the exact same as a million others - tor, mullvad) on a different profile, in a container/isolation/vm, with a different fingerprint, via a different DNS, spoofed device identifiers, and privacy scripts/blockers, etc, the likelihood of my use being tracked and used is exceptionally limited.
A browser for porn A browser for local A browser for social A browser for porn