Today we are announcing a new privacy feature coming to Kagi Search. Privacy Pass is an authentication protocol first introduced by Davidson and recently standardized by the IETF as RFCs. At the same time, we are announcing the immediate availability of Kagi’s Tor onion service.
In general terms, Privacy Pass allows “Clients” (generally users) to authenticate to “Servers” (like Kagi) in such a way that while the Server can verify that the connecting Client has the right to access its services, it cannot determine which of its rightful Clients is actually connecting. This is particularly useful in the context of a privacy-respecting paid search engine, where the Server wants to ensure that the Client can access the services, and the Client seeks strong guarantees that, for example, the searches are not associated with them.
[etc…]
Given the way Kagi CEO Vladimir Prelovac doesn’t understand the word privacy, hopefully this solution is implemented in a way where the word’s true definition cannot be distorted.
Here he is a few years ago, comparing his company to your parents:
We did not say we maintain anonmity, but privacy, which are two different things. For example. your parents may know everything about you, yet still respect your privacy.
This comment lives rent free in my head, and has been a privacy deficit that Kagi had created and failed to address… until today.
What is wrong with that comment? Also he is not an engineer, so hopefully he simply didn’t touch the implementation, nor design it, since they had to implement a public standard (although new).
They also opensourced their implementation, maybe you can go and review it.
What’s wrong with the comment? A couple obvious things stick out
1. Not understanding the definition of privacy
When it comes to privacy, third parties “knowing everything about you” is not privacy. Signal is private, Facebook Messenger is not. DuckDuckGo is private, Google is not. There is, and never has been, anything private about a service that directly ties every single search you make to the account that makes it.
(And despite replying to comment calling it anonymity back then - and Vlad calling it anonymity himself - today’s announcement recontextualizes it as a privacy feature.)
2. Explicit paternalism is creepy
The CEO compares his company to your parents, in a positive, “I would do nothing to harm you” way. Leaving aside the fact that many people have terrible experiences with their families and the violation of their privacy throughout their life (perhaps Vlad was extremely lucky), this is a disturbing way to describe his corporation in relation to you. Kagi has inherent power and knowledge that you, the figurative child, simply do not possess.
It might sound like I’m reaching here a bit, but there is a strange paternalism that runs through much of Kagi’s messaging.
- When people criticize them for funding Yandex through a partnership, Vlad responded by simply hiding the relationship.
- When somebody asked him about why that information was removed from Kagi’s website, Vlad demanded to know why it was important for that information to be visible.
This is uncomfortable stuff. Daddy does not inherently know best, let alone a CEO. If a company wants to keep its reputation for privacy, transparency is paramount. Removing transparency because of, perhaps, an inferred lack of intelligence on the consumer side is… Not good.
Tbh, I understood that just as a way to explain the difference between knowing who you are and what you do. I don’t think there was any explicit parallel between company and family. In fact in general I would say the message is pretty clear, they are them and customers are customers.
(BTW, to be picky, neither is privacy. Privacy is not lack of information, privacy is information only accessed by authorized parties. A service that collects data and uses it only for the purpose you agree with (not formally in the sense of 300 pages, really) is still private.)
The rest is very opinable stuff, you do you.
Edit: BTW asking why a feature is important is not paternalistic, and it is done on basically every post there. And why wouldn’t it be? If they need to decide to invest their limited resources they should know why customers want something, people ask all kind of stuff.
BTW, to be picky, neither is privacy. Privacy is not lack of information, privacy is information only accessed by authorized parties. A service that collects data and uses it only for the purpose you agree with (not formally in the sense of 300 pages, really) is still private.
I agree with you halfway here, because privacy is very difficult to define. But I think what you just described IMO is security… plus transparency. For example, Gmail is technically very secure! Your email is safe between you, the recipient, and Google. And you technically consented to Google reading your email. Google has a vested interest in keeping your data to themselves, since leaking it would benefit their competitors. But I agree with you that Google, through its obfuscation, is not giving you privacy.
But I would argue that even if Google was totally honest and understandable, it would still never be private!
I don’t have a good definition for privacy yet, but generally speaking, privacy is when data is withheld from a third party, despite the third party’s facilitation of a service. If the third party is malicious, or the third party is compromised, I want my privacy to remain intact. With the Google example, if Google’s security is compromised, my privacy is explicitly out the window. With something like Signal, my privacy is retained.
BTW asking why a feature is important is not paternalistic, and it is done on basically every post there. And why wouldn’t it be? If they need to decide to invest their limited resources they should know why customers want something, people ask all kind of stuff.
I strongly believe that choosing to withhold information after being criticized about it, and putting the burden onto the end user to prove why the information is necessary, is paternalistic.
I believe the reverse is true: if a corporation chooses to start with holding information that was previously transparent, they should give a damn good reason why they suddenly felt the need to clam up!
I don’t know if you are familiar with the blog post that started an absolute firestorm about Kagi, but I did follow the blogger and it turns out that, if you believe their observations without explicit citation, Vlad has a history of shifting the burden of proof onto the consumer for why they would dare question his service, versus simply providing a service that is as transparent and private as possible.
[A] person wanted to know what LLMs Kagi uses so they would know where their data was being sent. Vlad wouldn’t answer, whining about how “no other business is held to that standard”…
Thinking of their products as privacy focused is a complete smokescreen because they refuse to actually PROVE themselves to be private in any way. They want you to take their word for it…
I don’t think this makes Vlad particularly malicious. In fact, his behavior is in itself a bit transparent (although I find it frustrating that he prefers to use communication channels that are either private or under his personal control, which may easily either be coincidence or intentional).
But I don’t want to be exclusively critical. Because this, the content of the linked post, is exactly what I wanted from Kagi. It looks like they implemented a method where they cannot snoop on searches, even if they felt compelled to do so (either due to external pressure or internal malice). That’s the stuff that matters to me. (And Vlad, if you somehow come across this: do more of this, please.)
Yeah, I read that blog some time ago, and I disagree with a lot of it. Either way, I find kagi to be very transparent, and to be honest they “telling you” in non-legal conversation means nothing (I.e. Vlad answering “we use X, Y, Z”). This is why I care about facts and about legal documents. The privacy policy is what they will be held accountable for and that is what I take as a reference, for example.
Similarly I agree about this feature. This is just a way to walk the walk, and to be really on the forefront on privacy.
I have found a Vlad to be frank, but not transparent. Big difference.
I agree with you that transparency is a positive trait, which is why I was frustrated when he made his website less transparent after people complained about the Yandex partnership.
I did find a different post on Lemmy that talks about [Kagi hiding their sources], though. This post is incredibly thorough, and does an excellent job of undoing Kagi’s attempt to memory-hole the information about which sources they use.
This makes it all the more frustrating that Vlad refuses to re-add them, instead asking to know why we would care.
I hope you’d agree that hiding information is the opposite of being transparent about it!
I agree that legally binding documents, or at least official statements made on the blog, probably carry more weight than the CEO shooting the shit on random social media, but the CEO’s words aren’t meaningless. When trust is involved (and before today, trust was extremely important), it means a whole lot.
I mean his phrasing could have been better but he is right that privacy and anonymity are different.
One question ? Do we have an OpenSource community on Lemmy.World ?
Well this is legit. I recently cancelled my kagi subscription for privacy reasons. This might make me reconsider. Is anyone here with access willing to test it out and report back?
I have it; it works (even in private browsing windows so long as you visit the site logged in, in a non-private browsing window first).
Awesome. Also be sure to use a vpn and and extension to randomize your browser fingerprint!
The extension itself is open source and per them (I haven’t verified on my own) actually takes steps to combat the browser fingerprint problem; so I think it’s really just the VPN side of things that most people need to worry about (at least from the perspective of disassociating their search history and the sites they visit).
Honestly we need something like the Taler payment system
I’m not sure if you do given the account being disassociated from the search… Your bank could know you pay for Kagi, but that doesn’t mean anyone knows what you search.
