One of many "sponsored" tweets (promoted for a fee) that spread lies and misinformation

The Startpage saga has come to a phase of personal attacks or ad hominem tactics. They try to personify the issues and create a phony 'personal' controversy. Seeing that System1 turned Startpage into a surveillance site/company (perhaps fully owned or almost fully owned by System1), now there's a deflection and blame game. They attack the messengers, using innuendo of course, and pretend to be the victim (playing the victim has always been a classic strategy). Perhaps this is expected when one's "side" in a debate isn't supported by facts. We don't want to name any names or link to the personal attacks, but they're out there. There's suspicion that some act as 'proxies' of the accused. Heck, some are literally employed by the accused!

"After persistent pressure they admitted it, but they claim to preserve anonymity (those who have followed many scandals since the famous AOL scandal are aware that de-anonymisation is almost always very easy -- there's a body of scholarly work to that effect too)."Our investigation of this matter will of course persist. We already know (it's confirmed by the accused) that data is being passed from Startpage to System1 for advertising purposes. After persistent pressure they admitted it, but they claim to preserve anonymity (those who have followed many scandals since the famous AOL scandal are aware that de-anonymisation is almost always very easy -- there's a body of scholarly work to that effect too).

This is an area I deal with at work. Here's what readers might want to know about data anonymisation, data re-identification, de-identification, and k-anonymity. Andrew Orlowski wrote about such issues more than 13 years ago in "AOL publishes database of users' intentions" (it even made it public! It did not just pass it to advertisers!).

Pseudonymization is a suitable term here. As Wikipedia puts it: "The pseudonym allows tracking back of data to its origins, which distinguishes pseudonymization from anonymization, where all person-related data that could allow backtracking has been purged. Pseudonymization is an issue in, for example, patient-related data that has to be passed on securely between clinical centers."

"Must there be some kind of identifier in order to have System1 process data for Startpage that gets back to a user?"

One reader asked us that. We used to recommend Startpage, so we suppose some of our readers still use it and are now rightly concerned. "It might not be an IP," our reader continued, "maybe an IP substitute? This is a generic question."

There's lots more to go by, including cookies and additional data that is passed around recklessly by so-called 'data brokers'. It's a vast and very shady 'industry' -- a so-called 'industry' in which System1 is a prominent player.

"Stay away from and keep a distance from Startpage. They're liars and charlatans, pretending to value privacy whilst actively betraying it.""I am also not clear as to how Startpage can hand even anonymised or fuzzed data to a behavioral ad company like System1 for processing," our reader continued. "Wouldn't that need to be divulged in the Startpage policies? Maybe the privacy policy is actually accurate because technically Startpage itself is doing what it says and doesn't mention what other organisations might do or what organisations it might share data with?"

Yes, that's a known loophole. With GDPR care is taken to ensure third parties aren't leveraged as loopholes -- means by which to bypass the law or outsource/offshore the abuses. That has happened a lot.

"I reached out to another computer expert," our reader noted, "and got a plausible explanation for how System1 might process Startpage data without getting user personal info and then get it back to the user."

It's really unhelpful that Startpage has been so facetious about it; it also should be considered a major breach of trust that Startpage gave in to System1 about a year ago without telling anyone (until it came up with this ridiculous spin). There's no ‘Privacy One Group’; it's like an offshore account/shell. Stay away from and keep a distance from Startpage. They're liars and charlatans, pretending to value privacy whilst actively betraying it. They think they're being clever about it with their shameless marketing campaigns, but geeks aren't gullible enough to fall for "sweet talk". ⬆