[tschakkaMarc]

Hi – thanks for the feedback. I’m Marc (disclaimer, I work at Cliqz). The goal of the collaboration was to jointly build a better, more private search engine. Don’t forget that every major browser today sends every keystroke of the Omnibar to either Google or Bing. No privacy mechanism in place (and don’t even get me started on all the tracker madness). We wanted to jointly replace that. Cliqz is building a new search from ground up with privacy by design. In the end the collaboration didn’t work out (for many reasons, lack of privacy was not one of them though). Firefox changed back to Google as search provider. Coming back to your point: There are many services that can’t be built without data. Search is one of them, without data you will have a very bad search engine, impossible to compete. We explain this in detail here: https://0x65.dev/blog/2019-12-02/is-data-collection-evil.htm... . We took maximum scrutiny, and this article about Human Web is exactly there to explain how we collect data that is needed, without the side effect of collecting personal data. We are so transparent about this, because we want the scrutiny. Our business does not depend on collecting personal data or actually any data. But our product needs a lot of data. Denying anyone to collect data – even if they are as open, transparent, and without any interest in personal information – just means you support those that are the incumbents and have no interest in privacy.

[JohnFen]

> Denying anyone to collect data – even if they are as open, transparent, and without any interest in personal information – just means you support those that are the incumbents and have no interest in privacy.

This is a really weird argument to make. It comes off as extortionate (if you don't let us have the data, then even worse people will have the data).

[dessant]

Is there a detailed writeup on the Human Web proxy network, specifically on the data transmission? It would be interesting to see how does it prevent Cliqz and proxy server operators from learning the user's IP address. Was Tor evaluated as an alternative for data transmission?

[philippclassen]

(disclaimer: I work at Cliqz) Not yet, but I'm literally working on it (or rather taking a break from working on it).

Short answer: The proxy will see your IP but does not share that information with us. To prevent the proxy from reading your content, we need to end-to-end the communication (and prevent statistical attacks based on the size of the encrypted data and so on).

Regarding Tor: Yes, we experimented with sending through Tor. The main issue is that our code needs to run in a WebExtension, which is a restricted environment. You can only use WebSocket communication but no real TCP sockets. The next blog post in the series has more information and has a link to the code of our experimental Tor client (the native Tor client compiled with WebAssembly to be used in a WebExtension).

I hope the post will address your open questions. If not, you can ask tomorrow about the details of HPN.

[philippclassen]

https://0x65.dev/blog/2019-12-04/human-web-proxy-network-hpn...

There is also a new thread about it: https://news.ycombinator.com/item?id=21704850

[pythux]

There is and it is planned for tomorrow! Stay tuned. As a small spoiler... We experimented with Tor in the past for this proxy network and it worked well but had other constraints (more tomorrow). Currently we rely on a third-party proxy provider (with a custom contract: they don't keep logs, etc.) and heavy crypto to make sure that we do not get any network-level information about users, and the proxies do not get any information about the content of messages. In Cliqz browser it's also possible to enable search through this proxy network for anonymity!