Feature request: Use different search engine in private browsing

[smmr0]

A useful feature for me would be the ability to choose a different search engine in private-browsing mode instead of logging into Kagi. For example, I could set my search provider to Kagi, and in Kagi's settings I could choose to use DuckDuckGo in private-browsing mode.

My instinct is that this should be possible with the WebExtensions browser.search API in Firefox. Unfortunately it looks like Chromium's chrome.search API doesn't have the necessary features.

[vprelovac]

Can you explain the use case bit more. Why would you want to use a different search engine (not Kagi) in private browsing?

In addition there are browsers (like Orion) which allow to specify a different search engine for private browsing.

[DanH42]

I'm not the OP, but I can hazard a guess: unlike approximately every other search engine available today, Kagi requires a login session tied to an individual user. You can have the greatest, most user-centric privacy policy on the planet, but that still ultimately requires users to trust Kagi to honor that policy as expected. There are numerous ways that this expectation could potentially be broken, with varying levels of probability. Some examples off the top of my head:

• Kagi disregards their own privacy policy and collects/shares data that they explicitly promised not to (but are still fundamentally in a position to collect)
• Some piece of software used by Kagi is misconfigured and includes identifying information in logs that were supposed to be anonymous
• A user's interpretation of Kagi's privacy policy doesn't align with its legal meaning
  • Intentionally: a vague phrase like "only the data needed to provide and protect the service" is used to conceal some specific use that users might object to if it was clearly spelled out
  • Unintentionally: a user is aware of Kagi's high-level privacy commitments, but hasn't read the entire document and is unaware of data processing performed by third parties, e.g. Sentry (are their services truly essential? Some could argue yes, others no)
• Kagi's values shift over time and become less privacy-friendly
• Kagi receives an NSL or other government demand for user data that includes a gag order (a warrant canary is a good start, but their legality is tenuous at best)
• Kagi is breached by a malicious actor that starts collecting data that was supposed to be immediately discarded

At least for me, it's possibilities like these -- however unlikely -- that make me hesitant to switch to Kagi in the first place, and would be doubly concerning in private browsing scenarios. Paying for a better service is an easy sell for me, but using a search engine that requires a unique login at all times is another matter entirely. Simply not signing into an account obviously isn't a perfect defense against all the examples above, but it's certainly a good start.

Assuming something along these lines is a common reason why some Kagi users would want to use another service to perform private searches, I also wonder if some sort of blinded token, along the lines of Privacy Pass, could be an acceptable solution. It might only be viable to offer to users on an unlimited plan, but an authentication mechanism that can prove that I've paid to use the service without ever giving any indication whatsoever of who I am is something that I'd find very interesting. Even if it may be a bit overkill for the average user, offering an option to enforce privacy cryptographically rather than just legally would also be a great marketing signal for some of Kagi's more paranoid prospective users.

[smmr0]

@DanH42 You put that into much better words than I ever possibly could have, and you included a ton of nuance that I hadn't even considered. Thank you so much!!

[uladz-zubrycki]

Just in case, Firefox, in addition to the already mentioned Orion browser, also supports setting a different search engine for private browsing. See https://superuser.com/a/1527549

You'll need to

1. Go to about:config;
2. Set

    browser.search.separatePrivateDefault = true
    browser.search.separatePrivateDefault.ui.enabled = true

3. Go to search engine settings and choose one for your private windows.

And I personally prefer that to setting a Kagi's session link.