It depends on what you mean by privacy, as the apps you’re asking about actually do different things.
And it also depends on exactly who you do, or do not, trust.
It’s that trust issue that everything pretty much hinges on.
Despite its name it does not make https work “everywhere”.
Its job is very, very simple:
- If you visit a site using http (no “s”)
- AND that site actually supports https
- HTTPS Everywhere will THEN switch your connection to that site to https
Since there’s no real “test” for whether a site supports https, the plugin uses a database of known sites that is updated periodically, and to which you can make local modifications.
Note that if a site does not itself actually support https, then HTTPS Everywhere cannot force the https connection – you connect via the normal http anyway.
HTTPS Everywhere: privacy
The privacy given by HTTPS Everywhere is simply that offered by making sure you use the https protocol wherever it is supported. That means your connection cannot be monitored by someone listening in2.
What https (the protocol) and HTTPS Everywhere (the add-on) do not control is what happens on your computer, and what happens at the service provider’s servers. Your computer, including any malware that may be on it, can monitor what your browser does. The service you’re contacting via https can do whatever it wants with the data you send it.
HTTPS Everywhere: trust
HTTPS Everywhere is a browser add-on that can monitor all of your browser’s activity. By using it you are trusting that the EFF, its development partners, and in fact the individual developers are not using this ability for purposes other than advertised. HTTPS Everywhere is an open-source project, and available for independent verification.
You are also trusting that your computer is malware-free, and that the service you’re contacting is secure, and not using your information maliciously (two different things).
HTTPS Everywhere: my bottom line
Personally, I trust the EFF. I also trust my machines, and I only use services that I trust. As a result I can recommend HTTPS Everywhere, and in fact have it installed myself. Just be aware of what it does, and does not do. All it does is enable https connections for those services that support https.
Disconnect.me is a browser plugin available for most popular browsers, again, with the exception of Internet Explorer.
Its job is simply to block requests that are made by web pages to known advertising and other tracking services. It claims more and faster coverage than other blocking technologies. It also shows you graphically what requests have been blocked, and allows you to add exceptions as desired. It does not affect connections that are not blocked.
Advertisers and other web visit-based tracking technologies that are in Disconnect’s database are prevented from providing their services, and thus are not informed when you visit web pages. Your activities are not shared with them.
Disconnect is a browser add-on that can monitor all of your browser’s activity. By using it you are trusting that the company behind it is not using this ability for purposes other than advertised, and that it does what is advertised; since for many types of blocks there is no visible change. Disconnect is an open-source project, and available for independent verification.
Disconnect: my bottom line
I have enough faith in Disconnect to say that if you feel you must use a blocking technology it’s a fine one to use.
However, that doesn’t mean I don’t have a problem with it.
The fundamental assumptions that Disconnect.me and apps like it make are simply that all advertising is bad, and all tracking is bad; and that both practices expose information of a personal nature to people that it shouldn’t be exposed to.
As I’ve said elsewhere, advertising is a cornerstone of what keeps Ask Leo! and hundreds of thousands of websites like it viable. I can’t speak for the other sites, but I can say that if enough people were to block ads Ask Leo! simply would not exist. Period. Ads are essential to keeping the information you and I rely on every day free. The fact that ads you see might be relevant to you reflects a certain level of tracking, it’s true. But that tracking is used only by algorithms that provide relevant ads. No one is watching.
Similarly, other services that might be considered “tracking” are, in reality, key components of understanding exactly how my website is being used, or actually themselves adding functionality to the site. This is critical for me to continue to build a successful business around freely handing out valuable information. I can easily assume that the same is true for other sites.3
And finally, the assumption being made is that what tracking is happening is somehow personal. In my opinion this is simply wrong. As I’ve also said before, you and I are not, as individuals, all that interesting. In aggregate it’s very valuable to see that “a lot of people are reading this article”, or “clicking on that ad”. No one cares that “Leo’s reading this article”, or that “Leo just clicked on that ad”. Unfortunately, since information is collected at the individual level, too many people don’t trust that it’s only being used in aggregate, and somehow feel that they – personally – are being tracked.
So, no, I cannot in good conscience recommend this, or any blocking tools that interfere with honest website owners such as myself.
DuckDuckGo is an alternative search engine, created in response to the feeling that other search engines, most notably Google, are using individual search habits to track people and provide relevant advertisements. It claims not to track you in any way, and displays only a limited number of advertisements, clearly, in its search results. DuckDuckGo was, I believe, one of the first to automatically switch to an https connection regardless of how you arrive at the site.
To the extent that they do what they say, they are indeed giving you an extra level of privacy. Your search activity is not being tracked.
When you use DuckDuckGo you are trusting that they will do what they say, and not track you.
DuckDuckGo: my bottom line
I tend to judge a search engine by the appropriateness and relevance of its results. To me the answer to a given search query is by far the most important thing. While I’ve tried alternate search engines from time to time, in my opinion Google search still wins that race. (DuckDuckGo actually gets its results from a variety of sources.)
So I stick with Google.
However there’s nothing wrong with using alternatives like DuckDuckGo.
My bigger concern is in thinking that you’re getting something significant when, in my opinion, you’re not. As with blocking, above, I just don’t agree that there’s currently a significant threat to personal privacy when using mainstream search engines, including Google. Yes, aggregate information is collected and used for assorted reasons, but once again you and I just aren’t that interesting as individuals. Even advertisements that seem to “follow you” as a result of previous searches simply reflect the technology’s ability to try to present you with things that are in fact more relevant to you. That doesn’t mean that someone cares or is watching; it means that somewhere a computer algorithm is working.
But as always, the choice remains yours, and that’s one of the very wonderful things about the internet in general: choice. And as I said, I have no issues with choosing DuckDuckGo.