Our everyday internet experience would be incomplete without the search engine. Despite their utility, search engines pose grave risks to inattentive users. People are often unaware that search engines come with a hefty price tag. Not only do these companies track your every move online and monitor your browsing habits, but they also collect data from you to monetize it by selling it off to third parties. That's how many of them make their money!
As the global search engine market continues to expand and is projected to reach a sizable US$ 20.6 trillion by 2027, Neeva enters the playing field as an ad-free search platform designed for privacy protection. Spearheaded by a former Google executive and aimed at advertisement agencies that require data for targeting purposes, this new option in the space claims to offer users unparalleled security with their web searches.
Neeva was created by Sridhar Ramaswamy, the esteemed former Vice President (VP) of Advertising and Commerce at Google. Neeva is a new ad-free private search engine that claims to preserve user privacy by not tracking browsing habits or behaviour. According to the company, it earns money from paid subscriptions rather than advertisements. Thus, there is no point in mass surveillance and monitoring behaviour for collecting data.
However, companies seeking a comprehensive privacy solution cannot rely on company claims alone. So, is Neeva really secure?
Neeva is undoubtedly an intriguing and promising platform. Relying on a subscription-based earning model, Neeva appears to be meeting its financial objectives without engaging in underhanded tactics. Furthermore, it pledges that users' search histories and behaviours will remain confidential at all times. However, it's worth exploring its terms and conditions to determine whether or not it is truly secure.
Neeva can handover your data to the government
According to US law enforcement and regulations, any organization or service operating in the US must cooperate with the government as per valid court orders. If you go through Neeva's privacy policy, it says:
"We, in good faith, believe doing so is required or appropriate to: comply with law enforcement or national security requests and legal processes, such as a court order or subpoena; protect your, our or others' rights, property, or safety; enforce our policies or contracts; collect amounts owed to us, or assist with an investigation or prosecution of suspected or actual illegal activity."
However, other companies may not be as compliant as Neeva in handing over user data to the government. Today, all modern VPN services run on this complete privacy principle.
2. Neeva indirectly consumes data
Neeva knows that Google, Microsoft, and other search engine-based companies, especially on the surface web, track user behaviour and sells their data to ad and marketing agencies. Yet, it enables Single Sign On (SSO) with Google, Microsoft, and Apple. Again, the Neeva search engine delivers frequently used handy apps on the right side of the search results. Users can easily connect these apps using Microsoft, Google, and Dropbox accounts. Neeva's privacy policy says,
"We may collect information about your contacts from the accounts you choose to connect to our Services."
So, if users connect their accounts, it says that it will import user data to enhance the search results.
3. Your credit card details are available
The cost of Neeva's paid subscription is about the price of two cups of coffee per month. The policy does not mention Bitcoin, PayPal, or any such payment system. The policy says, "The credit or debit card information you provide as part of the Account Data." It means they will keep all payment details on file without elaborating on its data destruction policy. Hackers can easily steal users' payment details if the system is breached.
4. Indirect push to account creation
Although the search engine will never require you to register, it may seem suspicious, with its home page featuring a functional search bar that looks more like a demo screenshot. Looking different from all of the other obvious search bars we've seen thus far, users who don't click this one may be led to sign in - prompting them to connect their service through Single Sign On (SSO) using existing accounts such as Google or Microsoft and leverage data accordingly.
Conclusion
With the recent rise of data breaches and other security-related issues, privacy is becoming increasingly vital. Therefore, it's imperative for both individuals and businesses to be mindful when selecting a search engine. Despite its sincere effort, Neeva still falls short in some areas when it comes to protecting users' data. Before signing up for the service, make sure to read their privacy policy thoroughly and consider whether or not the risks are worth taking.
December 25 - Blog
It's official: Packetlabs has been recognized as one of the top penetration testing companies in 2024 on review platform Clutch.
December 10 - Blog
Hardware token protocols: what are they, and what role do they play in your organization's cybersecurity? In today's article, our ethical hackers outline the most common hardware token protocols.
October 24 - Blog
Packetlabs is thrilled to have been a part of SecTor 2024. Learn more about our top takeaway's from this year's Black Hat event.
© 2024 Packetlabs. All rights reserved.