Startpage Acquired by System1, Privacy One Group – Still Safe?

Recently there has been lots of talk about Startpage being acquired (or at least partially acquired) by a US company called Privacy One Group, which is a division of System1, a “data science” company that specializes in targeted advertising.

A reddit post titled, “Startpage is now owned by an advertising company” kicked off an interesting discussion that prompted many to consider alternatives.

This article will examine my findings from researching these developments with Startpage, System1, and the “Privacy One Group”. It will also explain why Startpage is no longer recommended by Restore Privacy.

Who owns Startpage now?

The exact answer to this question is not entirely clear – and it seems that is intentional.

In September 2019, Startpage posted an announcement where they explained (archived),

We most recently welcomed Privacy One Group Ltd, a privacy-focused division that is a separate operating unit of System1 LLC, as a significant new shareholder. Surfboard Holding’s founders and management continue to own an important stake in the company and lead its privacy focused-mission.

This vague statement raises many questions about the exact ownership structure and what “important stake” truly means. System1 and the “Privacy One Group” are apparently operating out of the US, while Surfboard Holding BV is a company in The Netherlands.

Here is the System1 leadership from their Who We Are page, with Michael Blend now sitting on the board of Surfboard Holding BV (as we’ll examine further below):

Also concerning is that the Privacy Policy of Startpage makes no reference to the new ownership structure and continues to suggest it is strictly a Dutch company.

Startpage.com is owned and operated by Startpage BV, Postbus 1079, 3700 BB Zeist, The Netherlands.

There is no mention of System1 or the Privacy One Group, the members of which now hold an “important stake” in Startpage. Questions about the exact ownership structure have gone unanswered, aside from general statements.

But before digging deeper, let’s cover some basics.

When “privacy tools” don’t respect your privacy

One theme we’ve often discussed here at Restore Privacy is the growing trend of data collection that is carried out through cleverly-marketed “privacy tools”. Three examples illustrating this trend are:

• Browser extensions that collect data for third parties, effectively functioning as spyware.
• Free VPN services that collect data that is sold/transferred to third parties, or used by the parent company for targeted ads.
• Various “security” apps in the Google Play and Apple stores that are riddled with malware and tracking libraries.

We’ve also noticed various privacy tools that are bought up by outside companies, which may have a fundamentally different mission and business model. One example is with CyberGhost, a Romanian VPN service that was purchased by Crossrider, a company that produces malware for data collection.

How does this relate to System1 and the creation of the “Privacy One Group” that was used to acquire Startpage?

What is System1 and the “Privacy One Group”?

There appears to be very little information about the “Privacy One Group”.

While some are suggesting that this entity may be just a facade of privacy for the parent company System1, I’m not going to speculate. Ultimately, we don’t know much about the company – and neither Startpage, nor System1, nor Privacy One Group are offering these details.

Based on quotes from System1 leadership, it appears that the parent company (System1) is heavily involved in data collection and targeted advertising. Below are a few quotes, emphasis is mine.

From CSQ (archived):

“Our philosophy,” [Michael] Blend explains, “is that someone may want a product or service but has not yet done a formal search … we call that latent intent, intent that has not yet been demonstrated … we identify that in consumers based on a large variety of proprietary data.”

“In our business,” Blend adds, “if we can gather as much data as possible, give it off to our engineers and data scientists, and then manage the two effectively, the business can quickly scale.”

The keywords from above are “gather as much data as possible” to identify consumer intent.

From System1 (archived):

System1 is a consumer internet and applications company with the most powerful audience expansion platform in the industry. As one of the largest purchasers of digital advertising in the world, we are redefining user acquisition through paid marketing and are able to attract new audiences at scale for our properties and our partners. Our proprietary best-in-class buy/sell technology platform leverages our advanced data science capabilities and strategic partnerships. Founded in 2013, the company is headquartered in Venice, CA, with additional offices in the U.S., Canada and the UK and has over 275 employees.

Data collection and advertising go hand-in-hand, just ask Google – or the people behind System1. From the Los Angeles Business Journal:

System1 uses statistical and machine-learning models to group consumers into thousands of audience profiles, which then are used to match those consumers with relevant advertising, said Chuck Ursini, chief executive of the firm, in an email.

“A search engine typically determines consumer intent when a consumer enters a search term into a search box. However, less than 5 percent of time online is spent searching at a search engine,” Ursini said. “Our pre-targeting algorithms work by identifying consumer intent the other 95 percent of the time online.”

And lastly, from a Biz Journals article:

System1 raises $270 million for ‘consumer intent’ advertising

Silicon Beach ad-tech firm System1 has closed $270 million in financing.

Founded in 2013, the Venice, California-based company, formerly known as OpenMail, is an independent marketplace for keyword pay-per-click advertising.

System1 has developed a pre-targeting platform that identifies and unlocks consumer intent across channels including social, native, email, search, market research and lead generation rather than relying solely on what consumers enter into search boxes.

The round was led by Court Square Capital Partners, a New York middle-market private equity firm.

Startpage originally bragged about how their users would not be targeted based on data profiling. Instead, Startpage would server ads based only on what the user entered into the search box. As a business model, System1 appears to do the opposite.

Board member changes at Surfboard Holding BV

Public records show that both Michael Blend (co-founder of System1) and John Paul Civantos (Managing Partner at Court Square Capital) joined the Surfboard Holding board of directors on December 31, 2018.

English translation of corporate records:

So here we have an investor from New York and the co-founder of System1 sitting on the board of directors for Surfboard Hoalding BV, the parent company of Startpage. Ian Weingarten is currently the CEO of System1 and Robert Beens is the CEO of Startpage.

Also notice that this change happened on December 31, 2018. Yet Startpage’s leadership did not make any announcement of this change until October 2019, where they described it as a “most recent” change. I do not think that a nine-month delay is a “most recent” development.

Why did they wait so long to tell people?

Can Startpage, System1, and the “Privacy One Group” be trusted with your privacy?

Short answer: you decide.

Choosing privacy tools is a subjective process and everyone has their own unique needs and threat model. When making this decision, you should examine the facts and assess whether a product or service meets your needs.

With that being said, my general rule here at Restore Privacy is to only recommend products and services that I would personally trust and use myself. Therefore I will not be recommending Startpage as a private search engine due to some lingering concerns I have. These concerns include:

• The fact that System1 has acquired a stake in Startpage and is not disclosing the details.
• The history and business model of System1, which includes gathering “as much data as possible” and profiling users for targeted ads.
• The board of directors change at Surfboard Holding BV, to appoint the System1 co-founder and an outside investor.
• The nine-month delay in alerting the public to these changes, and then announcing it as a “most recent” change.
• The contradictory business models of System1 and a truly private search engine.

There are some in the privacy community calling System1 a “surveillance company” – but I will avoid any speculation and simply focus on the facts. I see no evidence that System1, the Privacy One Group, or Startpage are violating any of their own policies or laws.

In preparation for this article, I asked Startpage to provide answers and clarification on the following items:

1. The percent of Startpage and Surfboard Holding B.V. (the Startpage holding company) System1 acquired in December 2018.
2. The current percent ownership by System1 at the time of the audit (and any other major owners).
3. Information about Privacy One Group Ltd. Where is it registered, and in what city, state and country does it operate? Who are the owners? How exactly is it connected to System1 and the people behind System1?
4. A diagram of data flows, including flows to outside organizations, like System1, Privacy One etc.

Startpage has not answered any of these questions. I will continue to monitor the situation and update this article and my recommendations based on new information.

Startpage is no longer being recommended in the private search engines guide. It has also been removed from the list of Google search alternatives and privacy tools.

Similarly, PrivacyTools.io has also delisted Startpage, as they explained here.

Final thoughts

Startpage’s About us page still warns users about the dangers of data collection and how this gives data collectors the ability to “virtually own you.”

Problem is, the new board members and owners of Startpage are literally in the business of gathering “as much data as possible.”

See my updated guide on the best private search engines for the latest recommendations.

Update: Startpage offers further clarification 

Just two days after posting this article, Startpage released two new support articles:

• What is Startpage’s relationship with Privacy One/System1 and what does this mean for my privacy protections?
• Startpage CEO Robert Beens discusses the investment from Privacy One / System1

In short, these articles confirm what we suspected, that System1 has majority ownership in Startpage, through their subsidiary the “Privacy One Group”. This is no surprise, especially given the changes to Surfboard Holding’s board.

The new articles posted by Startpage include statements from Robert Beens (CEO, Startpage), Michael Blend (Chairman, System1), and Ian Weingarten (CEO, System1). These statements attempt to restore faith in Startpage’s privacy protections and policies. Whether you want to trust these claims or not is your decision.

At the end of the day, an American ad-tech company that seeks to “gather as much data as possible” is still the majority owner of Startpage, a search engine that could be used to collect data.