"THE COLLECTIVE LIABILITY OF Kagi AND THE INDEMNIFIED PARTIES UNDER THIS AGREEMENT WILL NOT EXCEED $500 (FIVE HUNDRED DOLLARS)."
Why not limit liability to amounts received under the agreement. If the customer spends US$1000 on searches, then Kagi breaches the agreement, the customer can only recover "$500". WTF. Why is this so one-sided. That's left as a question for the reader.
There have been attempts in the past to insulate web searchers from Google's data collection but I do not recall anyone charging fees, openly engaging in data collection themsleves and asking paying customers to agree to a ridiclously low limitation of liability.
In these cases, one was trusting a potentially random person running a proxy, for lack of a better term. However no account, no credit card or other payment was required.
But that is not what Kagi offers. It requires disclosing one's identity via payment and account creation. It requires assenting to data collection. No way to opt-out. And to top it off, it requires agreeing to an pernicious limitation of liability.
In theory, having a paid agreement with a search engine website operator seems like it could be useful. The customer could, e.g., have an enforceable agreement with the website operator that prohibits the operator from certain activities, e.g., collecting data about the customer's use of the website and using it for financial gain or in a manner detrimental to the customer. If the operator breaches the agreement, then she can sue the operator.
What does Kagi actually promise to do or not do under this agreement. It promises:
"We will be good stewards of any personal information you share with us and we promise not to share your data with anyone else in any way, shape or form. Kagi's entire business is funded by its users and Kagi has no intention or interest in manipulating or monetizing user information in any way."
Why is "your data" not defined. For example, data that Kagi and its partners collect from your use of Kagi is arguably not "your data", it's Kagi's data. If it's Kagi's data then it can be shared with anyone "in any way, shape of form." Further, why is "user information" not defined. Is data collected about how people use Kagi considered "user information". If not, then it can be manipulated and monetised in every way.
Beyond the two statement about being good stewards, this entire "policy", like most "tech" company privacy policies, only states what the operator already does or does not do. At the same time it makes no warranties, so any statements about what it does or does not do could be grossly misleading or even false. There could be, and almost certainly is, other relevant information about what it does with the data it collects that is not disclosed.
A common tactic is to claim data is only used to improve the "product" or "service". Yet it is never disclosed exactly how this data is used to do that. What if the customer disagrees that such usage is actually improving the product/service. It leaves enormous discretion to the operator to use collected data however it sees fit. The customer cannot grant or deny consent for using data in some specific instance. She is not even informed about the instance, e.g., "We used would like to use your data to do X."
Other than the statement above about stewardship and keeping data for itself, does the operator does make any promises that it will do or refrain from doing anything in the future.
"We do X" is not a promise. "We will do X" is a promise.
How does the operator satisfy its performance under this agreement. For example, what if the website stops working. The only thing it has agreed to do is "be good stewards" of data it collects, whatever that means. Performance is satisfied by being god stewards. Nevermind actually providing a product or service. It appears the goal of the operator is to collect data. The "product" is only a means by which to do so. This collection will be financed by user fees.
As the GoogleSharing and Scroogle examples demonstrate, it is possible to provide web search without collecting data.
"THE COLLECTIVE LIABILITY OF Kagi AND THE INDEMNIFIED PARTIES UNDER THIS AGREEMENT WILL NOT EXCEED $500 (FIVE HUNDRED DOLLARS)."
Why not limit liability to amounts received under the agreement. If the customer spends US$1000 on searches, then Kagi breaches the agreement, the customer can only recover "$500". WTF. Why is this so one-sided. That's left as a question for the reader.
There have been attempts in the past to insulate web searchers from Google's data collection but I do not recall anyone charging fees, openly engaging in data collection themsleves and asking paying customers to agree to a ridiclously low limitation of liability.
Two examples:
https://www.macworld.com/article/204924/googlesharing.html
https://en.wikipedia.org/wiki/Scroogle
In these cases, one was trusting a potentially random person running a proxy, for lack of a better term. However no account, no credit card or other payment was required. But that is not what Kagi offers. It requires disclosing one's identity via payment and account creation. It requires assenting to data collection. No way to opt-out. And to top it off, it requires agreeing to an pernicious limitation of liability.
In theory, having a paid agreement with a search engine website operator seems like it could be useful. The customer could, e.g., have an enforceable agreement with the website operator that prohibits the operator from certain activities, e.g., collecting data about the customer's use of the website and using it for financial gain or in a manner detrimental to the customer. If the operator breaches the agreement, then she can sue the operator.
What does Kagi actually promise to do or not do under this agreement. It promises:
"We will be good stewards of any personal information you share with us and we promise not to share your data with anyone else in any way, shape or form. Kagi's entire business is funded by its users and Kagi has no intention or interest in manipulating or monetizing user information in any way."
Why is "your data" not defined. For example, data that Kagi and its partners collect from your use of Kagi is arguably not "your data", it's Kagi's data. If it's Kagi's data then it can be shared with anyone "in any way, shape of form." Further, why is "user information" not defined. Is data collected about how people use Kagi considered "user information". If not, then it can be manipulated and monetised in every way.
Beyond the two statement about being good stewards, this entire "policy", like most "tech" company privacy policies, only states what the operator already does or does not do. At the same time it makes no warranties, so any statements about what it does or does not do could be grossly misleading or even false. There could be, and almost certainly is, other relevant information about what it does with the data it collects that is not disclosed.
A common tactic is to claim data is only used to improve the "product" or "service". Yet it is never disclosed exactly how this data is used to do that. What if the customer disagrees that such usage is actually improving the product/service. It leaves enormous discretion to the operator to use collected data however it sees fit. The customer cannot grant or deny consent for using data in some specific instance. She is not even informed about the instance, e.g., "We used would like to use your data to do X."
Other than the statement above about stewardship and keeping data for itself, does the operator does make any promises that it will do or refrain from doing anything in the future. "We do X" is not a promise. "We will do X" is a promise.
How does the operator satisfy its performance under this agreement. For example, what if the website stops working. The only thing it has agreed to do is "be good stewards" of data it collects, whatever that means. Performance is satisfied by being god stewards. Nevermind actually providing a product or service. It appears the goal of the operator is to collect data. The "product" is only a means by which to do so. This collection will be financed by user fees.
As the GoogleSharing and Scroogle examples demonstrate, it is possible to provide web search without collecting data.