Sign in Subscribe

Confidential search: solved

Confidential search: solved

Legal clinics at law schools and lawyers generally should exercise caution when entering client-specific information into general search engines like Google. While the risk of prosecution remains relatively low, asking Google "asylum applicant credible fear interview denial Ethiopian Tigray region sexual violence CBP El Paso December 2024" creates unnecessary vulnerability. The clinic might desperately need recent case law and success rates for similar credible fear appeals to determine the best legal strategy. But this query reveals extraordinarily sensitive information about a specific client—their nationality, region of origin (which may indicate ethnicity in a conflict zone), the nature of their persecution claim (sexual violence), their location, and recent timeline. In rare but documented cases, immigration enforcement attorneys have subpoenaed search providers for records, potentially allowing them to identify specific asylum seekers through detailed queries before cases are decided, compromising client safety and confidentiality.

Moreover, prosecutors don't have to rely on Google itself if you use that search engine for legal research. Under the crime-fraud exception to attorney-client privilege, aggressive prosecutors could argue specific search queries evidence fraud, obtaining them through computer warrants of your devices. This makes detailed immigration research and other forms of what might seem to be pure legal research potentially hazardous for attorneys using conventional search engines without proper safeguards."

Although one could try to reduce the risk by inputting more opaque searches into Google or using VPNs to mask IP addresses, there's a more fundamental question that should be considered: Should I be putting this information into any third-party search engine at all?" Alternate search engines like DuckDuckGo and use of virtual private networks are partial steps. But even DuckDuckGo, despite its privacy-focused marketing, may not completely solve the fundamental ethical problem, at least not without potentially compromising on search quality. You're still creating a record, still trusting a company's privacy promises (which can change), and still potentially waiving privilege by voluntary disclosure to a non-agent third party. When a prosecutor subpoenas search records two years from now—perhaps after the company is acquired, or privacy policies change, or new data retention laws pass—the question won't be which search engine you used. It will be why you thought it was appropriate to transmit identifying client details to any commercial search provider at all. Also, it may be that DuckDuckGo is just not as good at getting you an answer as the search engines to which you are accustomed.

There is, however, a solution that sidesteps the third-party disclosure problem entirely: running your own search infrastructure locally. SearXNG is an open-source metasearch engine that aggregates results from multiple search engines without sending your queries—or any identifying information about you—to those providers. When you run SearXNG inside a Docker container on your own machine or local server, your searches never leave your control. No company stores your queries. No privacy policy can change retroactively. No acquisition can compromise your data. And no subpoena can reach records that simply don't exist in anyone else's possession. And SearXNG can and does access multiple search sites to bring you a composite response that, in my experience, is generally very strong.

For law clinics and solo practitioners concerned about client confidentiality in the digital age, SearXNG represents what legal research databases provide for case law: a way to get the information you need without creating unnecessary third-party records. Better still, as we'll explore in a future post, SearXNG is a gateway to using LibreChat, which enables attorneys to use AI tools for legal research without the ethical complications of sending client information to OpenAI, Anthropic, or other commercial providers.

With the motivational component of this blog post now in the rear view mirror, it is time for the "how to." How do you actually get SearXNG up and running on your local machine and what is the experience of using it actually like.

Docker Desktop

There's a prerequisite for SearXNG search: you must get Docker Desktop running on your machine. Although Docker is often recommended when simpler solutions will suffice, in this case it is pretty much of a necessity. Fortunately, installing Docker Desktop is no more difficult than installing most other modern software.

Go to docker.com. Create an account. It will ask you how you wish to authenticate, using Github, Google, an email account or SSO. If you have a Github account, use that. It can make life easier down the road. If not, you can either create a Github account (not hard) or authenticate via Google or your email. Once you have the docker account, download Docker Desktop for your system. You will need to know what kind of machine Docker will be running on. If you don't know, I've put a cheat sheet in the Appendix 1 to this post.

The installation will follow the usual protocols for your system. Once it is installed, launch it in the usual way. You should see something like this. You may not have any running "containers" yet. So you won't see open-webui or librechat. Don't worry about that. Leave Docker Desktop running.

With Docker Desktop installed, we can move on to activating a SearXNG "container."

SearXNG

Find the SearXNG installation documentation here. You really need only to follow steps 1 and 2. Here is my clarification. When you search for searxng within Docker Desktop you should see something like this:

Click on the top one that has been downloaded over 10 million times. You are in good company. You will then see something like this.

Click the blue Run button. You should then see this:

Don't hit Run yet. We need to configure some settings first. Instead, click the down arrow for Optional settings. You will see this:

This is how I fill out the form. I put SearXNG as the Container name. And I set the Host port to 55006.

Having done so, I hit Run. Wait a few moments and SearXNG should be up and running. To check this, hit the "Containers" link right above where it now says SearXNG. You should see something like this. And that's it! You only need to follow the remaining steps if you intend to use SearXNG when LibreChat wants to search the web. I detail those steps in Appendix 2 below. The green light to the left of SearXNG (inside my magenta oval) tells you the service is up and running. The first number under Port(s) (marked with my red arrow) tells you at which port the service is available.

Now for the reward. Open your browser to localhost:55006 (or whatever port number Docker/SearXNG provided you. You should see something like this:

Ask it something. Let's see what it knows about the dormant commerce clause. I type that phrase into the search bar, hit enter, and I get a page of clickable results with summaries. Awesome! You now have achieved fully confidential search.

And there's more. You can reinvent "AI" mode with SearXNG. Don't do this – yet – if you are running searches that you would not run in a conventional search engine like Google. Only try this for innocuous stuff, like "dormant commerce clause." Activate the "Download results" opener in the bottom right of the screen. Then click on "json". You should then see a summary of what SearXNG returned. Like this:

Use Control-A, Control C to copy the contents. Then go to conventional large language model like ChatGPT or Gemini and type the following into its prompt bar.

Suppose all you saw was this and you yourself did not have underlying knowledge. What could you deduce about the dormant commerce clause from this json object: %%%

Then paste in the results from SearXNG right after the %%%. You should then get a long explanation of the dormant commerce clause. Here's a screen capture of part of my results from Gemini.

Cool!

The important news, however, is that SearXNG is working. You can use it from now on as a standalone search engine when you need to submit confidential information or don't want to be tracked. In a future post, I will discuss how to incorporate SearXNG into a LibreChat workflow that lets you harness both search and AI without compromising attorney ethical rules.

Let me know in the comments or via email about your experiences in getting SearXNG to run on your computer and your experiences using it.

Appendix 1: How to know what system you are using

A computer novice can figure out which option to choose by following these simple steps:

## For Mac Users:
1. **Click the Apple logo** in the top-left corner of your screen
2. **Select "About This Mac"**
3. Look at the "Chip" or "Processor" line:
   - If it says **"Apple M1," "M2," "M3,"** or **"Apple Silicon"** → Choose **"Download for Mac – Apple Silicon"**
   - If it says **"Intel Core"** → Choose **"Download for Mac – Intel Chip"**

## For Windows Users:
1. **Right-click the Start button** (Windows logo in bottom-left corner)
2. **Select "System"**
3. Look under "System type":
   - If it says **"x64-based processor"** or **"AMD64"** → Choose **"Download for Windows – AMD64"** (this is the most common)
   - If it says **"ARM64-based processor"** → Choose **"Download for Windows – ARM64"** (rare, mainly newer Surface devices)

**Note:** "AMD64" doesn't mean you need an AMD processor—it's just the technical name for standard 64-bit Windows, and works with both Intel and AMD processors.

## For Linux Users:
If you're using Linux, you probably already know which system you have, but if not, open a terminal and type:
```
uname -m
```
This will tell you your architecture (x86_64, arm64, etc.)

**When in doubt for Windows:** Choose "Download for Windows – AMD64" as it's correct for 95%+ of Windows computers.

Appendix 2: Adapting SearXNG so that it will work with LibreChat

At some point in the near future, you may want SearXNG to be the search engine for LibreChat, a front end for multiple large language models that lets you chat with AI in a way that conforms with attorney ethics rules. This appendix shows you the steps you need to take to make SearXNG work well with LibreChat. The only thing we need to do is edit the settings.yaml file. Go find the SearXNG installation documentation – both the written documentation and the video – to add json to the formats section. Start by having the "Containers"tab of Docker Desktop open before you start heading into editing the settings file. Docker Desktop should look something like this:

To get to the settings file, you should click on the name of the relevant container.(on my system it is SearXNG). That will get you to here.

The file system you need to access in order to edit the settings.yaml file can be accessed only after you move to the Files tab. (It took me a long time to figure this out, hence my helpful red arrow). Make sure to save your work in the file after you add "json" to the formats as shown in the official LibreChat documentation video and to restart the server. Also make sure to note what port SearXNG is running on. One way to do this is to go back to the Containers home page in Docker. The red arrow I have drawn on this screen capture shows that, at the time I wrote this documentation, it is running on 55005. Ignore the stuff after the colon.

You should also make sure that copies of your prompts are not hidden in a cache that SearXNG otherwise maintains to expedite subsequent queries. To do this, we need to get back to that settings.yaml file we edited before. This time, go to about line 82 in the file.

Right below server, add use_cache: false. It should now look like this:

Save your work (the old school floppy disk icon), press the blue restart button (a circle with an arrow). Be aware that if you did not specifically assign a port number for SearXNG at the time you installed the Docker image, the new port number may differ from the prior one. In such instances, it can change each time you restart the system. When accessing SearXNG, you will need to use that new port number. But if you assigned a port number (as I suggested) when you installed the Docker image, the port number should stay the same.

Done! If you shut down your system, remember that you will have to get Docker Desktop up and running and will have to restart the SearXNG container. Both of these tasks are easy, just don't forget them. Now, eagerly await the blog post on how to get LibreChat up and running.