Tracking across the web is not something new. That’s one of the reasons why many users use Mozilla Firefox and Brave over Chrome. However, one of those browsers, Brave, is under scrutiny. Allegations from Decrypt are that they are changing affiliate URLs, which are normal URLs, to something that they can track. Gizmodo states that the changes that Brave has made to these affiliate URLs allows them to track 15 million users on the web.
Brandon Eich, the Brave CEO said on Twitter that it was a mistake, that they fixed it, and that they were using an auto-complete feature, that the auto-complete feature should not add any code and that it should be opt-in. He is stating that it’s just part of business. Original reporting is intimating that Brave was doing it for a cut, at least 50% off of each trade that a user may make, in this case, it was sending affiliate links to cryptocurrency.
The verge says that there is nothing wrong with using affiliate links. The issue is that most URLs tell a user that they are using it. The reason for the wording in the original GIzmodo article is that Brave proports to be a private browser. By not telling their users, they are not being transparent, as the verge suggests, but, not everyone will accept the apology.
Brave recently made headlines when they were trying to make their own private video chatting software. Brave builds privacy-focused video chat right into its browser. It is using an open source video chatting software jitsi to try to compete with the likes of Google Meet and Zoom. They currently don’t have end-to-end encryption on their platform, but, they are working on it. Their reputation is built upon the idea that privacy matters. So, anything that might be atypical of that nature, could be criticized.
In April and May, Brave added 1.5 million users, and they also have reported improvements with their Brave Ads programs, which takes Basic Attention Tokens as a means of a currency to provide web browsers with compensation for users who use ad-blocking software.
It would not be the first time that a company violated users trust. Avast was caught using a subsidiary which allowed them to see what links that users were clicking on. So, while they were allegedly protecting your machine, they were profiting off of it. They claim they were GDPR compliant, but, it would be safe to say that they shut down that program in a hurry after news about it broke. It’s almost a similar trend here.