A few days before Christmas last year, shoppers who used Honey on Amazon websites started receiving a warning from the e-commerce giant, according to Wired. The popular money-saving browser extension that tracks prices and discounts was a "a security risk," it said, and even advised users to uninstall the extension "immediately." While all browser extensions could pose a risk, Honey isn't a random product developed by some unknown developer -- PayPal purchased it last year for $4 billion in what's its biggest acquisition yet.
In the warning it showed to buyers, Amazon wrote: "Honey tracks your private shopping behavior, collects data like your order history and items saved, and can read or change any of your data on any website you visit." Politico's Ryan Hutchins tweeted a screenshot of the warning and noted that that's "how all browser extensions work -- including Amazon's own extension, which provides a similar service."
Amazon is telling shoppers that the browser extension Honey — it gives you coupon codes and other ways to save — is malware.
Paypal bought Honey in November for $4 billion. That's one extensive piece of Malware. pic.twitter.com/Di6I8RAX2X
— Ryan Hutchins (@ryanhutchins) December 20, 2019
The Amazon Assistant browser also tracks prices and lets buyers compare items across retailers. And, as Wired notes, Google will also tell users that it can "read and change all your data on the websites" they visit when they install the extension on Chrome.
It's not entirely clear what Amazon saw that made it label Honey, in particular, a security risk. A spokesperson only told the publication: "Our goal is to warn customers about browser extensions that collect personal shopping data without their knowledge or consent." Honey denied that it's a security risk, telling Wired that its rules are clearly spelled out in its privacy and security policy. In its privacy rules, Honey admits that it "collects information that [users] share directly" with it. However, the company emphasizes that it "does not track [their] search engine history, emails, or [their] browsing on any site that is not a retail website" and that it will never sell their data.