Advertisement

Brave privacy browser 'mistake' added affiliate links to crypto URLs

The address bar was autocompleting searches for companies like Binance.

Engadget

Brave, the open-source Chromium-based browser that promises elevated privacy, has been called out by users for potentially putting revenue over user trust. The company has been redirecting certain crypto company URLs typed in search bars to affiliate links and presumably taking a commission, Decrypt has reported. For instance, he typed in “binance.us” and the company replaced the term with “binance.us/en?ref=35089877,” according to Twitter user Cryptonator.

The company made its name by allowing users to choose whether they want ads or not, and paying out cryptocurrency to those who allow them. However, Brave never asked permission about the search bar autocomplete, so users were outraged when it redirected direct URL inputs to an affiliate link, even though it did serve up the correct page. It may also be considered bad form for a privacy-oriented browser because it is directly serving company-affiliated links that are essentially ways to track users through a website.

“The autocomplete default was inspired by search query clientid attribution that all browsers do, but unlike keyword queries, a typed-in URL should go to the domain named, without any additions,” said Brendan Eich, Brave CEO and Mozilla co-founder.

Eich explained that the company is “trying to build a viable business,” mostly by offering users the option to allow ads that pay out in crypto coins. However, Brave is seeking other sources of revenue by including ads and widgets on its new tab pages, much as more established browsers like Firefox already do. “This includes bringing new users to Binance & other exchanges via opt-in trading widgets/other UX that preserves privacy prior to opt-in,” he added. “It includes search revenue deals, as all major browsers do.”

Some Brave users on Twitter (many from the crypto community) weren’t mollified, but Eich offered a mea culpa. “Sorry for this mistake — we are clearly not perfect, but we correct course quickly. We will never revise typed in domains again, I promise.”