Brave Browser Affiliate Referral Scheme

From Privacy Wiki
Jump to navigation Jump to search
Brave Browser Affiliate Referral Scheme
Short Title Brave Privacy Browser Automatically Adding Affiliate Links to Cryptocurrency URLs
Location Global
Date June 2020

Solove Harm Surveillance, Breach of Confidentiality
Information Behavioral, Computer Device
Threat Actors Brave browser, Coinbase, Binance, Ledger, Trezor

Affected Brave users
High Risk Groups
Tangible Harms

Brave browser was found to automatically add a referral code to URLs leading to cryptocurrency sites.


Brave is one of the biggest names in the world of privacy browsers, with a user base of about 15 million.

The browser was found auto-completing URLs to certain cryptocurrency sites with an affiliate link, without notifying the users about it. This is a user tracking technique and can be seen as Surveillance.

It works in a way, that a special URL is provided to an affiliate to promote partner’s services. When someone signs up via that distinct URL, the affiliate gets some sort of payment for it. Brave’s founder later implied that the revenue was necessary for Brave to support itself.

When a user entered the name or URL of certain cryptocurrency sites into the Brave browser, it would automatically redirect them to that site with Brave’s referral code appended to the URL. Users didn’t know about this tracking, especially given Brave’s reputation of being privacy oriented product. This processing of behavioural information of users can be seen as Breach of Confidentiality.

Among Brave’s affiliates are such cryptocurrency sites as Binance, Coinbase, Ledger and Trezor.

Brave’s founder apologized for the scheme once it was discovered by users, stated that it had been fixed, and vowed that the company would not do it again.

Laws and Regulations