Brendan Eich, CEO and founder of Brave
Brendan Eich, CEO and founder of Brave. David Maung/Bloomberg

Although it has been more than a week since Brave was caught doing affiliate link shenanigans, it’s difficult not to think about how the events of last week changed the project’s reputation.

For those unaware, Brave was replacing some crypto-related website URLs (when typed into the browser) with affiliate links through which Brave earns commissions. For example, typing “binance.us” ended up autofilling to “binance.us/en?ref=35089877”. Other crypto-related websites where Brave was employing the switcheroo were Ledger, Trezor, and Coinbase. Here’s the tweet that started it all:

Since the antics were uncovered, a backlash ensued. In reddit and Twitter threads, users began expressing their frustration. Though it might seem to some people like not that big a deal, these kinds of “tricks of the trade” matter more than most think. “You are going to use Binance anyway, why not lend a hand and help a good project out? Seems like a win-win right?” Wrong. What happens when this same type of shortcut mentality is applied, but even in a more obtrusive manner. Where will the line be drawn? Who will draw the line? Another user who catches the scheme halfway through by chance?

Advertisement

Brave CEO Brendan Eich apologized about the situation almost instantly and that’s a good thing. However, some of the details are worrying. In one of the many replies to the criticism that came after the affiliate link autofills became well-known, Brendan said:

“We develop with all browser code open source on github, and users who type binance dot us [in the browser URL field] can see the default autocomplete add the affiliate code. Also, small change in revenue terms if it’s not zero! Mistake was using search client-id model.”

Let’s clear one thing first. These autofills were enabled by a setting in the browser. By default this setting used to be enabled (now disabled on newer versions).

However, the problem is this. If you didn’t go around looking on Google, I challenge you to go through Brave’s settings and guess which is the one that enabled the affiliate link autofills. Good luck finding it.

The setting is titled “Show Brave suggested sites in autocomplete suggestions”. I don’t know about you, but looking at that, I don’t get any indication that this might autofill some of my URLs to affiliate links. Maybe it’s just me. Doubt it. And what place do affiliate links have in suggestions based on what I type?

As mentioned, in the latest version of the browser, this setting has been modified and now defaults to off, but is still wrongly labeled as to the functionality it relates to (if it continues to suggest affiliate links). To help the Brave team, I’ve come up with a quick modification of the label that makes it spot on: “Show Brave suggested sites in autocomplete suggestions (may contain traces of affiliate links)”.

I don’t have time to Google every setting in the browser when I’m not sure if it enables some covert functionality. Hints need to exist that inform me of what these settings do, when their labels obviously fail to do so.

In their announcement addressing this issue, the Brave team paint the affiliate link autofilling appearing as the first suggestion as a bug. Give me a break. But, even if we give the company the benefit of the doubt, which I personally wouldn’t in this particular situation, an affiliate link still has no place in URL suggestions, even if it sits in the last spot – at least not in any way that isn’t instantly distinguishable from other suggestions.

But, to get back to where we left previously, why is all that such a big deal?

Because one cannot know where else this type of sneakiness might be used. Maybe it won’t be. Maybe Brave learned their lesson once and for all and from now on will be the most transparent and ethical company in the world, ever. Hope so. For a company built atop user trust, these kinds of shenanigans can be lethal. Think about it. Is this going to be the company’s culture moving forward? Build user trust and then abuse it? Hope not.

I personally like Brave. I use Brave. I’m still using Brave, even after all this came to light. But, now I have a contrasting view of the company, one that is radically different than the one I previously had.

When will businesses learn that shoving stuff down the throats of their customers never works. We understand that it’s difficult building a business in a highly-competitive environment, especially when a new business model is being applied. We understand that the project might be struggling for cash to meet its aggressive growth goals. We understand that the current sociopolitical landscape is probably taking its toll on startups. We understand all that.

And I’m sure that people would have been more than willing to help, if they were asked. If they were given the choice. I know I would have. I don’t care if Brave earns 50% on my trades on Binance. Good for them. I like the project. Why not support it? But don’t shove it down my throat without even asking. Build a choice architecture that helps me make the right decision. I would be more than happy to help. And I’m sure many others would feel the same way.

1
Discussion

avatar
1 Comment threads
0 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
1 Comment authors
TraceFree Recent comment authors
TraceFree
Guest
TraceFree

While Brave is great because it blocks ads, it does not hide your browsing from Google and Big Tech. Your privacy is determined where your browser runs (not what kind of browser you use). A remote browser runs in the cloud on a server always keeping your device isolated from the session. Google still collects the data but it is of a “rental computer” and cannot be matched to the user, their device or true location.