It's an interesting piece, but it also appears to be highly opinionated and slanted. Obviously, privacy is difficult to preserve on the Internet.
This is more surveillance than Google conducts through Chrome alone. Google doesn’t own search query data for most Chrome users (they search through Bing, Yahoo, DuckDuckGo, etc.), so they see only a partial behavioral profile. Brave sees everything.
One of the reasons Google invests an upwards of $1B in Chrome every year is that the default search engine is Google, and it has extremely tight integration with a massive Google ecosystem: Google, Gmail, YouTube, Docs, etc. According to a 2011 Comscore analysis (one of the few direct breakdowns by browser), 87.1% of searches originating in Chrome used Google.
Seems like the article is greatly exaggerating that Brave has more access to user data than Google? Chrome transmits everything with long-lived identifiers.
Brave Search API has SOC 2 type II attestation from a three-month independent audit for security and privacy by Prescient Security. None of the other supposedly private search engines have received similar audits. It seems to me that it would be trivial for any "private" search engine to fingerprint its users.
Brave's ads are opt-in, and the opt-in users of BAT are definitely in the minority. As the article mentions, Brave's ad matching is entirely on-device. When ads are shown and viewed, Brave's server receives simple confirmation of the fact using local differential privacy. I'm not personally aware that anyone has demonstrated Brave transmits "real-time attention tracking, cursor movement, dwell time."
I'm not aware that anyone has shown Brave's pings or telemetry contain identifiers, either. The code is open-source.
![[correlate]](/data/avatars/m/79/79653.jpg?1556985072){kind=avatar}
cambridgeanalytica.org
