According to Brave’s published technical materials, ad matching occurs locally on the user’s device. The browser downloads an ad catalog and selects relevant ads based on interest signals stored on the device. When a user views an ad and qualifies for a reward payout in Basic Attention Token (BAT), the confirmation process uses blind signatures to validate the event without revealing browsing history or identity to Brave’s servers. The company has repeatedly stated that it does not build centralized browsing profiles and cannot link ad activity to specific individuals.
I don’t use nor recommend Brave to people, but if advertising is going to be done this seems like the way it should be done.
Maybe the right way in terms of privacy, but I find it all to be rather monopolistic. (Brave’s ad replacement is infamous in this respect; they trashed it but blocking publisher ads and creating their own is pretty similar to their initial proposal).
I’m also not totally sold on differential privacy because, as far as I know, it’s still relatively experimental and not very battle-tested. I remember Mozilla saying something to the effect of anonynization only working if a large pool of users commit to their tests.
They explain it a bit more in the article:
I don’t use nor recommend Brave to people, but if advertising is going to be done this seems like the way it should be done.
Maybe the right way in terms of privacy, but I find it all to be rather monopolistic. (Brave’s ad replacement is infamous in this respect; they trashed it but blocking publisher ads and creating their own is pretty similar to their initial proposal).
I’m also not totally sold on differential privacy because, as far as I know, it’s still relatively experimental and not very battle-tested. I remember Mozilla saying something to the effect of anonynization only working if a large pool of users commit to their tests.