They want to display ads while respecting user privacy, which is nice from a user point of view, but do advertisers actually want that rather than being able to target 35-40 years old in Ohio that are using shaving products twice a week ?
Brave developer here. Great question! Brave Ads are entirely opt-in, and work via on-device machine-learning. The machine-learning bits study your browsing habits in a private, non-leaky manner.
Once a day, your device downloads an aggregate catalog of many ad options to be studied locally. If/when an ad is found that fits your interests (as inferred by your browsing habits), the ad is displayed as an OS notification and 70% of the ad revenue is deposited into your in-situ wallet.
So on the topic of targeting, Brave is able to deliver a better experience for Advertisers and Users, without the need to leak user information across the Web. The on-device ML bits learn about their user over time, delivering a better experience with maturity.
I would never opt-in to ads even if there was some upside. That's like asking if I'd like to see billboards on a beautiful drive through Colorado and in return you'll throw some change in my center console. I'll just take the beautiful drive and you can keep the cash.
> The machine-learning bits study your browsing habits in a private, non-leaky manner.
Your beautiful drive through Colorado requires quite a bit of maintenance and financial support. Somebody has to pay for that. With Brave, Advertisers can pay for it (without getting hold of your data) by way of users. Alternatively, you may choose to "fund the roads" yourself by depositing your own tokens into Brave's wallet—that too is possible.
Brave aims to sustain the roads that grant you access to that scenery. For some users, they are able to pay a bit out of pocket (depositing their own tokens). For others, they can take advantage of a private advertising system that finds relevant ads, while paying the user 70%. This allows users to passively support the roads, if you will.
Unlike billboards down the side of the highway (which, I agree, aren't pleasant to see), only the users who wish to see ads are shown ads. And they always determine how many are shown (which is not the case with billboards). Brave Ads are tuned over time, too. As a user engages the app, the ads will become more and more relevant (unlike billboards). All that said, the default experience is (and will remain) an ad-free experience.
To your Krebs citation, he is absolutely correct. Give your data to somebody, and it's likely they'll lose it, leak it, or sell it. That's why Brave avoids your data as best we can. Brave Ads takes place _on your machine_, where your data naturally lives. You don't entrust us or anybody else with it.
You are supremely lost. If you carry the analogy, you're saying the billboards destroying my view through Colorado are somehow paying for my roads. Well, actually taxes pay for my roads. And no, viewing ad's on Brave does not somehow make my internet better or faster. It just clutters the experience.
The only thing that will opt into this crap are the selenium bots I write to farm some Brave cash or whatever you're calling it, until I realize that the AWS fees are more than the Brave cash I'm getting and shut them off for good.
> If you carry the analogy, you're saying the billboards destroying my view through Colorado are somehow paying for my roads. Well, actually taxes pay for my roads.
You are entirely misinterpreting the Brave engineer's good faith argument. The argument wasn't that billboards somehow pay for roads. You introduced that analogy, and the reply showed where your anology falls apart. The argument was that unlike roads, most websites aren't funded by taxes and won't be for the foreseeable future. The engineer also points out some ways Brave ads are different from billboards: they are opt-in, they are personalized, they give you useful tokens for your attention, etc.
It's impossible to ignore that every major browser is subsidized by either user tracking or OS sales. Even the privacy focused Firefox, which I use and love, is funded almost completely by Google ads.
And lastly, one great thing about Brave is it's completely (besides maybe Widevine, which isn't their fault) FOSS, so you are free to fork it and remove the Brave ads functionality. In fact it's probably not even hard to write a script to do it automatically. But no one has successfully funded large scale browser development while being FOSS and not relying on ads.
Also, I know people who would opt-in, though I wouldn't myself.
Let's break down what the the rep from Brave said... I don't think I misinterpreted anything.
> Your beautiful drive through Colorado requires quite a bit of maintenance and financial support.
Roads cost money.
> Somebody has to pay for that.
Someone has to pay for the roads.
> With Brave, Advertisers can pay for it (without getting hold of your data) by way of users. ... Brave aims to sustain the roads that grant you access to that scenery.
Ad's (billboards) can pay for a great browser experience (the roads)...
So, therefore I said: Billboards don't pay for roads, taxes do. I get that the analogy isn't 1:1. However, stating that is an easy way to demonstrate that Brave doesn't have a market. Just like I don't need billboards to pay for my roads, I don't need ad's to pay for my browser experience. Firefox is open-source, and adblock exists. Come off it.
If you use Firefox, ads pay for your browser experience. It's just one extra level of indirection (Advertiser -> Google -> Firefox vs. Advertiser -> Brave).
With regards to original argument, my impressions was you didn't assume good faith and respond to the strongest plausible interpretation of what the Brave developer said, as the Hacker News commenting guidelines suggest you do. Take that how you will.
>>Your beautiful drive through Colorado requires quite a bit of maintenance and financial support. Somebody has to pay for that. With Brave, Advertisers can pay for it (without getting hold of your data) by way of users. Alternatively, you may choose to "fund the roads" yourself by depositing your own tokens into Brave's wallet—that too is possible.
Well, a lot of internet was built by people who want to share for sharing sake. Then companies figured there was money and so they started lining up those highways. Now, people do not have a decent way of knowing which highways have no ads. The equivalent is that people do not have a search engine which will send me only to sites which have no ads. Google has been spammed to death for every imaginable keyword. Every recommendation engine only shows based on eye balls.
If all these ad supported publishers die, we would have a much better internet where we can read genuine content, not some marketing based stuff. Hint: Look at the non ad supported Hacker news!
Define “adblock” please. I hope you mean something good like uBlock Origin and not bigger share extensions that take fees from Google and others to whitelist ads.
> I would never opt-in to ads even if there was some upside. That's like asking if I'd like to see billboards on a beautiful drive through Colorado and in return you'll throw some change in my center console. I'll just take the beautiful drive and you can keep the cash.
This, and the fact that Brave has decided to get in bed with advertisers at all seriously undermines their credibility.
Only if you assume we enable tracking for Brave Ads. But we do not. Please look deeper, otherwise you're just writing false stuff based on assumptions.
No, nothing in my post is false. I knew how your ad model works when I wrote that post. You're in bed with advertisers because you're taking money from them and providing them a service.
Look, I don't have anything against you personally. I'm sure you're a good, kind person with pure intentions. But tracking or not, advertising is not the way to fund a browser that serves users. You'll always be beholden to advertisers for your cash flow, and you're always going to be making choices between prioritizing users or prioritizing your income. Sometimes the choices will seem minor and it won't be clear which direction to go, and you'll compromise and the focus on users will be eroded. And at some point the choice might be between screwing over users and shutting the doors of your company due to lack of funding or something else. Historically, some people have chosen users[1] but most have chosen to stay open.
I hope you prove me wrong, I really do. But you'll excuse my skepticism at this point.
You did not justify “in bed with” or even define it usefully. My reply said we don’t track, and if you know about us, you also know we give the larger revenue share to the user. And ads are opt in per user, so “in bed with” better fits our relationship with our users.
Any browser requires high trust, but most of the bigs have not stopped tracking, as they have been built or coopted by ad companies. Who is in bed with whom?
On Lavabit, you are changing the threat model from ad businesses to national security agencies, but I will play along. Read https://brendaneich.com/2014/01/trust-but-verify/ and think it through. If we tried cheating our users to help advertisers somehow, we would be found out and roasted into a crisp on all media by our lead users.
> You did not justify “in bed with” or even define it usefully. My reply said we don’t track, and if you know about us, you also know we give the larger revenue share to the user. And ads are opt in per user, so “in bed with” better fits our relationship with our users.
You said in your other post to me:
"Ad spend last year was over $100M in the US alone, ~$300M globally. Heading toward $1T globally. Users subscribing or paying out of goodwill won't cover this if we block it all and corner the market."
So you're saying that most of your funding comes from advertisers, not from users. By the design of your business model you've chosen to be more in bed with advertisers than with users.
What I quoted also implies that you had to do that, because you couldn't get the funding you wanted otherwise. But I'm saying you never have to do anything. You chose this business model, not because it served users, but because it makes you money. I'm sure your intentions are good, that you think that having that money will allow you to serve users. But I'm saying that conflicts of interest this fundamental rarely play out as intended.
> Any browser requires high trust, but most of the bigs have not stopped tracking, as they have been built or coopted by ad companies. Who is in bed with whom?
This is a perfect solution fallacy. I totally agree that there's no major browser that hasn't been coopted by advertisers to some extent (except maybe GNU Icecat). This is a big criticism I have of Mozilla, for example, but at least they admit there's a problem and try to take steps to prevent it--although I'll reiterate: they're not enough as far as I am concerned. So far, in this thread, you have yet to even admit that there is a problem, which means you can't possibly take steps to mitigate it.
No Sir -- not from me, anywhere in anything I ever wrote. Browsers are imperfect. For one thing they have 0days.
Brave is imperfect too.
Before we correspond more, please tell me how you took my big-picture realpolitik point about western ad powers acquiring or otherwise getting control over 3 of 4 top browsers as having anything to do with perfect vs. good?
It's pointing at other browsers and saying, "Look, they're not perfect either, so it's okay for Brave to not be perfect". Sure, that's true, but it's no excuse for Brave not aiming for perfection.
I never said that either. Don’t put words in my mouth.
I said 3 of 4 top browsers are owned by or almost wholly dependent for revenue on huge ad businesses. That matters. You can see it in Apple’s ITP and prior third party cookie blocker, in Safari from 2003. Apple is not dependent on ads that need tracking.
Okay, yes, it does matter that 3 of the 4 top browsers are dependent on ads for revenue. Where I'm confused is why you think that this is a defense of Brave, which is also dependent on ads for revenue.
Because as I diagrammed repeatedly, the problem is not “ads” as ritually impure funding model, but tracking. Safari and Brave block tracking. Edge and Firefox are late to this party and not yet blocking hard by default.
It is not ads but tracking which creates perverse conflicts and hazards, including regulatory and ‘browsers as blind ad tech runtimes’ capture.
With regards to your link, that's very well-written and I agree with almost everything you said in that link. This is particularly important to remember:
"The unfortunate consequence is that software vendors — including browser vendors — must not be blindly trusted. Not because such vendors don’t want to protect user privacy. Rather, because a law might force vendors to secretly violate their own principles and do things they don’t want to do."
And that doesn't just apply to the NSA forcing you to backdoor your own software under threat of arrest. It also applies to major sources of funding forcing you to backdoor your own software under threat of defunding you.
I want a browser made by people who would shut down their business rather than compromise users. And so far in this conversation, it doesn't even sound like you've considered that possibility or believe it could happen, so how can we trust that you'd do that?
I would shut down Brave rather than backdoor our open source. Can you imagine? Note: I'd do this on moral grounds, but even if I were some kind of toady to the state, I'm not stupid. The back door would be discovered and I'd be strictly worse off then. It wouldn't pay for the state actor, either.
> Each ad request is anonymous, and exposes only a small subset of the user’s preferences and intent signals to prevent “fingerprinting” the user by a possibly unique set of tags.
It means that advertisers still get some feedback on the "intent signals" of the users that have seen their ads ? So it is private in the sense you cannot be uniquely identified but some of your intents are somewhat leaky ?
Not quite, I think that FAQ item needs to be updated. The model works like this:
The user opts-in to Brave Rewards/Ads. This kicks off a machine-learning model that begins to study the user's habits and interests.
On a daily basis, the user downloads a regional ad catalog (as to other Brave users in their region). This catalog contains numerous ad options, which your device studies for relevance.
If/when your device identifies an ad within the catalog that might be of interest to you, it displays the ad as an OS notification. At this time, 70% of the ad revenue is deposited into your in-situ wallet.
At this point, the user has made absolutely no contact with an advertiser. If the user chooses to click on the ad, it is opened in its own tab in the Brave Browser. This tab, like all others, is subject to Brave's default security/privacy settings. No third party trackers, etc.
The advertiser will know that you are interested in their product/service, because you clicked the ad. But no other information about you is given to them; only what can be inferred from standard first-party browsing online.
Brave aims to keep your data private, and on-device. It is never leaked to us, or anybody else. You are sovereign over your data, and you decide with whom it is shared. That's our goal, always.
> At this time, 70% of the ad revenue is deposited into your in-situ wallet.
Brave needs to know when and which ad has been shown to the user, to deposit that ad's revenue right? That means whenever an ad is shown "locally", it still needs to contact Brave server with user's identity behind of some encryption. Brave then shows the proof of ads being presented to users to ad provider to get revenue.
Sure, the user's interests are studied locally (and inefficiently because it runs on user's computer), but the result feeds back to Brave. How does that improve privacy?
At some point, Brave may either leak the data accidentally or decide to sell the data, because the data, which capture each uniquely identifiable user's interests, is valuable.
The key is no user identifiable events and no ability to link events for a given user together. Advertisers want authentic aggregate results — they don’t want (at first or in bulk, also not legal in many places) user ids. We built an authentic but anonymous ad system.
Does the viewing of an ad leak data? Eg, if they know my IP viewed an ad, and they were targeting males 15-25, wouldn't that leak the data? Are there systems in place to prevent this sort of data leak as well?
Catalogs are regional, so you aren't downloading every possible ad. You're downloading a ~3MB or so file that has ads for your region. Others in your region download the same catalog, which prevents fingerprinting.
We don't rely on extension and/or DOM APIs like other approaches—we're the browser. It's much harder to fool the browser. Additionally, because our models are built on client-side operations, analysis on the client can be done without the need to leak any data from the user's session. That's about as much as I'm happy to discuss. Fraud prevention is one of the few opaque areas in our project, for good reason. I hope that helps!
Brave ads are targeted through on-device matching. I'm not sure how well this will scale tho. Described in "Relevance" here: https://brave.com/brave-ads-launch/
Correct. Once a user opts-in, machine-learning bits on the user's device take over and begin to study browsing habits and interests. These ML bits then decide what types of ads are likely to be of interest to the user.
What are your scaling concerns? I'd love to hear more!
I would assume that once a lot of advertisers are on the platform the ad catalogue can quickly grow to the size of GBs, which would be unfeasible to hold on smartphones.
The catalog contains edge-cached URLs and metadata for the ads. The size remains small, as we're not compressing down images, rich media, video or other assets in the catalog.
(I work at Brave, and am on the team bringing the ad platform to market)
Could you clarify a tiny bit? I’m not sure I follow. If you are not including images or video in the ads, does that mean that you are downloading them at view time from somewhere, or that the ads have no images or video?
Ads first appear as OS notifications on your desktop. This notification displays plain-text content from the regional ad catalog. You get 70% of the ad revenue at this point.
If you click the notification, Brave opens a tab in the Brave browser and navigates to the advertisement location. At this point, the ad can load images, video, etc.
Important to note, however, that ad pages are not given any special treatment in the Brave browser. They are subject to the same privacy/security restrictions on all other pages. Third parties are severely limited, if not entirely prevented from engaging in the session.
Catalogs are regional, and reflect only active campaigns. So far, the file hovers around 3 MB when compressed. We are able to optimize size even further, as needed. It will always remain small enough to be downloaded easily.
They'd probably prefer targeted advertising, but if they have to choose between too many or too few people seeing their ad, they'd probably pick too many.
Generally speaking, Advertisers aim to get better value for their buck, so to speak. In the early days of online advertising, it was not uncommon to pay for impressions that may or may not be set before the eyes of a relevant audience. Around 2009 the process of Real-Time Bidding was created, and advertisers began to get better value, but at the expense of an unethical auction process that took place for each ad-slot on a page.
With Brave Ads, advertisers know that they're reaching a party that is interested (Brave Ads are opt-in). Advertisers know that attrition of value due to fraud and middle-men is reduced in our model. Users know that they don't have to sacrifice privacy or security to participate, and that on-device machine-learning progressively delivers a better experience over time.
They want to display ads while respecting user privacy, which is nice from a user point of view, but do advertisers actually want that rather than being able to target 35-40 years old in Ohio that are using shaving products twice a week ?