Several months ago, Brave was involved in a “scandal”. Unfortunately, this incident did not get much media attention, and it’s hard to search for and discover as of today. The report I first saw was by https://androidpolice.com/:
In summary, Brave had been injecting their affiliate codes into popular crypto-currency websites. This means that they had been intercepting your traffic, that they promised was secure by the way, and modifying it.
Additionally, AndroidPolice points out:
The nature of these affiliate programs also allows the referrer — in this case, Brave Software — to view some amount of data about the customers who sign up with the code. Coinbase’s program provides “direct access to your campaign’s performance data,” while Trezor offers a “detailed overview of purchases.”
This means Brave Software has access to all of your information on those crypto-currency sites as well. They can see your payments/purchases, and your activity on the websites (through affiliate statistics).
Brave doesn’t seem so privacy-focused anymore, does it? They did all of this, without telling the user. This meant that they intentionally didn’t tell the user because they knew it would cause backlash and disruption. They knew one hundred percent what they were doing, and they knew it was unethical.