Honey Extension Accused of Secretly Tracking User Data
For months, users have asked: Is the Honey browser extension safe? A newly released exposé suggests the answer may be a resounding “no.” The PayPal-owned shopping tool—once praised for automatically applying coupon codes—is now under fire for allegedly harvesting extensive user data and undermining small businesses. With millions of Chrome users already uninstalling the extension, a viral video by MegaLag has reignited concerns about Honey’s transparency, trustworthiness, and long-term impact on both shoppers and creators.
From Shopping Helper to Privacy Nightmare
Honey launched in 2012 as a free browser extension promising to find and apply the best online discounts automatically. After PayPal acquired it in 2020 for $4 billion, adoption soared—peaking at over 25 million Chrome users. But cracks began to show in late 2024, when creators accused Honey of hijacking affiliate links, effectively stealing commissions from influencers and bloggers who rely on them for income. Instead of honoring creator-specific codes, Honey allegedly swapped them out for its own, pocketing the revenue while leaving creators uncompensated.
Chrome Purge: 7 Million Users Gone in Months
The backlash was swift. By mid-2025, Honey had lost roughly 7 million Chrome users—a staggering 28% drop in its browser-based audience. Google responded by tightening its extension policies, explicitly banning tools that manipulate affiliate attribution without user consent. Honey pledged reforms, but skepticism remained high. Now, MegaLag’s newly released “Part 2” investigation claims the problems run even deeper—into the realm of user privacy and data ethics.
Private Coupon Codes Leaked Without Consent
One of the most alarming revelations centers on how Honey handles exclusive discount codes. The video shows evidence that Honey scrapes private, time-limited, or influencer-specific coupons—often shared via email or social media—and redistributes them to its entire user base. Worse still, small businesses report that when they asked Honey to remove these leaked codes, the company refused unless they signed up for a paid partnership. This practice not only devalues marketing efforts but could also trigger unintended financial losses for independent sellers.
Your Browsing Habits May Be in Honey’s Database
Beyond coupon manipulation, the investigation alleges Honey collects far more data than users realize. According to Datarequests.org, the extension logs detailed browsing activity—including page URLs, precise timestamps, geolocation, device type, and even user-specific identifiers—all tied to a persistent ID. This tracking isn’t limited to shopping sites; it extends to any page on domains Honey deems “relevant,” which can include news, finance, or health websites. While Honey says this data powers “personalized savings,” critics argue it crosses into invasive surveillance territory.
Amazon Once Labeled Honey a “Security Risk”
The concerns aren’t just theoretical. In 2024, Amazon briefly displayed a stark warning to users with Honey installed: “This extension is a security risk.” The message accused Honey of monitoring “your private shopping behavior” and urged shoppers to disable it. Though Amazon later removed the alert—reportedly after PayPal pushed back—the incident raised red flags among privacy advocates and everyday users alike. If one of the world’s largest e-commerce platforms considers Honey risky, how safe can it really be?
Does Honey Sell Your Data? The Murky Truth
Honey maintains it doesn’t sell user data to third parties. However, its privacy policy allows for “sharing with service providers, business partners, and affiliates”—a clause vague enough to concern experts. Furthermore, because all collected data is linked to unique user IDs, it’s highly identifiable, even if not explicitly labeled with names or emails. In an era where data breaches are common and digital footprints are monetized, this level of tracking feels increasingly out of step with user expectations for transparency and control.
Google’s Crackdown Signals a Turning Point
Honey’s troubles reflect a broader shift in how browsers handle extensions. Google’s 2025 Manifest V3 update severely limits background data collection and requires clearer permissions—changes widely seen as a direct response to tools like Honey. Mozilla and Apple have followed suit with stricter Safari and Firefox policies. These moves suggest that the era of “free” browser tools harvesting unchecked data may be coming to an end, forcing companies to rebuild trust through genuine user consent.
Uninstalling Honey: A Growing Movement
Online forums and social media are now flooded with users sharing how to safely remove Honey and clear its stored data. Many report immediate improvements in browser speed and fewer targeted ads—fueling speculation that the extension was more than just a coupon tool. Consumer watchdog groups are urging regulators to investigate whether Honey violated data protection laws like GDPR or CCPA, especially given its handling of European and Californian users.
PayPal Stays Silent Amid Mounting Pressure
Despite the mounting evidence and public outcry, PayPal—the parent company—has issued no substantive statement addressing the new allegations. Its only response so far has been a generic note on Honey’s website reaffirming its “commitment to user privacy.” For a company that built its reputation on secure digital payments, the silence is striking. Users are left wondering whether convenience is worth the hidden cost of their digital autonomy.
What This Means for the Future of Browser Extensions
The Honey saga serves as a cautionary tale for the 2.5 billion Chrome users worldwide: not all “free” tools are benign. As extensions gain deeper access to browsing behavior, scrutiny over their permissions and data practices must intensify. Experts now recommend only installing tools from transparent developers with clear privacy policies—and regularly auditing which extensions still have access to your browser.
Trust, Once Broken, Is Hard to Rebuild
Honey’s fall from grace wasn’t sudden—it was cumulative. Between affiliate theft, private code leaks, and opaque data collection, the extension has eroded the very trust it needed to survive. In 2025’s privacy-conscious landscape, users are no longer willing to trade their data for minor savings. As uninstall numbers climb and new videos go viral, Honey’s future looks increasingly uncertain—and its story may mark the end of an era for unchecked browser add-ons.
