Luke: [00:00:00] You’re listening to a new episode of The Brave Technologist, and this one features two guests who are current PhD students working together on the Open Anonymity project, which lets people prove things about themselves online, like trust or credentials, without revealing their identity. Their first product, OA Chat, provides an unlinkable AI chat client that protects users’ privacy.

Ken Liu is a computer scientist PhD student at the Stanford AI Lab with research focused on foundation models, data, user privacy, and their intersection. Eric Chi is a computer science PhD at the University of Michigan with research focused on security and privacy, particularly network security and anti-censorship.

In this episode, we discuss what currently takes place every time you make a prompt on a typical chat tool, how to use AI to actually help protect your privacy, not just threaten it, and why this is the best time for someone to question their privacy bias. And now for this week’s episode of The Brave Technologist.[00:01:00]

Ken and Eric, welcome to The Brave Technologist. How are you doing today?

Ken: Doing great. Thank you so much for having us.

Luke: Yeah. Yeah.

Ken: Doing great.

Luke: I don’t get two guests very often, and, two guests that build both privacy and security with AI stuff even more seldomly, attended.

So I appreciate you both making the time, and I’m really excited for the conversation. To kinda kick things off, I think, you’re both really deep in AI and security. What are you seeing right now that made building something like Open Anonymity Chat, feel like a, an urgent thing to do?

Maybe Ken, if you wanna lead on that one.

Ken: Yeah. Yeah. Thanks, Luke. Thanks for having us. I think the broader picture today is pretty clear, that, that we are undergoing this, like transition that have, tremendous scale that we’ve been doing in history. And so as part of that, you see a lot of new behavior, new user behavior, new data collection paradigms that warrants like a rethinking of, like, how privacy infrastructure should be built.

So you see that [00:02:00] everything’s moving to AI. People are uploading lots of things now they wouldn’t do when in the past of like Google Search or like email, that you wouldn’t, for example, do therapy sessions with Google Search. And so the reason we see that is that, like AI is really tightening a lot of the interfaces that we- are using.

Like for example, you no longer go to Google Search as much. You no longer, go to this, your tax consultant as much. It’s all converging the same point, and the same point is now being managed by certain, big companies or frontier labs. They have, tremendous control over the individual users.

And this is somewhat concerning because you want to, you want an industry to be able to, okay, have standards and have, policies and have, laws and regulations on how these data are gonna be processed and, stored and, shared. And right now, because things are moving so fast, we don’t really have that.

We don’t really know what’s gonna happen to the data that we accumulate into these AI accounts. And as part of that, we also see, a lot of people rushing to do stuff in the AI [00:03:00] privacy space. We see that, people are trying to, make things that, seem private on the surface, but not really like private, not really helping the user getting control back of data.

So when we see these problems, and like last year, Eric and I were just thinking, “Okay, why don’t we try to build something from school and, try to open source it and try to, make it, - give this problem a try and see what, what goes on?” And that kind of leads to this project.

Luke: The Brave Technologist is brought to you by the Brave Search API. Access billions of indexed web results from a simple API call with the Brave Search API. Join the leading names in AI and tech using the Brave Search API to power agentic search, keep LLMs current with real-time data, train foundational models, and bring the best of the web directly to the leading edge.

Get started today at brave.com/api. When we think about how privacy’s being approached in AI, one thing that, when I was looking at what you guys are doing with OpenAnonymity Chat, it seemed like it was a much more rounded or, holistic approach at, looking everything [00:04:00] at, from the client level and not just focusing on, the inference part or, one piece of the puzzle.

I know that you all use this term unlinkable inference. Can you walk us through what that means in practice, and how it’s different from something like incognito mode or other privacy jargon?

Ken: Sounds good. So there are two words here, unlinkable and inference. So inference is easy. Inference means that you have to model tokens in, tokens out, right? Some LLM that sits somewhere. Unlinkable just means that whoever runs this LLM or whoever, serves this LLM, cannot link your queries together or link back to you as the person, to your identity.

So in practice, what does that mean? That means, you wanna be able to query an LLM, send in some tokens And, get back some tokens, and this full chain, let’s say you talk to ChatGPT, this full chain will make it such that, OpenAI does not know who you are, and then this layer through which you offer this unlinkable inference also does not know who you are.

No one know where this prompt came from. And in particular, this layer has to be zero knowledge, in a sense [00:05:00] that not only does it not know who you are, but it also does not see any prompts and responses in the middle. ‘Cause if it does see the prompts and responses, that makes it such that,

it become that, central point of aggregation of in- information. So this is the kind of the key distinction between, let’s say some, AI providers out there that they sit in the middle, they collect all the telemetry. That doesn’t really provide y- extra privacy on top of the providers.

Maybe this is a good point to, like, talk about the incognito mode now.

Erik: Yeah. I- if we are looking at incognito mode in, ChatGPT, they are actually completely not secure, and it’s not even, anonymous because all of your chat, all of your prompt you send under this mode is still bound to your account.

And ChatGPT or OpenAI is just trying to hide this from you and not showing it in your chat, chat session history, but everything is still bind to you. So we think incognito mode is completely a scam that’s not [00:06:00] something secure.

Ken: I think maybe what Eric means here is, it’s really like a UI kind of a feature more so than something that you can prove, right?

It’s just saying, “I’m not gonna show this on your account. I’m not gonna say that I have this.” But underlying, there’s, really no difference compared to you chatting- Yeah … to ChatGPT directly.

Luke: And I think it’s well said, too, ‘cause these are things where we’ve seen them applied elsewhere, right?

There was a whole scandal with this around Chrome with incognito mode and people’s, thinking it was more private than it was, that even went to the courts, right? Yeah. And, and it turning out to be totally not what people thought it was. And then now, though, I think, Eric, you used the, the word, , anonymous and that’s a current trend we’re seeing too where people will call some things private, call some things anonymous.

It’s almost like a Diet Coke or something like that, approach to this. And then you step back and you figure out, they’re just talking about one part of it, too. And the end user, sometimes, like privacy researchers or enthusiasts or whatever, people that are into this stuff are [00:07:00] not really looking at it from the bigger picture

‘Cause you start to dig into some of the privacy policies for some of these- Yes … quote unquote private or completely private or whatever they’re marketing with, solutions, and you’re like, wait a minute, you’ve got, third-party analytics in here that you’re disclosing in your privacy policy about all these other things that are, capturing metadata on the user that, can link a lot of things, right?

And so that was what really stood out with what you guys were doing is that, you guys were trying to hit that deniability on the, on the surface, from the end point that the user inputs to even knowing who the user is that’s inputting, right? Which is something that- Yeah

at Brave we relate to a lot, ‘cause that’s a lot of what we try to do as well. And, it really stood out compared to what, others are offering in the space. I think here’s a thing I’d really love you guys to get into the weeds on a little bit, especially given your backgrounds here,

Can we explain to a user or a listener here what’s actually happening to your data, like the moment you hit send on a prompt in [00:08:00] a typical AI chat tool like ChatGPT or something like that?

Erik: Yeah. So basically the prompt you crafted on your phone or your webpage, when you hit s- hit the send button, it will trans- for the prompt from your device to the server through the network layer, but everything is getting to the provider’s server.

So basically, for example, if you are using ChatGPT, then OpenAI is storing off your prompt in their server in plain text. So they can decide to read it whenever they want. Mm … And due to a safety reason they claim they will probably run some detection or classification method on your prompt to see that if your prompt is harmless or not.

And then- they can have more human labor to read it if they want. And especially with this new memory feature ChatGPT rolled out, your [00:09:00] conversation will probably be sent to a reasoning model after you’re finishing the chat, and generate a summary about it. And this might be used to update a model about you i- for your account in these big companies, with all of your previous chat sessions.

And this model is very, Detail about this, you as a person knows everything about you, everything you revealed from your previous chat session. And this is very dangerous.

Ken: Yeah, and there’s just slight nuance I wanna add here, which is that, back to your question, Luke, what happens when you hit send?

So it’s not just the prompt obviously that goes to the servers, but also the, all the metadata identifying you. Here’s Ken’s account, here’s the time that you sent it, and here’s, the device that he was on. And so a lot of the times it’s these metadata that allow you to, really, okay, aggregate and group which prompts that came from you.

And so a big part of what we do at this project, research project at, at Stanford and Michigan, is [00:10:00] that can you remove all of this, metadata such that the only thing that arrives on their servers is the prompt? So that goes back to what Eric was saying. Like, If I don’t even know which account this came from, that makes it so that it’s very hard to build a profile of you, in the long run.

But, that’s the challenge. ‘Cause you decided to use these, providers at the end of the day. So the prompt has to go there. They have the model, right? There’s no way- Right … you can, use their model without giving them the data. can you then, make prompt the only thing that gets there as opposed to metadata?

Luke: Exactly. And there are, nuances between providers, and some are obviously, better than others at certain things and and I think just to zoom out even further, because that was really, super informative and helpful. I think the metadata’s key. The prompt information’s key.

But also, if you’re on, ChatGPT or any of these, especially as, a paying user, right? Your email a- address is logged in and authenticated on your account that they know that link to your chats, and, the payment methods, right? So basically OpenAI is like a Google in a different form [00:11:00] in this interface that… And the thing that really kinda stands out to me is that the form factor of chatting is, so conversational. At the same time, you’ve got these, research tools. So people are, like, uploading full documents into these things, right?

With, super sensitive information and, and yeah, like, they know everything it seems like. Is that a fair assumption?

Ken: Yeah. At the end of the day, think about the type of prompts that you can send to a server. T- one type of prompt says, “Here’s my CV, and I’m about to do a one-hour therapy ses- therapy session with you.”

Now, in that case, even if you remove all the metadata, it’s not gonna be, like, as private because the content itself complicates you, so to speak, right? There’s only so much person who could have done that one-hour therapy session and the CV at the same time. But then there are many other prompts that are, like, sensitive because we know who you are.

So suppose Luke you say- how can I get like antidepressants somewhere in Palo Alto? That’s a, a fine question to ask if people do wanna get some- something like that. But knowing that it’s you who are asking for [00:12:00] antidepressants make it sensitive. But otherwise, there are many people who would have asked the same thing.

And so these are more identity-bound questions. And so something like anonymity layer or unlinkable inference first tackle these kind of like ident- identity-bound questions, and then there’ll be like different approaches and technologies that we can use to think about how can, how we then like deal with these like content-bound questions.

But these are like very separate privacy angles that we both wanna address at, like in the long run.

Luke: That’s awesome. When we’re making these trade-offs, right? Where, every interaction’s kind of ephemeral and unlinkable, so the system can’t learn you or link it to you.

When you’re thinking about these things, I’m really curious, the idea of a personalized AI, is that all of a sudden out of bounds? Are there ways that you can do this that do, preserve the user’s privacy and give you a lot of this useful, , utility that people are using these AI for, like agents and all these things, right?

Like it’s all very close to you. Are there ways of doing this that [00:13:00] can be better for privacy and still give people kind of the personalization or be as integrated in people’s daily lives as a lot of these tools are becoming?

Ken: Yes. Yes, totally. This is a very good question that we wanna hit on as well.

So I think this is definitely more possible than before just because how AIs work today, because it’s token in, tokens out. So then you can consider the following, I call it the secretary model. I think , it will make sense if we think about it that way. So imagine you’re a billionaire and then you, maybe you are, and maybe you like have this person that runs around you, that says can help you process a lot of things.

So this person knows literally everything about you. He knows that you have this much money in the bank. He knows that, you have this many meetings with these people, and then you know that, you have gone through a divorce and here are the documents, divorce documents, when you have such a human assistant, you trust them like completely.

And then when you ask the assistant to, to do a task or the secretary to do a task, this secretary will like craft and delegate in a very contextually- [00:14:00] A minimal way. So for example, when they book, book a flight for you, it will not review anything about, your tax documents, for example, right?

And so we think this is very much possible. You just need two kind of technologies working together. You need a secure sandbox or confidential inference is the way we think about it. Can you put a open weight model either on your device or in your secure enclave that is provably bounded?

Once you have that, can you think out a way to like delegate queries to remote models, like delegate this, request to remote frontier intelligence are smarter. So almost like you’re structurally separating where are you personalizing your data versus where are you getting your intelligence, I think this is very much doable. In fact, like the open weight models of today are pretty smart already. That can probably handle most of your like personal questions. But then there may be like, 10 questions or 20 questions you cannot handle. And so long as you design this like interaction between your secretary and the remote, then you can get this like best of both worlds.

Luke: It, It seems doable, right? Especially with a lot of what’s happening locally and a lot of the work that [00:15:00] you guys are doing too around separating out these things where they would typically all go to the cloud and all be handled in a certain way.

And I think one of those reasons why I’m really excited by seeing folks like yourselves doing what you’re doing is that, when you start to dig in on the policy side for a lot of these things, these companies are using boilerplate privacy policies from- the ad tech kind of era.

But, if you look at the data collection, it’s good Lord, like this is so much more intimate information than what ad tech was using, right? But it’s allowed to run amok amongst that set of policies because new policies haven’t come around that are… and the tech is just moving faster than, the policies are.

How concerning is that to you guys

Ken: yeah. Like I think this goes back to your first question, like why are we working on this in the first place?

It’s just because like data collection and the intelligence stuff is moving too fast, such that the policy, the legal side, and like the precedents are not they don’t even have time to be set up yet. [00:16:00] There haven’t even been time where like people’s data are really, really being used in a bad way.

And so like when you look at this world, okay, here’s the technologist, here’s the- policymakers and lawyers and the government. There, there’s a mismatch between how they’re, like, thinking about this and, for example, a lot of people in the government don’t real- realize, like, how fast things are moving, and how can they make good law?

So then , when you look at this problem, look at this reality, you’d be like, “Well, can we then use technology to help kind of like support this for now?” Can we lay a technical foundation such that like you don’t need to depend on the government to say, “Okay, let me force this policy a privacy policy, a new standard of the new GDPR,” or something like that.

That’s how we’re thinking about it. We are concerned because it’s at the end of the day like incentives problem. For example Eric and I, we are incentivized that we would care about this problem, like we work in privacy security for a while now. We’re incentivized to do this, but you cannot say the same for the companies, right?

Like for [00:17:00] example, Google has been built on top of… The whole business is built on top of like user data. Can you sell ads better? Can you track better? So we’re not too sure like where this is going had there not been like efforts, elsewhere that try to address the privacy problem.

Luke: Yeah.

I totally agree, too. And I think like especially when you see how agencies are just telling the public, “We’re buying data from data brokers,” and you’re like, “Wait a minute. Now is this AI data part of that?” you’re really getting inside the heads of people.

Because I go to my kids’, baseball and softball games, and the other parents are using ChatGPT like Google now. “I’m gonna ChatGPT this,” or whatever. Oh, wow, like that’s faster than I thought, as far as MarketFit goes. This is getting spooky.

Yeah. And we’re talking a lot , about privacy, but there’s also this element of like censorship and censorship resistance. And I know, Eric, you’ve done a lot of work on anti-censorship. Do you guys see a future where access to private AI itself becomes [00:18:00] restricted given what we’ve seen, historically?

Erik: Yeah. I think it’s definitely possible. But I think the anti-censorship game might completely change. Just like you said- You have this, your child’s friend’s parent is using ChatGPT as the new Google. As like these AI and agents get better and smarter, I think in not too far, your entry point to the whole internet, and probably everything online, like services, your purchase on Amazon, et cetera, will all converge to AI or some kind of personal agent just Ken just said, a s- secretary.

And when that comes- I think, in the future the anti-censorship game will become to how you can have this neutral party of providing these kind of AI services in a private and secure way that’s not ven- vendor locked in so that you can access all the informations as you [00:19:00] want. For example, if we have some big player or some big tech is providing the secretary to you, then they can decide what to feed you and what not to feed you, and what hide from you, what information to hide from you.

That’s a very, very scary future. And with all the amount of information that we talked about earlier with AI that you revealed if you have these services that have no privacy, then they have tremendous power to influence every individual in a lot of ways.

Luke: One thing I’m curious for your guys’ take on too, just because, like, agents are a big part of kind of the zeitgeist right now, at least on the research and development side and also, on, on just in, Twitter and elsewhere, I’m kind of curious if you guys think there might be potential for something like an agent to like a secretary, but also like a protector, where you’re basically, you could have an agent that’s checking how [00:20:00] the tool is working compared to how their policy is claiming it will work or flagging things to you that aren’t safe or things to watch out…

do you guys see ways that AI can be used in the privacy space to strengthen people’s privacy aside from, applying privacy to things that we’re already doing?

Ken: Yeah, totally. This is such a good question, and this is in fact, what we are currently, focusing on as the next stage of the product. As back to the secretary model, that secretary is supposed to be your, protector, your data steward, so to speak. This model, you want it to be living in a secure environment, and then you want it to have access to everything, and then you want it to know you very well such that, it knows, okay, here there’s some stuff that you’re willing to share, here’s some stuff you’re not willing to share.

This thing or this agent would act in your interest when sharing data, when, looking at here are the requests for data. And we want everyone to have that. Everyone should be able to have this to say like- “Okay, I don’t know if sharing this will compromise my privacy or not.”

We wanna get to a point [00:21:00] where it doesn’t matter if you know or not, because there’s a model that everyone gets that will help you in figuring that out, in gating the information that flows out, right? So for example, the unlinkable inference layer will be very use- will be a very useful tool here.

For example, the secretary can help you decide, okay, this is some stuff that I wanna actually send anonymously to Gemini. This is some stuff that I’m okay to send with a normal web search, and this is some stuff that I wanna send with this amount of context as well that amount of context. It’s like we really see that happening.

So think of password managers, but like on steroids, right? Like your password manager is “I know everything about you, and on this website I’m gonna share just this password, nothing else, and then you can trust that I’m taking care of all your passwords.” But imagine that, but like with intelligence inside, but with all the context.

Totally. So that’s how we imagine, privacy would go in, in the future.

Luke: I think that’s a really smart way of doing it too, because, as these models and these tools become more commoditized and more [00:22:00] integrated, they’re gonna be things that some of them are gonna be really good at.

And, having ways to interface with them that are safe is probably gonna let you still have an advantage and kind of like hopefully force defaults that are better into this space. What do you guys think about that? , aside from that, let me back it up a little bit, right?

How long has your tool been out? The open anonymity chat, and since it’s public, and I mean, we found each other through X because you guys were out there talking about it have people– Have you seen people looking into the code, forking it, trying it out and things, pieces of it being implemented in places?

Just super curious to hear, what the response has been.

Ken: Yeah. Yeah, totally. So I guess I can give two cases, of example. One case is that, the Ethereum Foundation is very interested in some of this stuff. So for example, they have their own proposal of like, how can you build this like inference layer that is zero knowledge?

So that means like you can talk to some remote service, but there’s a layer in between that is zero knowledge [00:23:00] that can help you like be anonymous and unlinkable. And they have a grander vision of like, how can you make this apply to everything? And then when they saw our project, it’s “Wow, great guys.

You’ve taken like the, very good first step for the AI inference problem,” and then this is extremely practical. And then like we’re now working with them. We’re like- we’ve been close to think about how to expand this. That’s a very good validation to our point because, we share the same vision.

This is how it can go. It validates the practicality a lot. And second example I can share is, some alpha users. I think there are people who sign up who, message us and say, “Wow, this is great chat. Why are you not selling this?” you know, “Can I fork this to sell, sell it myself?

And, I, I’ve been using it daily. Can I get more of these tickets?” I think that’s really, really nice. I think we, we really like to see that this project that we did is, beneficial to people. And, I’ve been… I think the two of us been using it as our daily, chat client at this point, our PhD advisors as well.

We’re pretty happy about that. But, there’s definitely way more to do. We’re not, a real, a [00:24:00] product team. It’s just two PhD students doing research here. But there’s a lot of, yeah, room to , make it better.

Luke: It starts somewhere, right?

Are you thinking about how this is gonna grow into more products? Or, are you want it to continue to be like a test bed for research and development for things? And can people help that wanna contribute, whether that’s with code or, funding or whatever?

Like, how are you guys trying to grow this in a way that can keep growing, I guess?

Ken: Yeah. Yeah, totally. So far there are definitely people who reach out who want help. There are law students, there are students who do policy, there are technical people, there are co- like, applied cryptography people.

There are anti-censored people, anti-censorship people, network security people, and AI people as well. We do imagine this project to just stay right now, like a open source effort. You add a lot of stuff to it. For example, we just, tweeted something about, like a memory system.

Like, how can you manage memory locally, and then, selectively disclose certain information over the network? We [00:25:00] imagine this to be a hub of all these projects that, people can contribute and, build on. As, as far as that goes, that’s kind of our thinking. There are definite- definitely exploration about, how else could you take this?

Can you turn this into a company? Can you, take this as a nonprofit? Can you, do other stuff with it? I think we’re like, for example, very happy that, Vitalik Buterin the other day called us out on his blog post. We’re happy to get some grants from- some foundations that are, like, really i- into this vision.

And then there are, like, also obviously, a venture capitalists who are, like, interested in, seeing how this could go become an infrastructure actually for a lot of, use cases. We’re at the point of exploring a lot of this.

Luke: As somebody working in the privacy space for, gosh, like 10 years now, it is so cool to hear that, you listed off a few different examples, but that’s, inspiring to hear that you’re getting, interest from all these different areas.

And I think the Ethereum Foundation too, having them, they’re the second-largest blockchain on the planet, and, that’s a big deal, right? So you guys are obviously cooking with good ingredients [00:26:00] here, and I can tell just from going in, and I encourage anybody listening to go check their stuff out,

It’s so thoughtful the implementation, and it might be over a lot of people’s heads that aren’t in the security and privacy space, just the way that the nomenclature and the verbiage is. But as somebody that’s in it, seeing the level of care that went into laying out the specifics, it is very rare, and I think that it’s very needed, and I think it’s very cool, and it’s really just cool to hear that you guys have had such good feedback on this because coming from ad tech, seeing what the privacy space, the level of, capture that, that people’s information has out there it is really rare to find one, not onl- not only one, but two people that are also, really skilled building these things, that also see, the full picture on this stuff, and it- it’s really cool to see.

I applaud you guys for putting this out and not just putting it out, but, being extroverted and, going out there and kinda, poking folks with the- … with the stick when the marketing sounds too glossy- … ‘cause that’s another big problem. [00:27:00] Thank you so much. And it’s super cool to see you guys doing that, man.

Ken: Thank you so much. Thank you so much. Thank you. We’re otherwise pretty introverted, but, if the time calls for it, we have to act.

Luke: No doubt it does, man. No doubt right now is the time too.

Where can folks find your guys’ product? Where can they follow you guys and stay tuned into what the latest… and are you all looking for testers and stuff like that too?

Ken: I would say, we definitely welcome contributors. I think we’re on Twitter. You can ping us, you can write us an email.

The project page is public, the code is public. You can check it out. Definitely email us to, to see, like, how you would like to contribute if you’d like to. But also, just trying it out, I think this is more practical than people think. Unlike, let’s say, the past, let’s say privacy technologies in, let’s use the word Web2, right?

There are a lot of trade-offs there. Sometimes you use a privacy product- Mm-hmm … you realize the features are not, not as good. Something’s missing there, something’s missing there. But I thing with AI and tokens is that, , there’s no discrimination between tokens. If you get token from [00:28:00] OpenAI, it’s gonna be, the same tokens.

There’s no structural way that this is, a worse product, but then compared to, okay, now you have privacy a- added on top. For example, there’s very little low latency to get, through this layer to request as opposed to, you talk to ChatGPT. In fact, because of the app, it’s built local- it runs in the browser as opposed to there’s a backend server taking a prompt.

It also runs faster as a result. We’re really hoping that, in this new kind of, AI era, there are ways to rethink products and rethink like, experiences and UX such that, you, there’s really no drawback from using a private option. I think this is a really a good time to, reconsider, a prior biases of, is it actually…

Am I actually losing something if you have switched to that private option? I think the answer might be surprisingly no. There’s nothing you’re losing.

Luke: Amen to that, and totally agree. Again, commend you all for what you’re doing. I encourage everybody listening to this to go check out their work. And, yeah, can we get [00:29:00] the URL or the link?

Where, where can people find it again if they wanna go try it out?

Ken: Yeah. So the main URL will be, chat.openanonymity.ai. It’s just a chat client that we set up. Right now it’s being funded by the university for fun. But maybe at some point we’ll, ‘cause actually can’t, we can’t afford to burn this anymore, we’ll have to start set up payments.

But for now, that’s gonna be available for this

Luke: chat. Awesome. Go check it out, everybody. Ken and Eric, I, I really appreciate you guys making the time. I’d love to have you back, especially as we start to get more privacy panels and things like that set up, love to have you guys on and opine.

Really appreciate the work you guys are doing and encourage everybody to check it out. Thanks again for making the time today.

Erik: Thank you so much for having us. Thank you so much.

Luke: Thanks for listening to the Brave Technologist Podcast. To never miss an episode, make sure you hit follow in your podcast app.

If you haven’t already made the switch to the Brave browser, you can download it for free today at brave.com and start using Brave Search, which enables you to search the web privately. Brave also shields you from the ads, trackers, and [00:30:00] other creepy stuff following you across the web.