A new investigative report has levied serious accusations against Honey, the popular coupon-finding browser extension acquired by PayPal for $4 billion in 2019. The report, published by independent journalist and YouTuber Mega Lag, alleges that Honey operates a predatory business model that exploits small businesses, violates user privacy, and engages in practices described by merchants as “economic extortion.”
The release of the investigation comes amidst a tense legal standoff. According to the journalist, PayPal’s legal team issued a cease and desist order and filed a copyright claim to remove previous video footage exposing vulnerabilities in Honey’s iOS source code.
The “Participating Store” Discrepancy
At the heart of the investigation is the discrepancy between the number of stores Honey claims to partner with and the actual number of stores it monetizes. While Honey advertises partnerships with approximately 30,000 stores, the investigation reveals—via an internal “supported domains” file—that the extension actually tracks and interacts with over 180,000 online stores.
The report alleges that Honey drags approximately 146,000 businesses onto its platform without their consent. For these unconsented stores, Honey reportedly:
- Scrapes private coupon codes.
- Injects itself into the checkout process.
- Interferes with customer attribution data.
Small Businesses and the “Extortion” Loop
The investigation highlights the detrimental impact this “forced inclusion” has on small businesses. Interviews with business owners, including Chip, CEO of Made In Cookware, reveal a pattern where Honey scrapes private discount codes intended for specific groups—such as military veterans, employees, or specific podcast listeners—and broadcasts them to the general public.
This practice allegedly destroys profit margins and ruins marketing attribution. When merchants contact Honey to request removal from the platform, they are reportedly met with a refusal.
“When merchants discover their codes have leaked… and request to have their codes removed… nine times out of 10, the response is ‘join our affiliate program and you’ll have more granular control.'”
The report characterizes this dynamic as a form of “economic extortion,” where businesses are forced to pay Honey commissions via an affiliate partnership simply to stop the extension from leaking their private internal codes.
Privacy Concerns and “Wiretapping” Allegations
Beyond business practices, the investigation raises significant privacy concerns for users. A security analysis of Honey’s iOS app reportedly exposed source code indicating that the extension transmits data to its servers before obtaining user consent.
The investigation demonstrated that when a user types a coupon code into a browser, Honey sends that data to its servers immediately—even if the user subsequently declines Honey’s pop-up asking for permission to share the code.
These findings align with a wave of legal challenges PayPal is currently facing. The company has reportedly been hit with over 20 class-action lawsuits accusing them of:
- Wiretapping
- Computer hacking
- Unfair competition
- Unjust enrichment
The Impact on the Creator Economy
The report also touches on how Honey’s practices allegedly harm content creators. By scraping unique discount codes assigned to podcasters and YouTubers for tracking sponsorship ROI, Honey dilutes the data brands use to verify an influencer’s effectiveness.
When a podcast code is leaked to the mass market, the brand loses money on the discount, and the attribution data becomes useless, leading brands to cancel sponsorship deals with creators.
PayPal’s Response
While PayPal has not issued a public statement addressing the specific allegations in this new video, their legal team’s recent cease and desist order suggests they are aggressively protecting their intellectual property. The investigation notes that despite the $4 billion acquisition price, data suggests nearly 15,000 brands have terminated their partnerships with Honey, casting doubt on the long-term sustainability of its current business model.
