The Affiliate Trap Behind Phoebe Gates' Shopping App
Phia, the shopping app co-founded by Phoebe Gates and Sophia Kianni, faces accusations it stuffed cookies to claim commissions on sales it never drove. The dispute pulls back the curtain on how affiliate tracking quietly decides who gets paid on the modern web.

On 11 July 2026, shopping app Phia woke up to a problem no glossy brand story could launder away. TechCrunch reported the company, co-founded by Phoebe Gates and Sophia Kianni, had been accused of inserting its own affiliate tracking code into user checkout flows, a practice known as "cookie stuffing," allowing the startup to claim commissions on purchases it did not actually drive. The allegation moved fast through the same creator-economy channels the app depends on: an AngelList wire item carried the story at 09:04 UTC, a parallel product-hunt channel matched it within the same minute, and a longer TechCrunch explainer sat underneath both. By lunchtime on the US east coast, the question had stopped being whether Phia did it and started being what the episode reveals about how affiliate tracking really works.
The accusation matters because the technology underneath every "Shop now" button on the modern web is not a button at all. It is a tiny line of code that drops a file in a user's browser, notes where they came from, and waits to see if they buy. If they do, the originating publisher gets paid. When a competitor quietly drops its own tracker into that same journey, the original referrer loses credit, and a sale the creator never expected can pay out to someone who did nothing to earn it. That is the mechanic at the heart of the Phia dispute, and it is the same mechanic that decides, every minute of every day, who collects a slice of the roughly $20bn in affiliate commissions that flow through US retail each year.
What the accusation actually says
The allegation is narrow, technical, and consequential. According to TechCrunch, critics say Phia's browser extension dropped an affiliate cookie during the checkout process at retailers like Nike and Sephora, in some cases overriding the legitimate affiliate tag set by a creator whose content had actually driven the shopper to the site. The replacement cookie rewired the commission to Phia, in a pattern veteran affiliate marketers describe as textbook cookie stuffing: the disputed sale is real, the conversion is genuine, but the credit is stolen.
The pattern is not new. Affiliate networks have spent years playing whack-a-mole with extensions that rewrite cookies, partly because the economics reward it. A browser extension sits inside the user's browser and can see every page load. A user's purchase journey, meanwhile, is a relay race: an influencer posts a link, the user clicks it, a tracking cookie fires, the user bounces through two or three tabs, and finally checks out. Every handoff is an opportunity for a piece of software to insert itself.
What makes the Phia allegation stand out is the brand attached to it. The company markets itself to women 18 to 24, claims a comparison-shopping engine, and has been treated by fashion press as a feel-good founder story. The founding duo have appeared on podcasts, including one run by Sophia Kianni, that frame the venture as a consumer-first alternative to the affiliate-choked web. Critics say the same code path that lets Phia compare prices is also the code path that lets it claim credit.
The mechanics behind the dispute
Affiliate marketing runs on a chain of small text files called cookies, plus modern server-side tracking pixels. When a publisher like a fashion creator shares a link to a Nike product, the link carries an identifier unique to them. Clicking it plants that identifier in the buyer's browser for a window that typically runs 24 hours to 30 days. If the buyer buys in that window, the identifier gets matched against a network record, and the creator gets paid.
Cookie stuffing breaks that chain in one of three ways. First, an extension can drop an affiliate cookie when no purchase intent has been signalled, hoping the user later buys anyway. Second, an extension can overwrite an existing cookie, replacing the original referrer's tag with its own. Third, the extension can layer in a redirect or a hidden image that fires a tracking pixel server-side, again without the user ever clicking a partner link. Each method, in its own way, lets the operator cash in on a sale they did not generate.
For creators, the loss is invisible. They see a sale land in a network dashboard without the matching commission. They have no way to know which piece of software intercepted the journey. The complaint only emerges when enough creators notice the same retailer, the same shopping flow, the same mysteriously absent payouts.
That is the shape of the Phia dispute. The allegations, as published by TechCrunch on 11 July, follow a recognisable pattern: a browser extension sits in the checkout path, an affiliate identifier gets replaced, and creators discover that sales they thought they earned are no longer theirs.
Who is on the hook
The named targets are sharp. Phoebe Gates is the daughter of Bill Gates and Melinda French Gates, and her name draws press interest the company itself depends on. Sophia Kianni is a climate communicator whose earlier work focused on Generation Z and the Iran diaspora. Both have framed Phia as a mission-driven consumer product.
The accusers, at least at the moment the wire items landed, are a loose coalition of creators and affiliate marketers rather than a single corporate complainant. The creator economy runs on gossip networks and on Slack groups where a single screenshot of a misrouted commission can ricochet through thousands of users in a day. By the time a story lands on TechCrunch, the underlying claims have usually been triangulated across multiple creator accounts.
Retailers like Nike and Sephora, named in the coverage, sit in an awkward middle. They do not run affiliate programs directly; they work with networks like Rakuten, Impact, and Sovrn. Those networks are the ones that ultimately pay out commissions, and they are the ones with the contractual leverage to investigate. Whether they will is the open question. Networks have financial incentives to keep an affiliate relationship alive and have historically been slow to act on disputes that touch popular extensions. A creator who complains about cookie stuffing is often told to file a support ticket, then to wait.
The structural read
The episode is, at bottom, about who controls the browser. Affiliate marketing is, in effect, a tax on commerce levied by whoever holds the tracking identifier at the moment of purchase. For most of the last fifteen years, that identifier has been set by the link a user clicks, because the link is where intent is most clearly signalled. Browser extensions, ad blockers, price-comparison tools, and a long tail of productivity software have steadily eroded that principle. Each piece of software that touches a checkout is now a potential claimant on the commission.
The platform layer underneath has grown more concentrated, not less. Retailers run on a handful of affiliate networks. Those networks run on a handful of attribution vendors. Browser-side tooling, meanwhile, has exploded in diversity: thousands of extensions, many installed by users who never read the permissions screen. The result is a kind of arbitrage economy, where the player who controls the last code to fire before a checkout button collects the payout. Phia's product sits squarely in that lane. So do a long list of competitors whose browser extensions quietly rewrite the economics of every shopping trip.
The episode also lands inside a broader debate about how the creator economy is taxed by the tools it depends on. Platforms like YouTube and TikTok take their cut through opaque algorithms. Affiliate networks take theirs through opaque attribution. Browser extensions take theirs by writing into the same cookie jar. Each layer erodes creator revenue, and each is difficult to audit. The Phia allegation collapses three of those layers into a single product.
What remains contested
A few lines of dispute are unresolved as of 11 July 2026. Phia has not, in the source items available, made a detailed public statement on the cookie-stuffing claims. The company has, in past press, described its extension as a price-comparison tool that does not interfere with third-party cookies, a position that the new allegations directly contest.
The scale of the problem is also unclear. The source items describe a pattern, not an audited count of misrouted commissions. Affiliate networks do not, in the public material reviewed here, publish the kind of statistics that would let a reader judge how widespread cookie stuffing actually is. The dispute could involve dozens of disputed sales or thousands. The wire items do not say.
The legal posture is equally thin. Cookie-stuffing has been the subject of FTC enforcement and of private litigation against extension makers, including a 2017 action against a now-defunct coupon company that resulted in a multi-million-dollar settlement. Whether Phia's conduct falls inside that line of cases will depend on technical facts the public reporting does not yet establish. The retailers named in the coverage, Nike and Sephora, have not been quoted in the items available.
Stakes and what to watch next
The most direct stake is financial. If the allegations hold up, a meaningful slice of Phia's claimed revenue comes from commissions it did not earn. The number, in absolute terms, is not yet public. The reputational cost, on the other hand, is already moving through creator channels, where the company has positioned itself as a champion of women shoppers.
A second stake is regulatory. The FTC has shown a willingness to treat affiliate fraud as a consumer-protection matter, not just a contractual one between merchants and networks. A high-profile accusation against a brand with the Gates name attached raises the odds of an inquiry, even if the underlying conduct turns out to be less dramatic than the early coverage suggests.
A third stake is structural. The dispute is a useful case study in how brittle affiliate attribution really is. If a single browser extension can quietly reshape commission flows, every creator on every network is exposed to the same kind of leak. Networks that fail to police the practice are, in effect, taxing their own supply. The episode may accelerate moves toward server-side tracking, which is harder to spoof, and away from browser cookies, which are easier to stuff.
For now, the cleanest reading is also the simplest: Phia built a browser extension that sits inside the checkout flow, and creators who used other affiliate links are saying their commissions went elsewhere. The technical details, the legal exposure, and the company response will take weeks to sort out. The underlying dynamic, that the tool closest to the buyer's browser tends to collect the payout, is older than Phia and will outlast it.
Desk note: Monexus framed this as a structural question about affiliate attribution and platform governance rather than a founder personality story. The wire coverage tends to centre the Gates surname; this piece centres the code path and the disputed commissions.
Wire provenance
This editorial synthesis draws on the following public wire/social posts:
- https://t.me/producthunt
- https://t.me/AngelList