FTC slaps Avast with $16.5 million fine for selling users’ browsing data

FTC slaps Avast with $16.5 million fine for selling users' browsing data

The US Federal Trade Commission (FTC) has fined antivirus vendor Avast $16.5 million over allegations that the company sold users’ browsing data to advertisers after claiming its products would block online tracking.

In addition, the company is prohibited from selling or licensing web browsing data for advertising purposes. It will also have to notify users whose browsing data has been sold to third parties without their consent.

The FTC stated in its complaint said Avast “unfairly collected consumers’ browsing information through the company’s browser extensions and antivirus software, stored it indefinitely, and sold it without notice and without consumer consent.”

The company also accused the British company of misleading users by claiming the software would block third-party tracking and protect users’ privacy, but failed to inform them that it would give their “detailed, re-identifiable browsing data” to more than 300 people would sell. 100 third parties through its subsidiary Jumpshot.


Additionally, data buyers can link non-personally identifiable information to Avast users’ browsing data, allowing other companies to track users and their browsing history and link it to other information they already had.

The deceptive data privacy practice came to light in January 2020 after a joint research from Motherboard and PCMag, citing Google, Yelp, Microsoft, McKinsey, Pepsi, Home Depot, Condé Nast and Intuit as some of Jumpshot’s “past, current and potential customers.”

A month earlier, web browsers Google Chrome, Mozilla Firefox and Opera were released DELETED Avast’s browser add-ons from their respective stores, with preliminary investigation from security researcher Wladimir Palant in October 2019, who considered these extensions spyware.

The data, which included a user’s Google searches, location lookups and Internet footprint, was collected through the antivirus program Avast installed on a person’s computer without asking for their informed consent.

“Browsing data [sold by Jumpshot] contained information about users’ Internet searches and the web pages they visited – revealing consumers’ religious beliefs, health conditions, political affiliations, location, financial status, visits to child-targeted content, and other sensitive information,” the lawsuit alleged. FTC.

sweater described itself as the ‘only company that unlocks walled garden data’ and claimed to have data from as many as 100 million devices as of August 2018. The browsing information is said to have been collected since at least 2014.


The privacy response asked Avast will “terminate Jumpshot’s data collection and cease Jumpshot’s operations immediately.”

Avast has since merged with another cybersecurity company NortonLifeLock to form a new parent company called Gen Digital, which also includes other products such as AVG, Avira and CCleaner.

“Avast promised users that its products would protect the privacy of their browsing data, but delivered the opposite,” said Samuel Levine, director of the FTC’s Bureau of Consumer Protection. “Avast’s surveillance tactics jeopardized consumer privacy and violated the law.”

#FTC #slaps #Avast #million #fine #selling #users #browsing #data

Notify of
Inline Feedbacks
View all comments
Previous Post
Zero-Click Shortcuts Vulnerability

Researchers describe Apple’s recent zero-click shortcuts vulnerability

Next Post
Konni RAT Malware

Russian government software has been given a backdoor to deploy Konni RAT malware

Related Posts