Avast is fined $16.5 million by the FTC for selling the browsing details of users
Avast is fined $16.5 million by the FTC for selling the browsing details of users
Antivirus vendor Avast has been fined $16.5 million by the U.S. Federal Trade Commission (FTC) on suspicion that it marketed users’ browsing information to advertisers while asserting its products would prevent online tracking.
Furthermore, for promotional reasons, the company is prohibited from selling or licensing any web browsing data. Additionally, individuals whose browsing information was sold to third parties without their permission will be notified.
The FTC, in its complaint, claimed that Avast “wrongfully gathered users’ browsing data via the company’s browser extensions and antivirus software, kept it forever, and sold it without sufficient notification and consumer consent.”
An investigation conducted jointly by Motherboard and PCMag exposed the deceptive data privacy practice in January 2020. Several prominent organizations, including Google, Yelp, Microsoft, McKinsey, Pepsi, Home Depot, Condé Nast, and Intuit, were identified as “past, present, and potential clients” of Jumpshot.
One month prior, Avast’s browser add-ons were removed from the respective stores of Google Chrome, Mozilla Firefox, and Opera. Prior to that, security researcher Wladimir Palant identified those extensions as spyware in October 2019.
As of August 2018, Jumpshot identified itself as the “only company that unlocks walled garden data” and claimed to possess information from up to 100 million devices. It has been reported that the browsing information has been accumulated since at least 2014.
Avast “immediately ceased the Jumpshot data collection and ceased operations of Jumpshot in response to the backlash regarding privacy.”
Since then, Avast and Norton LifeLock, two additional cybersecurity companies, have merged to form Gen Digital, the parent company of Avast, which also includes AVG, Avira, and CCleaner.
Additionally, it levied allegations against the UK-based company for misleading users by asserting that the software would obstruct third-party tracking and safeguard users’ privacy while neglecting to disclose that its Jumpshot subsidiary would sell their “detailed, re-identifiable browsing data” to over one hundred third-parties.
Moreover, data purchasers might be able to link non-personally identifiable information with the browsing histories of Avast users, thereby enabling additional organizations to monitor and correlate users and their browsing patterns with pre-existing data.
“Avast made a false promise to users regarding the protection of their browsing data privacy with its products,” said Samuel Levine, director of the FTC’s Bureau of Consumer Protection. “Avast’s bait-and-switch surveillance tactics compromised consumers’ privacy and broke the law.”
About the Author:
Yogesh Naager is a content marketer who specializes in the cybersecurity and B2B space. Besides writing for the News4Hackers blog, he’s also written for brands including CollegeDunia, Utsav Fashion, and NASSCOM. Naager unusually entered the field of content. He began his career as an insurance sales executive, where he developed an interest in simplifying difficult concepts. He also combines this interest with a love of narrative, which makes him a good writer in the cybersecurity field. In the bottom line, he frequently writes for Craw Security.
READ MORE ARTICLE HERE
Fresh Wi-Fi Vulnerabilities Offer Cyber Intruders Access to Android and Linux Devices.
International Crackdown Disrupts the LockBit Ransomware Network in Operation Cronos
WhatsApp Hacking: One Phone Call and WhatsApp Hack, No OTP or Verification Required
About Author
English