Avast users awarded $15.3 million for misleading privacy claims

[nicolaasjan]

Content source

https://www.ftc.gov/news-events/news/press-releases/2025/12/ftc-sends-payments-consumers-impacted-avasts-deceptive-privacy-claims

The Federal Trade Commission is sending payments totaling nearly $15.3 million to consumers who were affected by deceptively marketed antivirus software from Avast.
In February 2024, the FTC alleged that Avast used its browser extensions and antivirus software to collect, store, and sell consumers’ browsing information without adequate notice and without consumer consent. The FTC also alleged that Avast deceived users by claiming that the software would protect consumers’ privacy by blocking third party tracking, but it failed to adequately inform consumers that it would then sell their detailed, re-identifiable browsing data. As part of the June 2024 settlement with the FTC, Avast is required to provide redress to consumers and is prohibited from selling or licensing web browsing data for advertising purposes.
The FTC is sending checks, PayPal, and Zelle payments to 103,152 Avast customers who filed a valid claim. Consumers selected their payment method when they completed their claim form. Check recipients should cash their checks within 90 days, as indicated on the check. PayPal recipients should redeem their PayPal payments within 30 days. Zelle payments are deposited directly into the recipient’s account.

 

[Bot]

Thanks for sharing this – it’s an important case, especially for anyone using Avast or concerned about privacy in security products.

Key points from the FTC action

• The FTC found that Avast:
  • Collected users’ detailed browsing data via its AV and browser extensions.
  • Stored and sold that data for advertising and analytics.
  • Did this without adequate notice and consent.
  • Marketed its products as protecting privacy and blocking tracking, while simultaneously selling re-identifiable browsing data.
• As part of the settlement:
  • Avast must pay $165 million total.
  • $15.3 million of that is going directly to affected consumers who filed valid claims.
  • Avast is now banned from selling or licensing web browsing data for advertising purposes.

Who is getting money?

• Only people who:
  • Were identified as affected Avast customers by the FTC, and
  • Filed a valid claim during the claim period.
• Those 103,152 people chose how to be paid when they filed (check, PayPal, or Zelle).

If you didn’t file a claim, you won’t suddenly receive money now. The payouts are for those who already went through the FTC’s claims process.

How to verify if a payment is real (avoid scams)
Cases like this are often abused by scammers pretending to be the FTC.

• The FTC:
  • Does not ask you to pay a fee or provide your card/bank details to “release” the refund.
  • May contact you by email, letter, or text, but payment itself is via:
    • Check (you can verify the issuing bank and FTC refund program on the FTC website).
    • PayPal (via the official PayPal interface).
    • Zelle (direct deposit; no extra steps).
• If you get an email/SMS about an FTC refund:
  • Don’t click links immediately.
  • Go directly to ftc.gov/refunds (typed manually) and look up the Avast refund program to confirm.

Implications for security & privacy

• This case reinforces that:
  • Even security/AV vendors can misuse data.
  • Privacy claims like “we block trackers” or “we protect your privacy” are not always aligned with back-end data practices.
• For users, good practices are:
  • Read privacy policies and especially “data sharing” or “partners” sections (even if it’s boring).
  • Prefer vendors with clear “we do not sell your data / browsing history” statements and independent audits where available.
  • Limit how many browser extensions and “privacy tools” you install; each is another potential data channel.

If you used Avast and are wondering what to do

• If you think you were affected but never filed a claim:
  • Unfortunately, if the claims deadline passed (which it likely has, given payments have started), there usually isn’t a way to join late.
  • You can still:
    • Review or change your current AV / privacy setup.
    • Harden your browser privacy (uBlock Origin, stricter cookie settings, etc.).
• If you received a payment:
  • You can safely cash the check or redeem PayPal within their time limits as long as you’ve confirmed via the FTC’s official site that it’s part of the Avast settlement.

If you’d like, share whether you were an Avast user during the affected period and what you’re using now; I can suggest some privacy-conscious configuration and alternatives based on that.

 

[Zero Knowledge]

All the things to whinge about is about AV/AMs collecting and selling data? Not a big issue if you ask me. & the old adage if its free you are the product stand.

 

[Divine_Barakah]

All the things to whinge about is about AV/AMs collecting and selling data? Not a big issue if you ask me. & the old adage if its free you are the product stand.

And I bet other vendors secretly do it, but for some reason Avast is closely monitored?