Privacy News FTC to ban Avast from selling browsing data for advertising purposes

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,672
The U.S. Federal Trade Commission (FTC) will order Avast to pay $16.5 million and ban the company from selling the users' web browsing data or licensing it for advertising purposes.

The complaint says Avast violated millions of consumers' rights by collecting, storing, and selling their browsing data without their knowledge and consent while misleading them that the products used to harvest their data would block online tracking.

"While the FTC's privacy lawsuits routinely take on firms that misrepresent their data practices, Avast's decision to expressly market its products as safeguarding people's browsing records and protecting data from tracking only to then sell those records is especially galling," said FTC Chair Lina M. Khan.

"Moreover, the volume of data Avast released is staggering: the complaint alleges that by 2020 Jumpshot had amassed "more than eight petabytes of browsing information dating back to 2014."

More specifically, the FTC says UK-based company Avast Limited harvested consumers' web browsing information without their knowledge or consent using Avast browser extensions and antivirus software since at least 2014.

Avast data feeds included unique identifiers for each web browser and a combination of info on every website visited, timestamps, type of device and browser, as well as the users' city, state, and country. When describing its data-sharing practices, the company also falsely claimed it would only transfer the users' personal information in an aggregate and anonymous form.

The FTC also said Avast stored this information indefinitely and sold it to over 100 third parties between 2014 and 2020 through their Jumpshot subsidiary.

For instance, Jumpshot made an agreement with advertising company Omnicom, which allowed it to access 50% of Jumpshot's customer data from six countries: the United States, the United Kingdom, Mexico, Australia, Canada, and Germany, as alleged in the complaint.

Avast also purportedly misled users by promising to protect their privacy by blocking third-party tracking. However, it failed to inform them that their detailed, re-identifiable browsing data would be sold.
 

Captain Holly

Level 5
Verified
Well-known
Jan 23, 2021
238
I guess Avast will never live down the Jumpshot data selling issue. I read somewhere, don't have a source but I remember reading that Avast's new owner Gen Digital/Norton is not allowing things like this to happen now. Avast itself has tried in the past to apologize and they shut Jumpshot down when they got caught selling user data a few years ago. I think it has been 3 or 4 years now. I saw a post about this at Wilders maybe a year or two ago saying Avast had stopped the data collection/sales and were much more concerned with implementing the new-at-the-time Avast One platform. Still, what they did was wrong and now they have to pay.

C.H.
 

zaknick

New Member
Feb 22, 2024
1
I guess Avast will never live down the Jumpshot data selling issue. I read somewhere, don't have a source but I remember reading that Avast's new owner Gen Digital/Norton is not allowing things like this to happen now. Avast itself has tried in the past to apologize and they shut Jumpshot down when they got caught selling user data a few years ago. I think it has been 3 or 4 years now. I saw a post about this at Wilders maybe a year or two ago saying Avast had stopped the data collection/sales and were much more concerned with implementing the new-at-the-time Avast One platform. Still, what they did was wrong and now they have to pay.

C.H.
Baloney. Avast is still doing it. Install avast at play store then look at what its doing with privacy protection tools like Exodus and Duckduckgo browser with App Tracker blocker. And they use openvpn which is old, gigantic code with tons of vulnerabilities over the years while putting down Wireguard which is awesome.

Wonder who else is selling???
According to Duckduckgo, 96% of apps sell to g00gl3 and 60% to f@k3b00k.
 

Attachments

  • Screenshot_20240221_212922_com.duckduckgo.mobile.android_edit_25912207327816.jpg
    Screenshot_20240221_212922_com.duckduckgo.mobile.android_edit_25912207327816.jpg
    232.6 KB · Views: 60
  • Screenshot_20240222_131902_com.brave.browser.jpg
    Screenshot_20240222_131902_com.brave.browser.jpg
    381.9 KB · Views: 54
Last edited by a moderator:

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459
In addition to paying $16.5 million to the FTC, Avast has been prohibited from selling browser data and must destroy all web browsing data transferred to Jumpshot as well as any algorithms derived from said data. Avast will also have to ensure it secures express consent for data licensing from users, implement a privacy program, and inform all users whose data was sold by Jumpshot about the FTC's decision.

Avast has not, however, admitted guilt – a typical outcome in these sorts of scenarios.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top