The cybersecurity company Avast has been fined $16.5 million for storing and selling users’ personal information without their consent. The Federal Trade Commission (FTC) announced the fine against Avast and stated that it is prohibiting Avast from selling users’ personal information to third parties for advertising purposes.
The antivirus company collected users’ browsing data and history through it’s antivirus software and web browser extensions available for various web browsers from 2014 to 2020, according to the FTC report. The company collected information related to users’ religious beliefs, financial status, political views, health concerns and location. The FTC complaint revealed that Avast stored this information “indefinitely” and then sold it to over 100 third-party companies without informing users.
This issue was initially reported in a joint investigation by Motherboard and PCMag regarding Avast’s data protection practices in 2020. In response, Avast promptly shut down it’s data-collecting arm, Jumpshot, after the report was published.
Although the antivirus company claimed to have removed users’ personal information, such as identity, before selling the information to third parties, the FTC complaint stated that the company “failed to sufficiently anonymize consumers’ browsing information”. Instead, each piece of information was sold with a unique identifier for each browser, revealing visited websites, timestamps, the type of device and browser used and location.
The FTC also accused Avast of deceiving users by promising that it’s software would eliminate users’ web tracking while being involved in tracking users’ web data and browsing history itself.
“We are committed to our mission of protecting and empowering people’s digital lives,” stated Avast spokesperson Jess Monney in a statement to The Verge. “While we disagree with the FTC’s allegations and characterization of the facts, we are pleased to resolve this matter and look forward to continuing to serve our millions of customers around the world”.
The FTC additionally proposed to prohibit Avast from misrepresenting what it does with users’ data. Avast must cease “selling or licensing any browsing data” from it’s products to advertisers, as well as delete all the web browsing data obtained by Jumpshot. Avast is also mandated to notify affected customers that their data has been sold without their knowledge.
Other Trending News:- News
