Avast to Pay $16.5M Fine for Selling Consumer Browsing Data

We Keep you Connected

Avast to Pay $16.5M Fine for Selling Consumer Browsing Data

The FTC found that Avast collected reams of personal data through its antivirus product, then sold it to more than 100 third parties without disclosing its practices.
February 23, 2024
The Federal Trade Commission (FTC) is requiring Avast, a antivirus security provider, to pay a $16.5 million fine to settle charges that the company and its subsidiaries have been selling and licensing Web browsing data to third parties, after claiming that its products protect consumers from such online tracking.
The FTC said that Avast collected consumer browsing data and stored it indefinitely without notice or consent, as noted in the complaint. In addition, the FTC claimed that Avast deceived its users when it said that it would protect their privacy by preventing third-party tracking, only to sell identifiable browsing data to more than 100 third parties through Jumpshot, a subsidiary company.
The FTC claimed that Avast has been collecting consumer browsing data since 2014 using antivirus software installed on user devices. The browsing data reveals private information of the users such as religious beliefs, health concerns, financial status, political affiliations, and other sensitive information.
"Avast promised users that its products would protect the privacy of their browsing data but delivered the opposite," said Samuel Levine, director of the FTC's Bureau of Consumer Protection. "Avast's bait-and-switch surveillance tactics compromised consumers' privacy and broke the law."
The money Avast has been ordered to pay will go to the affected consumers. Furthermore, in a proposed order that was approved 3-0 by the commission, the company will be prohibited from "misrepresenting how it uses the data it collects."
In addition to this, Avast must obtain affirmative expressed consent from users before selling their data, delete Web browsing information transferred to Jumpshot, notify consumers of their sold browsing data, and implement a privacy program to address misconduct underscored by the FTC.
Dark Reading Staff
Dark Reading
Dark Reading is a leading cybersecurity media site.
You May Also Like
Securing the Software Development Life Cycle from Start to Finish
Securing the Software Development Life Cycle from Start to Finish
How Supply Chain Attacks Work — And How to Stop Them
How Supply Chain Attacks Work — And How to Stop Them
Assessing Your Critical Applications’ Cyber Defenses
Cybersecurity’s Hottest New Technologies – Dark Reading March 21 Event
Black Hat Asia – April 16-19 – Learn More
Black Hat Spring Trainings – March 12-15 – Learn More
Industrial Networks in the Age of Digitalization
Zero-Trust Adoption Driven by Data Protection
How Enterprises Assess Their Cyber-Risk
Intel 471 Breach Report
The Infoblox Q1 2021 Cyberthreat Intelligence Report
A Solution Guide to Operational Technology Cybersecurity
Causes and Consequences of IT and OT Convergence
Incident Response Planning Guide
Building Cyber Resiliency: Key Strategies for Proactive Security Operations
2023 Snyk AI-Generated Code Security Report
Cybersecurity’s Hottest New Technologies – Dark Reading March 21 Event
Black Hat Asia – April 16-19 – Learn More
Black Hat Spring Trainings – March 12-15 – Learn More
Copyright © 2024 Informa PLC Informa UK Limited is a company registered in England and Wales with company number 1072954 whose registered office is 5 Howick Place, London, SW1P 1WG.

source

TNC

LET US MANAGE YOUR SYSTEM
SO YOU CAN RUN YOUR BUSINESS

GET THE LATEST UPDATES, OFFERS, INFORMATION & MORE