Skip to content Skip to footer

Avast ordered to stop selling browsing data from its browsing privacy apps

Avast is a well-known name in security research and . It has provided extensions, mobile , and other tools to enhance . These were marketed to “block annoying tracking cookies that collect data on your browsing activities,” and prevent services from “tracking your online activity.” However, the company was found to be collecting users' browser information from 2014 to 2020 and selling it to more than 100 other companies through a subsidiary called Jumpshot.

According to the Federal Trade Commission (FTC), Avast must pay $16.5 million under a proposed recent FTC order, which is expected to be used to provide redress to consumers. Avast will also be prohibited from selling future browsing data, must obtain express consent on future data gathering, notify customers about prior data sales, and implement a “comprehensive program” to address prior conduct.

The complaint filed by the FTC notes that after Avast acquired Jumpshot in early 2014, it rebranded the company as an analytics seller. Jumpshot claimed it offered “unique insights” into the habits of “more than 100 million online consumers worldwide.” This included the ability to “see where your audience is going before and after they visit your site or your competitors' sites, and even track those who visit a specific URL.”

Although Avast and Jumpshot claimed the data had identifying information removed, the FTC argues that this was “insufficient.” Jumpshot's offerings included a unique device identifier for each browser, which was included in data like an “All Clicks Feed,” “Search Plus Click Feed,” “Transaction Feed,” and more.

The FTC's complaint details how various companies would purchase these feeds, often with the express purpose of pairing them with a company's data, down to an individual user basis. Some Jumpshot contracts attempted to prohibit re-identifying Avast users, but “those prohibitions were limited,” the complaint notes.

The connection between Avast and Jumpshot became publicly known in January 2020 after reporting by Vice and PC Magazine revealed that clients, including Home Depot, , , Pepsi, and McKinsey, were buying data from Jumpshot, as seen in confidential contracts.

Data obtained by the publications showed that buyers could purchase data including Maps look-ups, individual LinkedIn and YouTube pages, porn sites, and more. “It's very granular, and it's great data for these companies, because it's down to the device level with a timestamp for every click you make,” said an analyst.

Leave a comment

Newsletter Signup
Address

The Grid —
The Matrix Has Me
Big Bear Lake, CA 92315

01010011 01111001 01110011 01110100 01100101 01101101 00100000
01000110 01100001 01101001 01101100 01110101 01110010 01100101

Look, you wanna be elite? You have to do a righteous hack.Phreak

Deitasoft © 2024. All Rights Reserved.