Avast to Pay $16.5 Million Fine for Selling Users’ Data

Avast Fined $16.5m for Selling Users’ Browsing Data

US regulators have fined Avast $16.5 million for selling data that revealed users’ browsing history, despite claiming to block the cookies that enabled this data collection.

The US Federal Trade Commission (FTC) alleges that Avast, based in the Czech Republic, collected information through its browser extensions and antivirus software, accumulating eight petabytes of data between 2014 and 2020.

Avast’s subsidiary, Jumpshot, sold this data to over 100 advertising and marketing companies, including detailed information about users’ activities on sites like Amazon, Google, and Netflix.

Jumpshot was shut down in 2020 after leaked documents revealed extensive tracking of users across various websites, prompting Mozilla to remove several of Avast’s browser extensions from its Firefox add-ons page.

FTC chair Lina Khan emphasized the sensitivity of browsing history, stating that it can reveal personal details ranging from romantic interests to financial struggles and political views. The FTC charged Avast with deceptive and unfair practices, advocating for heightened protection of browsing data.

In addition to the fine, Avast will be prohibited from selling any browsing data collected using its products for advertising purposes.

Avast stated that it disagreed with the FTC’s allegations and had already reached a settlement with the FTC to address the investigation into Jumpshot’s activities.