The U.S. Federal Trade Commission (FTC) has fined Avast $16.5 million and imposed restrictions on the company’s data practices after alleging that it unlawfully collected and sold users’ web browsing data. Avast, a UK-based firm, reportedly harvested this information without users’ knowledge or consent through browser extensions and antivirus software since at least 2014. The FTC contends that Avast misled consumers by falsely promising to safeguard their browsing records while profiting from selling this data to over 100 third parties through its Jumpshot subsidiary.
Furthermore, the FTC discovered that Avast’s data-sharing practices included detailed browsing information such as unique identifiers, timestamps, device and browser types, and user locations. Despite claiming to transfer data in an aggregated and anonymous form, Avast allegedly sold identifiable browsing data to various advertisers and brokers. The company’s misleading statements about its privacy protection measures and failure to disclose the sale of detailed user data have led to regulatory action by the FTC.
As part of the settlement, Avast will be prohibited from licensing or selling any browsing data collected using its products for advertising purposes without obtaining explicit user consent. Additionally, the company must delete all browsing data shared with its Jumpshot subsidiary and inform affected users about the FTC’s enforcement actions. Avast has stated its commitment to resolving the matter and continuing to serve its global customer base, despite disagreeing with the FTC’s allegations.
