Avast to Pay $16.5M Fine for Selling Consumer Browsing Data
The FTC found that Avast collected reams of personal data through its antivirus product, then sold it to more than 100 third parties without disclosing its practices.
The Federal Trade Commission (FTC) is requiring Avast, a antivirus security provider, to pay a $16.5 million fine to settle charges that the company and its subsidiaries have been selling and licensing Web browsing data to third parties, after claiming that its products protect consumers from such online tracking.
The FTC said that Avast collected consumer browsing data and stored it indefinitely without notice or consent, as noted in the complaint. In addition, the FTC claimed that Avast deceived its users when it said that it would protect their privacy by preventing third-party tracking, only to sell identifiable browsing data to more than 100 third parties through Jumpshot, a subsidiary company.
The FTC claimed that Avast has been collecting consumer browsing data since 2014 using antivirus software installed on user devices. The browsing data reveals private information of the users such as religious beliefs, health concerns, financial status, political affiliations, and other sensitive information.
"Avast promised users that its products would protect the privacy of their browsing data but delivered the opposite," said Samuel Levine, director of the FTC's Bureau of Consumer Protection. "Avast's bait-and-switch surveillance tactics compromised consumers' privacy and broke the law."
The money Avast has been ordered to pay will go to the affected consumers. Furthermore, in a proposed order that was approved 3-0 by the commission, the company will be prohibited from "misrepresenting how it uses the data it collects."
In addition to this, Avast must obtain affirmative expressed consent from users before selling their data, delete Web browsing information transferred to Jumpshot, notify consumers of their sold browsing data, and implement a privacy program to address misconduct underscored by the FTC.
About the Author
You May Also Like
A Cyber Pros' Guide to Navigating Emerging Privacy Regulation
Dec 10, 2024Identifying the Cybersecurity Metrics that Actually Matter
Dec 11, 2024The Current State of AI Adoption in Cybersecurity, Including its Opportunities
Dec 12, 2024Cybersecurity Day: How to Automate Security Analytics with AI and ML
Dec 17, 2024The Dirt on ROT Data
Dec 18, 2024