Avast faces $16.5m FTC fine for selling user browsing data


Avast, a software provider, has been ordered to pay $16.5m and cease the sale or licensing of web browsing data for advertising purposes.

This decision comes after the Federal Trade Commission (FTC) charged the company with deceiving consumers about the privacy of their browsing data, despite promises of protection from online tracking.

The FTC’s complaint highlighted that Avast, through its Czech subsidiary, unjustly harvested users’ browsing information via browser extensions and antivirus software, retaining it indefinitely, and selling it without proper notification or consent. This action directly contradicts Avast’s claims that its products would safeguard users’ privacy by blocking third-party tracking. The agency accused Avast of selling this sensitive data to over 100 third parties through Jumpshot, a subsidiary rebranded as an analytics company after its acquisition by Avast.

“Avast promised users that its products would protect the privacy of their browsing data but delivered the opposite,” Samuel Levine, Director of the FTC’s Bureau of Consumer Protection, expressed. He condemned Avast’s “bait-and-switch surveillance tactics” for compromising consumer privacy and violating the law.

From at least 2014, Avast collected detailed browsing data, including information about web searches, visited webpages, and sensitive personal details, through various means. This data, revealing intimate aspects of consumers’ lives, was sold to advertising, marketing, data analytics companies, and data brokers. Despite employing an algorithm purportedly designed to anonymize this information, the FTC found that Avast’s methods were insufficient, allowing for the potential re-identification of users.

The settlement not only imposes a financial penalty on Avast but also sets a precedent in the enforcement of consumer privacy rights. It underscores the importance of transparency and consent in the collection and sale of personal data. This case signals a warning to other companies in the FinTech and broader technology sectors about the serious legal repercussions of misleading consumers regarding data privacy and security.

The Avast settlement with the FTC marks a critical step towards holding technology companies accountable for their data practices. It serves as a reminder of the necessity for rigorous standards and practices to protect consumer privacy in the rapidly evolving digital landscape.

Copyright © 2024 RegTech Analyst

Enjoyed the story? 

Subscribe to our weekly RegTech newsletter and get the latest industry news & research

Copyright © 2018 RegTech Analyst


The following investor(s) were tagged in this article.