Google, Microsoft Buying Your Sensitive Personal Data From Avast Antivirus!

Must Read

Net Worth Of Jeff Bezos Is More Than Combined Net Worth of India’s Top 10 Richest People!

Jeff Bezos and the phrase 'World's Richest Person' has become synonym to each other. But after the...

Search Engine Optimization In Digital Era: Look Beyond Traffic

Search engine optimization, aka SEO, plays a vital role in today's online world, especially if it's about...

After Banning Apps, India To Clamp Down On Startup Investments From China

The recent border conflict between India and China has led to the Indian Government to actively take...

Your antivirus software may or may not protect you as much as you’d expect, but they are slowly becoming a threat to your privacy for sure. A recent investigative report by Motherboard and PCMag has blown the cover on Avast’s unethical data harvesting practices.

The report reveals that a subsidiary of the company, Jumpshot, sells extensive data packages to various clients including Google, Microsoft, IBM, Pepsi, Home Depot, and more.

The data is collected from devices that have the Avast Antivirus program and related services installed in them, including the Avast Secure Browser. This data is highly specific, including one’s browser searches, website visits, map locations, the specific time stamp of visit, and even one’s activities on adult websites, sometimes including the specific keywords they searched for and the videos they watched.

Advertisements

The raw data is then sold to companies for high prices on contract basis in “packages”. Jumpshot seems to provide several packages consisting of different kinds and combinations of data to suit their client’s needs. One such package that caught the attention of the investigators is the All Clicks Feed.

The All Clicks Feed is a package that gives the client a list of all the clicks made by users on a given domain, e.g., Amazon.com. Along with a list of clicks on a website, the inferred age and gender of each individual are provided, along with all the URLs they visited on said domain.

Opting into the Jumpshot Panel

While the collection of such vast user data is a cause for concern in and of itself, Avast claims to have done things according to protocol. And on the surface, it might even seem true.

Avast claims that users have always been free to disable data sharing, or “opt-out” of it, so to speak. However, this claim must be taken with a grain of salt as it seems many users weren’t aware of their data being collected to such a degree in the first place.

When questioned, Avast also added that the permission to collect data has explicitly been obtained from all new users as of July 2019, where they are given a slightly more transparent picture of the matter, based on which they can then revoke or grant permission for their data to be collected. Avast also claims that all older users are also being notified about the permissions and has quoted February 2020 as the deadline for the completion of this process.

Advertisements

Despite these claims, when users of the antivirus were approached by PCMag regarding the same, many were unaware of such a thing happening and couldn’t recall being asked for permission for any sort of data collection.

The investigators, however, did get asked for permission for their data’s collection. However, on reading the privacy policy, it was found that the information regarding this particular permission was vague and lacked details about the duration of data storage and failed to outline a clear purpose.

De-identified data: a hoax?

When one grants Avast permission to track their activity, a unique device id is generated for that particular device. All data collected from that device is then stored under that device’s id in the database and Avast provides the data to Jumpshot after redacting Personal Identification Data (PII).

Here is another loophole in Avast’s adherence to protocol. While the data provided from Avast’s end is anonymous, this anonymity is only superficial, as the identity of the user can be found out through cross-referencing other databases. This is possible due to the high specificity of the data, as mentioned above.

Thus, de-identified data, in the end, doesn’t do much to protect the user’s privacy.

Avast was caught in a similar scandal not too long ago, due to its browser extension. A report in December 2019 criticized it for collecting more data than necessary from a user’s online activities. Many browsers took down the extension from their stores soon after the incident, including Chrome Web Browser.

Avast is a Czech cybersecurity firm with an estimated 435 million users worldwide. Out of these, it is believed that around 100 million were affected by Avast’s data harvesting scheme. To make matters worse, Avast seems to maintain a lukewarm stance on the issue, despite the large-scale breach of user trust.

Incidents of collecting and selling data by large cybersecurity and tech firms have become a burning issue in recent times and have come to be criticized by politicians, advocates for human rights, and citizens alike. Data privacy is considered to be a fundamental right by many jurisdictions, including the EU.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest News

How People Set Their Passwords: 123456 Is The Most Common One [STUDY]

Do you know why hackers quickly gain access to your system or online accounts? 

Will The Ban On TikTok Be Revoked?

The ban on TikTok is the talk of the town. All hell broke loose for Tiktok when the popular short-form video platform...

Global 5G Chipset Market: $22.41 Billion By 2026, Driven by 5G Smartphones

As the world has started shifting from 4G to 5G era, the global 5G chipset market has started attracting the eyeballs of...

Launch Of JioMeet Will Make Zoom To Be The 60th Chinese App To Get Banned In India?

Today as soon as the launch of JioMeet was formally announced by Mukesh Ambani, the frontman of Reliance Industries, people quickly found...

Intel Invest in Jio Platforms: A Chance For Redemption In The Smartphone Market?

If you thought Mukesh Ambani was finally going to stop the stake selling spree in Jio Platforms after RIL was recently announced...

With The Launch of JioMeet Reliance Sets Its Eyes On Video Conferencing Market!

The race to dominate the video conferencing market has just become more interesting. As we are going through the...

In-Depth: Dprime

Will The Online Food Delivery Market in India End Up Becoming A Two-Horse Race?

It's pretty much evident that the food delivery space in India is all set to get riled up soon enough as one...

Fantastic 4: Four Day Work Week A Flashpoint Of Innovation?

It has been an idea that has been mooted by many, perhaps also somewhat sceptically. From being a dark horse to becoming...

TikTok Is Facing The Wrath Of People Who Love It The Most

Ever since the popular social media app TikTok entered India, it has been growing very aggressively in terms of users. Within a...

More Articles Like This