Google, Microsoft Buying Your Sensitive Personal Data From Avast Antivirus!

Must Read

LinkedIn Finally Rolls Out The Most Requested Feature By Users

Microsoft owned LinkedIn has recently been reported to have revamped its profile section with an amazing feature...

Google Warns Users To Update Their Chrome Browser Right Away!

If you are an active user of the Chrome browser, Google wants you to stop all the...

Indian-Origin IT Firms Woo Donald Trump Amid Re-elections And India Visit!

Amid the United States going through the presidential election, major Indian-origin biggies such as TCS, Infosys and...

Your antivirus software may or may not protect you as much as you’d expect, but they are slowly becoming a threat to your privacy for sure. A recent investigative report by Motherboard and PCMag has blown the cover on Avast’s unethical data harvesting practices.

The report reveals that a subsidiary of the company, Jumpshot, sells extensive data packages to various clients including Google, Microsoft, IBM, Pepsi, Home Depot, and more.

The data is collected from devices that have the Avast Antivirus program and related services installed in them, including the Avast Secure Browser. This data is highly specific, including one’s browser searches, website visits, map locations, the specific time stamp of visit, and even one’s activities on adult websites, sometimes including the specific keywords they searched for and the videos they watched.

Advertisements

The raw data is then sold to companies for high prices on contract basis in “packages”. Jumpshot seems to provide several packages consisting of different kinds and combinations of data to suit their client’s needs. One such package that caught the attention of the investigators is the All Clicks Feed.

The All Clicks Feed is a package that gives the client a list of all the clicks made by users on a given domain, e.g., Amazon.com. Along with a list of clicks on a website, the inferred age and gender of each individual are provided, along with all the URLs they visited on said domain.

Opting into the Jumpshot Panel

While the collection of such vast user data is a cause for concern in and of itself, Avast claims to have done things according to protocol. And on the surface, it might even seem true.

Avast claims that users have always been free to disable data sharing, or “opt-out” of it, so to speak. However, this claim must be taken with a grain of salt as it seems many users weren’t aware of their data being collected to such a degree in the first place.

When questioned, Avast also added that the permission to collect data has explicitly been obtained from all new users as of July 2019, where they are given a slightly more transparent picture of the matter, based on which they can then revoke or grant permission for their data to be collected. Avast also claims that all older users are also being notified about the permissions and has quoted February 2020 as the deadline for the completion of this process.

Advertisements

Despite these claims, when users of the antivirus were approached by PCMag regarding the same, many were unaware of such a thing happening and couldn’t recall being asked for permission for any sort of data collection.

The investigators, however, did get asked for permission for their data’s collection. However, on reading the privacy policy, it was found that the information regarding this particular permission was vague and lacked details about the duration of data storage and failed to outline a clear purpose.

De-identified data: a hoax?

When one grants Avast permission to track their activity, a unique device id is generated for that particular device. All data collected from that device is then stored under that device’s id in the database and Avast provides the data to Jumpshot after redacting Personal Identification Data (PII).

Here is another loophole in Avast’s adherence to protocol. While the data provided from Avast’s end is anonymous, this anonymity is only superficial, as the identity of the user can be found out through cross-referencing other databases. This is possible due to the high specificity of the data, as mentioned above.

Thus, de-identified data, in the end, doesn’t do much to protect the user’s privacy.

Avast was caught in a similar scandal not too long ago, due to its browser extension. A report in December 2019 criticized it for collecting more data than necessary from a user’s online activities. Many browsers took down the extension from their stores soon after the incident, including Chrome Web Browser.

Avast is a Czech cybersecurity firm with an estimated 435 million users worldwide. Out of these, it is believed that around 100 million were affected by Avast’s data harvesting scheme. To make matters worse, Avast seems to maintain a lukewarm stance on the issue, despite the large-scale breach of user trust.

Incidents of collecting and selling data by large cybersecurity and tech firms have become a burning issue in recent times and have come to be criticized by politicians, advocates for human rights, and citizens alike. Data privacy is considered to be a fundamental right by many jurisdictions, including the EU.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest News

Facebook Finally Admits They Are Concerned About TikTok’s Rapid Growth

Facebook is facing the biggest threat since its existence. The social media app...

Digital Payments in India: UPI Stands Triumphant Over Debit and Credit Cards

UPI or the Unified Payments Interface has become one of the fastest-growing payment platforms in India and has draw attention of global...

Backed By Narayan Murthy, Jeff Bezos To Go After Zomato And Swiggy!

Just when Zomato and Swiggy thought that after the acquisition of UberEats by Zomato, the food delivery market in India is going...

India Wants A Bigger Chunk of $100 Billion In Global Taxes Levied On Google, Facebook and Amazon

It has been reportedly found out that India is adamantly pushing for a huge change at Organisation for Economic Cooperation and Development...

Facebook May Have To Pay $3.50 Per Month To Millions of Users?

Almost every internet tech giant, be it Facebook, Google or Twitter, has flourished by optimising and channelising their strategies that are largely...

Google Warns Users To Update Their Chrome Browser Right Away!

If you are an active user of the Chrome browser, Google wants you to stop all the work and update Chrome browser,...

In-Depth: Dprime

YouTube Should Have Bid Adieu To Dislike Button Much Earlier?

Online video sharing platform YouTube can be a ruthless place for content creators targeted by 'dislike mobs'. And the site owners totally understand that...

Facebook Has Pulled Off A Masterstroke By Integrating Its ‘Family Of Apps’?

It’s indeed hard to believe that ONE man sitting at Menlo Park, oversees how nearly a third of the world’s population interacts with each...

Facebook’s Crunch Conquest: By Relying Largely On The US Market, Is Facebook Running a Risk?

Two billion! That's Facebook, Inc. (NASDAQ: FB) for you - Right when you thought that this social-media giant has already connected the entire world, it's...

More Articles Like This