Motherboard and PCMag found that Avast had been selling a whole host of sensitive user information, including Google searches, Google Maps queries and even LinkedIn and YouTube activity data to some of the world’s largest companies. The company obtained this data through its anti-virus software, which it then packaged and sold through Jumpshot. And while Avast required individuals to opt into its data sharing, the majority of its users were not aware the company was selling their data, nor the scope and scale of the operation. Jumpshot told customers one of its products, “All Clicks Feed,” could track every click users made across a variety of websites in “precise detail.”
“Avast’s core mission is to keep its users safe online and to give users control over their privacy,” said Ondrej Vlcek, CEO of Avast. “The bottom line is that any practices that jeopardize user trust are unacceptable to Avast. We are vigilant about our users’ privacy, and we took quick action to begin winding down Jumpshot’s operations after it became evident that some users questioned the alignment of data provision to Jumpshot with our mission and principles that define us as a company.”
The company added that the core functionality of its other products will continue to “perform as usual,” and that users “will see no change.” Despite positioning the move as part of its “commitment to user safety and privacy protection,” it’s unlikely Avast will be able to regain user trust so easily. The Jumpshot situation is just the latest example of the company’s data collection troubles. In December, Firefox pulled two of the company’s extensions for collecting more user data than was necessary.