Cybersecurity firm Avast has been caught selling personal data to third parties. The company seems to have been gathering information about its users, including Google searches, Google Maps location searches, LinkedIn activity, YouTube activity and even porn sites activity.
The data was allegedly given with consent, given that users needed to opt-in for it to happen, but still, the Motherboard / PCMag investigation suggests that many users were unaware the data was being sold off.
Avast was allegedly sending it over to its subsidiary Jumpshot, which repackaged it and sold it to some hotshot clients. A few names being thrown around by the media include Google, Home Depot, Microsoft and Pepsi, as well as Expedia, Intuit, Keurig, Condé Nast, Sephora, Loreal.
Jumpshot has been advertising a product called “All Clicks Feed”, which tracks highly detailed user activity across the internet. According to the investigation, it sold the service to at least one client last year – a New York-based marketing company called Omnicom Media Group.
Omnicom shelled out more than $2 million to access the data.
Avast has been caught on the wrong side of data protection stories before. A few months ago, its Online Security and SafePrice extensions for Mozilla’s Firefox have been pulled for harvesting too much data.
- Here's our list of the best antivirus services on the market