Avast CEO Downplays Collection Of 400 Million Users' Browsing Data
from the you're-not-helping dept
In an ideal world, companies that profess to be dedicated to protecting users from malware and privacy threats probably shouldn’t contribute to the problem. In the world we live in however, that’s often not the case–as everybody saw when Facebook tried to sell its users on a “privacy protecting VPN” that actually hoovered up their browsing data, providing insight into user behavior when they aren’t using Facebook. Facebook did ultimately shut the project down, but it took a year before they were willing to do so.
Enter antivirus and security firm Avast, which has been taking heat after it was discovered that the company’s services are collecting user browsing data. Back in August, Wladimir Palant, the creator behind Adblock Plus, wrote a blog post detailing how Avast Online Security and Avast Secure Browser were covertly collecting the browsing data of the Czech company’s 400 million users. In response earlier this month, both Opera and Mozilla pulled Avast extensions from their respective add on markets, though Google has lagged in any comparable response.
Hoping to calm the waters a bit, Avast CEO Ondrej Vlcek talked with Forbes, who informs its readers there’s “no privacy scandal here”:
“Recently-appointed chief executive Ondrej Vlcek tells Forbes there’s no privacy scandal here. All that user information that it sells cannot be traced back to individual users, he asserts. Here’s how it works, according to Vlcek: Avast users have their web activity harvested by the company’s browser extensions. But before it lands on Avast servers, the data is stripped of anything that might expose an individual’s identity, such as a name in the URL as when a Facebook user is logged in. All that data is analysed by Jumpshot, a company that’s 65%-owned by Avast, before being sold on as “insights” to customers. Those customers might be investors or brand managers.”
There’s several problems here. One, it’s not up to the CEO of a company collecting user data or Forbes to dictate what is or isn’t a “privacy scandal.” I mean sure, executives in the middle of the scandal would like to proclaim there is no scandal, but reality doesn’t work that way. The people who determine what’s a privacy scandal are the consumers who feel their private data has been abused without consent or transparency.
Two, study after study after study have showcased how anonymized data isn’t actually anonymous.
Should that data get into the wild (pretty easy to do when it’s being shared with an ocean of companies), it’s fairly easy to compare it with existing data sets and obtain a real world identity with relatively little work. One study built a machine learning model that was able to correctly re-identify 99.98% of Americans in any anonymised dataset using just 15 characteristics including age, gender and marital status. Another study looking at vehicle data found that 15 minutes? worth of data from just brake pedal use could lead them to choose the right driver, out of 15 options, 90% of the time.
In Avast’s case, researchers found their apps collected way more data than was reasonably needed, including whether you’d visited a page in the past, your browser version, your country code, your browsing URLs, the websites you navigated from, etc. If Avast Antivirus was installed even more data was collected and shared, including the OS version of your devices.
No, collecting “clickstream” data isn’t the end of the world. Nor is it new. After all, nearly every ISP has been doing something similar for the last twenty years (and routinely lying about it). Still, companies that profess to be protectors of your private data should be held to a slightly higher standard than telecom, which shouldn’t be too hard since telecom isn’t held to any real standard whatsoever.
Filed Under: data, data collection, free software, malware, ondrej vicek, online security, privacy, secure browser
Companies: avast
Comments on “Avast CEO Downplays Collection Of 400 Million Users' Browsing Data”
Couldn’t help but reading CEO Ondrej Vlcek’s comments in the voice of Captain Barbosa. " Avast ye mateys…all your data is our plunder, and we be aiming to sell it."
Just like software can analyze language patterns and unmask "anonymous" posters.
I remember using Avast for a while… then it started asking me who I would win a presidential election. Felt like that was a good indicator that perhaps this isn’t a good anti virus software to trust.
Wasn’t Avast the one that gave everyone the surprise upgrade that silently installed the secure browser (bogging everyone’s machine way down in the process) and then acted shocked, SHOCKED, that people were complaining about it instead of grovelling before their wisdom and customer focused goodwill?
It seems like that’s more or less the time I pulled Avast from my system(s) and went with another solution.
Re: Re:
It’s certainly not the only one that did that. About 12 years ago we had a customer running Norton/Symantec and we found it was caching entire HTTP streams in memory, which is… not good, when you’ve got a custom HTTP-based protocol that streams gigabytes per hour without ever closing the request.
Of course, outside the web context, it was around 1990 that antivirus software earned the reputation of bogging machines down. Standard advice for any PC gamer was to turn it off while playing.
Avast is a pain in the ass in general. Even if you only want the anti-virus portion, it comes as a whole slew of programs, all of which want internet access. It comes with an "emergency updater", which the name would suggest is only for emergencies, but it will run daily. The free version makes you register once a year and occasionally pops up ads trying to sell you other stuff. When you scan files, it used to show a progress window, now that’s apparently conditional on how long the process takes and if there’s no problem found, it often doesn’t show you anything.
Plus, my copy may have something wrong with it, as it thrashes my C drive about once every couple of hours. If there’s a sudden burst of drive activity, 90% of the time, it’s Avast (verified with Process Monitor).
Don’t forget the company is also responsible for CCleaner loaded with melware that got suspiciously inserted into the binary from inside the company, the also force install updated versions of it even if tell it no via their melware-like emergency update.
"Avast users have their web activity harvested by the company’s browser extensions"
"no privacy scandal here."
Actions speak louder than words.
And with the prevalence of HTTPS these days, this goes far beyond what ISPs could spy on.
Re: Re:
It sure exposes the real reason corporations were so eager to shitcan the public’s privacy under the guise, "if you don’t have anything to hide, you don’t need privacy!"
Being a scumbag greedy dickhead hellbent on bringing in the most bang for investors who have been promised the moons and stars is news?
There once was an outfit, Avast
in possession of data so vast.
the CEO gave in to greed
private data to read,
it left millions of users aghast!
The NSA got it too.
Re: Re:
Where do you think Avast got the idea from?
Re: Re: Re:"Where do you think Avast got the idea from?"
That would be the French https://youtu.be/SdXjip-r7x0?t=38
Avast is a shady AF long-dead now-malware company.
Even installs DIRECT from their website try to install all manner of backdoor spyware. The website itself tries to add cookies and monitoring code and a bunch of other suspicious crap.
what to expect when marrying a filipina
Heidi Klum Stood Up At Karaoke gain anything Event
UNICEF, A global charity service provider, Held a karaoke event with superstars to raise money for a school in Africa. At the expensive vacation event, Heidi Klum, Model and TV disposition, Was set to sing Girl with Smokey velupe. He never showed up and case took a turn for the awesome.
The New York Post is reporting that Klum came out and told the viewers the news: was standing me up. He was designed to sing ‘My Girl’ with me. Will anybody else sing with me, While I sure many people would love the opportunity to sing a duet with Klum, there have been other plans in motion. <a href=https://www.bestbrides.net/key-factors-for-a-happy-relationship-with-a-hot-russian-mom/>hot russian mom</a> The host of case suggested everybody join together in a rendition of the Village People YMCA.
The girls joining Klum included Tom Hanks, wayne Brady, Rita Wilson, Jon Huertas since Seamus Dever. Klum tweeted pictures of the event showing herself and other super stars in Village People attire. I especially like the image with Officer Wayne Brady. Maybe part of the curriculum can be learning how to do the YMCA since the picture Klum posted of her and others doing the dance is way off. We can have children being raised not being aware of how to do the YMCA. the fact is, The Village People YouTube account has disabled embedding of their videos so go give it a try if you need a refresher. It a super way to waste a few minutes.
<Lead>image: Heidi Klum Twitpic]
Click to share with you on Facebook (Opens in new wind shield)Click to share on LinkedIn (Opens in new wind shield)Click to talk about on Reddit (Opens in new eye-port)Click to talk about on Twitter (Opens in new eyeport)Click to share with you on Tumblr (Opens in new window)Click to share with you on Pinterest (Opens in new windshield)Click to share on Pocket (Opens in new windowpane)Click to share with you on Telegram (Opens in new window case)Click to talk about on WhatsApp (Opens in new eye-port)Click to share on Skype (Opens in new truck’s window).
[—-]