We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

Avast Fined $16.5m for Selling User Data Without Consent

Avast Fined $16.5m for Selling User Data Without Consent
Author Image Keira Waddell
Keira Waddell Published on 27th February 2024 Senior Writer

The US Federal Trade Commission (FTC) has imposed a $16.5 million fine on Avast for its practices regarding the collection and selling of users’ browsing data. This ruling not only subjects Avast to a substantial financial penalty but also bans the company from selling or licensing web browsing data for advertising purposes.

The FTC’s investigation revealed that Avast, through its subsidiary Jumpshot, engaged in the collection, storage, and sale of vast amounts of consumer browsing data without obtaining proper consent. This data included sensitive information, such as users’ religious beliefs, health concerns, political leanings, and locations, harvested from browser extensions and antivirus software.

From at least 2014 through 2020, Avast amassed over 8 petabytes (around 8,200TB) of data involving detailed records of online activity. Despite assurances that its products would shield users from online tracking, Avast was found to be selling data that wasn’t sufficiently anonymized to over 100 third parties, misleading consumers and violating their privacy rights. For example, it allowed Omnicom access to 50% of Jumpshot’s consumer data.

The commission’s complaint pointedly criticized Avast for not only failing to safeguard user privacy, but for actively undermining it, by misrepresenting the true nature of its data handling practices.

It’s also been mandated that Avast cease all data-selling activities related to its browsing data and seek explicit permission from users before any future attempts to sell or license browsing data derived from non-Avast products. Furthermore, Avast must inform users whose data was sold without their consent, ensuring they are aware of the breach of trust.

Avast's response to the FTC’s ruling has been one of compliance, despite the company having issues with the ruling. An Avast spokesperson told BleepingComputer that: “While we disagree with the FTC’s allegation and characterization of the facts, we are pleased to resolve this matter and look forward to continuing to serve our millions of customers around the world.”

If you’re concerned about your online privacy, a trustworthy VPN service can help safeguard your data. A quality VPN can block trackers employed by apps — such as Avast’s antivirus products — from being able to harvest your personal information, ensuring that you remain in control of your data.

About the Author

Keira is an experienced cybersecurity and tech writer dedicated to providing comprehensive insights on VPNs, online privacy, and internet censorship.