After initially defending a practice to gather user data from its popular Antivirus app, the team at Avast is announcing that it is eliminating its Jumpshot division. This side of the company dealt with the sale of aggregated private info. The company’s Chief Executive Officer is apologizing for the breach of trust and promises that he will do better in the future.
The apology and admission of guilt are offered a short while after another blog post in which it defended its conduct. The developers used it to explain that the data selling was not a problem and pledged to introduce a new pop-up that will offer users more privacy options to Avast Antivirus.
Ondrej Vlcek, CEO of Avast, acknowledges that joint reporting coming from PC Mag and Motherboard has raised many issues.
He also admits his company has not responded to them as it should have, hurting the feelings of its customers and making them lose trust.
The key paragraph in the new blog post states:
For these reasons, I – together with our board of directors – have decided to terminate the Jumpshot data collection and wind down Jumpshot’s operations, with immediate effect.
Vlcek also claims that Jumpshot, the division of Avast focused on selling data to third parties, has always acted within legal bounds. A separate management team and board of directors made all the decisions, including the ones that have recently drawn criticism for their impact on user privacy.
The problem with the Antivirus was that it used a web extension to gather a wide range of data that was then sold to other companies, like Microsoft, Google, and IBM. They were then able to aggregate them with their tracking to potentially get a clear picture of what a particular user was doing while using Avast products, including their Secure Line VPN solution. We have more details in our previous article about the Avast Antivirus data gathering.
The company defended its practice by claiming that it de-identified everything it gathered, but experts say that its measures were limited in scope and left a lot of sensitive details exposed.
Trust is crucial for products like Avast Antivirus
It is interesting to note that Vlcek also claims that he has concluded that the data collection business at Jumpshot was not in line with Avast’s privacy priorities as early as the autumn of 2019.
The CEO should also tell users why he has not acted sooner to limit the impact of the data collection in Avast Antivirus and why he waited for journalists to start asking questions about the practice before he decided to do the right thing.
Given the breach of trust, Avast should also offer a form of compensation for those who have used its Antivirus and had their data gathered and sold. They should also provide reassurance to those who use its other services, like the Secure Line VPN.
The apology from the CEO is welcomed, but going forward the company needs to re-enter the good graces of its users. The swift backlash, accompanied by a significant drop in the company’s share value, should also serve as a cautionary tale for other companies that offer solutions like antivirus and VPN programs, especially given the growing concerns about censorship and privacy.