Avast WEBforum

Avast Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: MartinZ on January 28, 2020, 09:01:12 AM

Title: Official statement on the recent news about privacy
Post by: MartinZ on January 28, 2020, 09:01:12 AM
In December 2019, we acted quickly to meet browser store standards and are now compliant with browser extension requirements for our online security extensions. At the same time, we completely discontinued the practice of using any data from the browser extensions for any other purpose than the core security engine, including sharing with our subsidiary Jumpshot.
 
We ensure that Jumpshot does not acquire personal identification information, including name, email address or contact details. Users have always had the ability to opt-out of sharing data with Jumpshot. As of July 2019, we had already begun implementing an explicit opt-in choice for all new downloads of our AV, and we are now also prompting our existing free users to make an opt-in or opt-out choice, a process which will be completed in February 2020.
Our Privacy Policy details the protections we put in place for all our users. Users can also choose to adjust their privacy levels using the broad range of settings available in our products, including control over any data sharing at any time. We voluntarily comply with the GDPR and California Consumer Privacy Act (CCPA) privacy requirements across our entire global user base.
We have a long track record of protecting users’ devices and data against malware, and we understand and take seriously the responsibility to balance user privacy with the necessary use of data for our core security products.

UPDATE Jan 30: https://press.avast.com/avast-to-commence-wind-down-of-subsidiary-jumpshot
Title: Re: Official statement on the recent news about privacy
Post by: kralikx on January 28, 2020, 10:14:17 AM
Hi Avast guys,

as a long-term PAYING customer and in light of the recent news of what you do with our data I'd like to ask two questions:
Please give simple and honest answer, no references to EULA, etc. - we all know that nobody reads them, that's why we (used to) trust some of the sw vendors. I believe that is the only way how your company can get out of this loss of trust with relatively little harm.

Thank you.
Title: Re: Official statement on the recent news about privacy
Post by: Be Secure on January 28, 2020, 10:57:05 AM
It is not very clear answer regarding user privacy.
Title: Re: Official statement on the recent news about privacy
Post by: Milos on January 28, 2020, 11:26:43 AM
Hi Avast guys,

as a long-term PAYING customer and in light of the recent news of what you do with our data I'd like to ask two questions:
  • Is paid version of Avast Internet Security also sharing any of user's data (anonymized or not, aggregated, whatever) with any third party (most of the news mention only Free version)?
  • If so, is it possible to opt-out from any kind of such a sharing and what must you customers do to achieve that (suppose Avast IS is already installed as is the case of my PC)?
Please give simple and honest answer, no references to EULA, etc. - we all know that nobody reads them, that's why we (used to) trust some of the sw vendors. I believe that is the only way how your company can get out of this loss of trust with relatively little harm.

Thank you.
Hello,
ad 1. It depends on the settings.
ad 2. yes, see the settings (screenshot attached).

Milos
Title: Re: Official statement on the recent news about privacy
Post by: BenMS86 on January 28, 2020, 12:06:15 PM
In December 2019, we acted quickly to meet browser store standards and are now compliant with browser extension requirements for our online security extensions. At the same time, we completely discontinued the practice of using any data from the browser extensions for any other purpose than the core security engine, including sharing with our subsidiary Jumpshot.
 
We ensure that Jumpshot does not acquire personal identification information, including name, email address or contact details. Users have always had the ability to opt-out of sharing data with Jumpshot. As of July 2019, we had already begun implementing an explicit opt-in choice for all new downloads of our AV, and we are now also prompting our existing free users to make an opt-in or opt-out choice, a process which will be completed in February 2020.

Okay, gotta respond to this.

1) That 'ability to opt out' ever since the GDPR wasn't enough. It's 'consensual opt-in', not 'standard opt-in unless you change it'. You've been in breach of the GDPR for more then a YEAR.
2) That 'ability to opt out' was quite hidden and never well communicated
3) With the new engine update, you resetted it to standard opt-in for everyone, even if someone already had opted out. Plus, are you going to give the paying users the clear option too? Otherwise I see enough still unknowingly being opted-in to your data selling misuse.
4) I saw the examples of the data you sold. That's damnable identifiable.
5) Are you going to give people free GDPR-insight into the data you gathered with the plug-in as well as core protection service data gathering abusals?

Quote
Our Privacy Policy details the protections we put in place for all our users. Users can also choose to adjust their privacy levels using the broad range of settings available in our products, including control over any data sharing at any time. We voluntarily comply with the GDPR and California Consumer Privacy Act (CCPA) privacy requirements across our entire global user base.
We have a long track record of protecting users%u2019 devices and data against malware, and we understand and take seriously the responsibility to balance user privacy with the necessary use of data for our core security products.

'Voluntarily comply with GDPR'? Mister, you're based in the European Union, you also serve European users. GDPR compliancy is NOT voluntarily, it is MANDATORY. Yet you're in breach of the GDPR. Also, 'for your core security products'? What has selling data to Google etc to do with 'core security products'?

Edit: Also, I just took a look and your 'choice message' is possibly not even GDPR-compliant either because you're not really completely open about what you do with the gathered data. And your colouring of green for 'Yes' and red for 'No' possibly isn't allowed either.
Title: Re: Official statement on the recent news about privacy
Post by: bingvarstand on January 28, 2020, 02:10:29 PM
A somewhat vague statement. Are our data secure Avast? Our banking information and so on? What exactly are you collecting?
Title: This is very disappointing.
Post by: wadej on January 28, 2020, 02:11:34 PM
I've been a paying customer for several years.  I chose you because I believed you were an trustworthy company.  But you succumbed to the greed that seems to affect many companies that grow to be giants.

I went and opted out of data sharing but I'm going to have to rethink my renewal.  I WILL be looking at alternatives.

Title: Re: Official statement on the recent news about privacy
Post by: Frags on January 28, 2020, 02:36:32 PM
Poor response.

It is interesting that the statement starts with a rather convoluted admission you were already taking advantage of user data via the browser extension. You only "quickly acted to meet browser store standards" because you were removed from the stores after the Wladimir Palant blog.

BenMS86 makes several good points in his response above, too. As they rightly point out, GDPR requires an unambiguous and clear affirmative action to 'opt-in'. That should have been active from May 2018 and not only for new users. You don't 'voluntarily comply' with GDPR, it's the 'actual' law. Speak to your data protection officer.

The Information Commissioner's Office also says pre-ticked boxes should not be used as a method of 'default consent'. It seems this is exactly what you did with the new engine, again as BenMS86 points out. It seems the default was opt-in even if you had previously opted out. Unless you can confirm otherwise?

Your claim that the data shared with Jumpshot is "de-identified" has also been queried by several security experts. Wladimir Palant wrote about it yesterday, here (https://palant.de/2020/01/27/avasts-broken-data-anonymization-approach/).

Again, it is extraordinary that a company like Avast - which says it offers "powerful security for your digital life" - would sell user data via Jumpshot, an outfit that openly advertises it collects "Every search. Every click. Every buy. On every site". Regardless of the legal ramifications of your actions, ethically it is mad.

The only acceptable resolution to this was an admission that you dropped the ball, an apology, and then an announcement that Jumpshot would no longer be involved in Avast products. What you gave us was a meek reproduction of a vague privacy / consent policy.
Title: Re: Official statement on the recent news about privacy
Post by: Canard1066 on January 28, 2020, 02:52:51 PM
We voluntarily comply with the GDPR and California Consumer Privacy Act (CCPA) privacy requirements across our entire global user base.
We have a long track record of protecting users’ devices and data against malware, and we understand and take seriously the responsibility to balance user privacy with the necessary use of data for our core security products.

Avast is a company based in a EU country (the Czech Republic) and doing business in the EU as well as other countries. The GDPR is mandatory NOT voluntary. Failure to follow the GDPR leaves Avast open to larges fines.
Title: Re: Official statement on the recent news about privacy
Post by: XdxD on January 28, 2020, 05:35:18 PM
Do the 'check boxes' in Privacy even work (I have them unchecked since the beginning), or they are just for placebo effect?
Title: Re: Official statement on the recent news about privacy
Post by: andrejl2 on January 28, 2020, 06:16:31 PM
Do the 'check boxes' in Privacy even work (I have them unchecked since the beginning), or they are just for placebo effect?

+


i would like to hear the answer myself.
Title: Re: Official statement on the recent news about privacy
Post by: gvb73 on January 28, 2020, 06:20:12 PM
GDPR fines can go into thousands of euros. And this is per case.

If there will be a lot of cases opened by consumer protecting instances this could mean the end of avast
as fines will be for any individual in the specific case it will add up quickly.

The initial post suddenly comes after the net is full of articles about this.

If the article didn't appear they probably never posted about this either.

Too bad you bend over for ze money. Who knowes what else has been collected over the year.
The pop ups we get every day show that there is enough sniffing going on.
Title: Re: Official statement on the recent news about privacy
Post by: TheOwner on January 28, 2020, 06:30:12 PM
Does Avast read our HTTPS communication and send it somewhere? That is very important to know!
Title: Re: Official statement on the recent news about privacy
Post by: MartinZ on January 28, 2020, 08:27:15 PM
We voluntarily comply with the GDPR and California Consumer Privacy Act (CCPA) privacy requirements across our entire global user base.
We have a long track record of protecting users’ devices and data against malware, and we understand and take seriously the responsibility to balance user privacy with the necessary use of data for our core security products.

Avast is a company based in a EU country (the Czech Republic) and doing business in the EU as well as other countries. The GDPR is mandatory NOT voluntary. Failure to follow the GDPR leaves Avast open to larges fines.

We comply with the GDPR and California Consumer Privacy Act (CCPA) privacy requirements and apply them voluntarily across our entire global user base.
Title: Re: Official statement on the recent news about privacy
Post by: MartinZ on January 28, 2020, 08:29:38 PM
Do the 'check boxes' in Privacy even work (I have them unchecked since the beginning), or they are just for placebo effect?

Yes, they work.
Title: Re: Official statement on the recent news about privacy
Post by: VSVSVSVSVS on January 28, 2020, 08:30:59 PM
Does Avast read our HTTPS communication and send it somewhere? That is very important to know!

Avast Web Shield scans HTTPS so my guess is - probably yes.
Title: Re: Official statement on the recent news about privacy
Post by: MRVR on January 28, 2020, 09:54:29 PM
As a paying customer for several Avast Products, I suppose Avast must offer compensation to any paying user who got affected by this situation.

You made a fortune on selling our data and capitalized on our trust. Now it's time to give back. Otherwise, lawyers might be involved, and you might end up facing a collective lawsuit. I'm not sure how these things work in the EU, but here in the United States, you can really get your ass kicked.

So, while it's not too late, I seriously advise anyone from Avast who is reading this forum - show this message to your manager, and ask to show it to the next manager, etc, until it gets to the very top. But in any case - you have really dropped the ball, and I'll be quite interested to see how you will try to make it up to all of us (paying customers), I'm sure that there are millions of people around the world paying for Avast products.

Good luck.
Title: Re: Official statement on the recent news about privacy
Post by: scioppa on January 28, 2020, 10:20:22 PM
Wow.  I'm thoroughly disappointed in Avast.  I don't feel the "did you read the terms of service?" argument suffices.  I bought the product to protect me.  I counted on you to protect me privacy.  You sell anti-track products (which I've purchased).  Then I find out that the guys I bought it from duped me?  This sucks.  How can we trust Avast when this happens?
Title: Re: Official statement on the recent news about privacy
Post by: bob3160 on January 28, 2020, 11:14:56 PM
Hi Avast guys,

as a long-term PAYING customer and in light of the recent news of what you do with our data I'd like to ask two questions:
  • Is paid version of Avast Internet Security also sharing any of user's data (anonymized or not, aggregated, whatever) with any third party (most of the news mention only Free version)?
  • If so, is it possible to opt-out from any kind of such a sharing and what must you customers do to achieve that (suppose Avast IS is already installed as is the case of my PC)?
Please give simple and honest answer, no references to EULA, etc. - we all know that nobody reads them, that's why we (used to) trust some of the sw vendors. I believe that is the only way how your company can get out of this loss of trust with relatively little harm.

Thank you.
Hello,
ad 1. It depends on the settings.
ad 2. yes, see the settings (screenshot attached).

Milos
For the paid versions, the settings shown in the screenshot should be the default settings.

Title: Re: Official statement on the recent news about privacy
Post by: Frags on January 28, 2020, 11:42:30 PM
The sentence mean that we haven't applied GDPR rules only for EU citizens, but voluntarily for our all users around the world.

Except you've already been caught selling user data.

Even your new 'opt-in' pop up might not be valid under GDPR. You can't use language that nudges people toward consent. Nor is the language used transparent enough in explaining what Jumpshot does with the data given to them.

Have you deleted the browsing data you collected without consent yet?

I would advice those within the UK to make a complaint to the ICO - https://ico.org.uk/make-a-complaint/
Title: Re: Official statement on the recent news about privacy
Post by: BenMS86 on January 29, 2020, 12:18:57 AM
As a paying customer for several Avast Products, I suppose Avast must offer compensation to any paying user who got affected by this situation.

You made a fortune on selling our data and capitalized on our trust. Now it's time to give back. Otherwise, lawyers might be involved, and you might end up facing a collective lawsuit. I'm not sure how these things work in the EU, but here in the United States, you can really get your ass kicked.

So, while it's not too late, I seriously advise anyone from Avast who is reading this forum - show this message to your manager, and ask to show it to the next manager, etc, until it gets to the very top. But in any case - you have really dropped the ball, and I'll be quite interested to see how you will try to make it up to all of us (paying customers), I'm sure that there are millions of people around the world paying for Avast products.

Good luck.

In the EU they can receive an penalty of up to 4% of their yearly revenue or the highest fine possible, whichever is higher, by every data protection agency possibly.

Hi Avast guys,

as a long-term PAYING customer and in light of the recent news of what you do with our data I'd like to ask two questions:
  • Is paid version of Avast Internet Security also sharing any of user's data (anonymized or not, aggregated, whatever) with any third party (most of the news mention only Free version)?
  • If so, is it possible to opt-out from any kind of such a sharing and what must you customers do to achieve that (suppose Avast IS is already installed as is the case of my PC)?
Please give simple and honest answer, no references to EULA, etc. - we all know that nobody reads them, that's why we (used to) trust some of the sw vendors. I believe that is the only way how your company can get out of this loss of trust with relatively little harm.

Thank you.
Hello,
ad 1. It depends on the settings.
ad 2. yes, see the settings (screenshot attached).

Milos
For the paid versions, the settings shown in the screenshot should be the default settings.



Maybe it should be according what you're told, but I'm pretty sure I toggled off the 3rd party related stuff etc far before I did so (again) yesterday. Yet yesterday all of it was on.
Title: Re: Official statement on the recent news about privacy
Post by: bob3160 on January 29, 2020, 12:45:58 AM
@BenMS86
I made a statement of what I'd like to see happen. It wasn't posted for you to use in your attempt to spread
your agenda.

Title: Re: Official statement on the recent news about privacy
Post by: Robert_M on January 29, 2020, 01:56:53 AM
For the paid versions, the settings shown in the screenshot should be the default settings.

I think, this scenario will be better:
1. avast free (datashare options ON/OFF switch)
2. avast paid (datashare options removed "by design")
Title: Re: Official statement on the recent news about privacy
Post by: Asyn on January 29, 2020, 06:08:22 AM
Avast’s commitment to responsible data use
https://blog.avast.com/our-commitment-to-responsible-data-use
Title: Re: Official statement on the recent news about privacy
Post by: XdxD on January 29, 2020, 07:47:03 AM
Do the 'check boxes' in Privacy even work (I have them unchecked since the beginning), or they are just for placebo effect?

Yes, they work.
Good enough. Now, when will you delete the already collected data from everyone else and stop doing these shady stuffs? Avast's reputation is shattered right now. What are you planning to do now to fix it? Also, fix that annoying picture we have to verify in each comment.
Title: Re: Official statement on the recent news about privacy
Post by: Asyn on January 29, 2020, 08:02:24 AM
Also, fix that annoying picture we have to verify in each comment.
Captcha is only needed for your first 3 posts. (Spam protection)
Title: Re: Official statement on the recent news about privacy
Post by: XdxD on January 29, 2020, 08:10:01 AM
Thanks for the clarification.
Title: Re: Official statement on the recent news about privacy
Post by: Asyn on January 29, 2020, 08:11:31 AM
You're welcome.
Title: Re: Official statement on the recent news about privacy
Post by: XdxD on January 29, 2020, 09:37:01 AM
What do all of the Avast Überevangelists think about the issue?
Title: Re: Official statement on the recent news about privacy
Post by: Simon234 on January 29, 2020, 09:38:18 AM
Do the 'check boxes' in Privacy even work (I have them unchecked since the beginning), or they are just for placebo effect?

Yes, they work.

I am sceptical of this, for example as a paying customer of premium security i have the option 'show offers for our other products' unchecked yet i still get adds for your other products.

After this and the bugs that go months or years without being fixed i'll be considering elsewhere.

For example when my vpn connects it puts a pop up with unidentified network as public and i have to set it to private EVERY DAMN DAY. I used to use avast vpn but after 2 years of support not helping i concluded that my isp throttles your dns and i left.
Title: Re: This is very disappointing.
Post by: Snow6 on January 29, 2020, 12:03:14 PM
I've been a paying customer for several years.  I chose you because I believed you were an trustworthy company.  But you succumbed to the greed that seems to affect many companies that grow to be giants.

I went and opted out of data sharing but I'm going to have to rethink my renewal.  I WILL be looking at alternatives.

That's the point for me, too! I trusted the company for years now, a trust that was blown away in minutes. I introduced your product into my whole family and also to friends, because I was convinced about your company. These recommendations will stop now  :-X.


...
Maybe it should be according what you're told, but I'm pretty sure I toggled off the 3rd party related stuff etc far before I did so (again) yesterday. Yet yesterday all of it was on.


After I read the "reseting" of the Third-Party-Sharing Settings here in this thread, I checked my settings... and e Voila - everything was checked again, too. Great. I really feel fooled by that  >:( >:( >:(.
Title: Re: Official statement on the recent news about privacy
Post by: top_stuff on January 29, 2020, 12:58:57 PM
I did a test a little while ago with all the correct toggles off. Paid avast sends telemetry to endpoints the same as free. What might be a difference is how much. But it is there paid or free.
Title: Re: Official statement on the recent news about privacy
Post by: Bellzemos on January 29, 2020, 09:24:55 PM
Avast,

you are surely not the only corporation that sells user data this way, but you are an anti-virus company - and now you lost credibility and trust.

I've been using Avast since early 2000's and recommended it to everyone - now it's over. You had problems before (CCleaner hacking, late updates etc.) which made me question you, but this is the final blow. Avast was a great anti-virus once, thank you for the great protection over the years.

And this forum was/is a great community, I got great help from users here many many times throughout the years. Thank you!

I won't be using Avast products anymore.

Bye.
Title: Re: Official statement on the recent news about privacy
Post by: Milos on January 30, 2020, 08:36:01 AM
A message from Avast CEO Ondrej Vlcek
https://blog.avast.com/a-message-from-ceo-ondrej-vlcek
Title: Re: Official statement on the recent news about privacy
Post by: Lucifer66 on January 30, 2020, 12:04:57 PM
So is that why Avast told me my information was on the dark web because Avast got hacked? You guys didn't get hacked, you just sold everyone's info for some fast cash, is that it? What a bunch of thieves man. People use your program to be safe and you basically sold our information to hackers.

There shouldn't even be ANYTHING to opt in or out of. It's a massive no-brainer, DON'T SELL OR GIVE YOUR CUSTOMERS INFORMATION TO ANYONE EVER!
If you can't make enough money providing a decent anti-virus then pack it in. Who needs a house alarm company that not only does not work, but gives burglars the address and keys to your house?
Title: Re: Official statement on the recent news about privacy
Post by: XdxD on January 30, 2020, 12:11:42 PM
So is that why Avast told me my information was on the dark web because Avast got hacked? You guys didn't get hacked, you just sold everyone's info for some fast cash, is that it? What a bunch of thieves man. People use your program to be safe and you basically sold our information to hackers.

There shouldn't even be ANYTHING to opt in or out of. It's a massive no-brainer, DON'T SELL OR GIVE YOUR CUSTOMERS INFORMATION TO ANYONE EVER!
If you can't make enough money providing a decent anti-virus then pack it in. Who needs a house alarm company that not only does not work, but gives burglars the address and keys to your house?
Best thing ever said by someone in this forum.
Avast, at present, if you can't maintain a free solution, better don't provide it and harvest user data. Make all of the software you provide as paid and don't even think of doing such opt-ins. Doing this won't replenish your tarnished reputation, but it will help people to get some sort of privacy feeling while using a paid product. People needing free should use Windows Defender on their Windows 10 PCs as it is free and it performs similar to Avast Free in latest AV-Test results.
Title: Re: Official statement on the recent news about privacy
Post by: heikwith on January 30, 2020, 01:56:35 PM
https://press.avast.com/avast-to-commence-wind-down-of-subsidiary-jumpshot
Title: Re: Official statement on the recent news about privacy
Post by: bob3160 on January 30, 2020, 02:23:41 PM
So is that why Avast told me my information was on the dark web because Avast got hacked? You guys didn't get hacked, you just sold everyone's info for some fast cash, is that it? What a bunch of thieves man. People use your program to be safe and you basically sold our information to hackers.

There shouldn't even be ANYTHING to opt in or out of. It's a massive no-brainer, DON'T SELL OR GIVE YOUR CUSTOMERS INFORMATION TO ANYONE EVER!
If you can't make enough money providing a decent anti-virus then pack it in. Who needs a house alarm company that not only does not work, but gives burglars the address and keys to your house?
Best thing ever said by someone in this forum.
Avast, at present, if you can't maintain a free solution, better don't provide it and harvest user data. Make all of the software you provide as paid and don't even think of doing such opt-ins. Doing this won't replenish your tarnished reputation, but it will help people to get some sort of privacy feeling while using a paid product. People needing free should use Windows Defender on their Windows 10 PCs as it is free and it performs similar to Avast Free in latest AV-Test results.
And if you truly believe that Microsoft isn't harvesting any information from it's users, you aren't quite as smart as I thought you were.
Thanks Ondrej for your statement and commitment.
Title: Re: Official statement on the recent news about privacy
Post by: schmidthouse on January 30, 2020, 05:36:23 PM
Yes Thank you Ondrej for you commitment and openly honest statement. Hopefully this will address users legitimate concerns.
Title: Re: Official statement on the recent news about privacy
Post by: XdxD on January 30, 2020, 06:10:30 PM
And if you truly believe that Microsoft isn't harvesting any information from it's users, you aren't quite as smart as I thought you were.
Thanks Ondrej for your statement and commitment.
If you'd care to open Diagnostic Data Viewer and find any privacy infringing stuff, do please inform me here. If you care to visit Tenforums/MalwareTips.com, they'd tell you straightaway that the data Microsoft collects isn't what Avast collected and sold, "click to click". Also, if Microsoft did such stuff, don't you think the whole World would have already known by now, like is the case of Avast? Shouldn't all the security researchers be posting that stuff about Microsoft like they did for Avast? Do you 100% know what gets collected by Microsoft?
Title: Re: Official statement on the recent news about privacy
Post by: bob3160 on January 30, 2020, 09:24:42 PM
And if you truly believe that Microsoft isn't harvesting any information from it's users, you aren't quite as smart as I thought you were.
Thanks Ondrej for your statement and commitment.
If you'd care to open Diagnostic Data Viewer and find any privacy infringing stuff, do please inform me here. If you care to visit Tenforums/MalwareTips.com, they'd tell you straightaway that the data Microsoft collects isn't what Avast collected and sold, "click to click". Also, if Microsoft did such stuff, don't you think the whole World would have already known by now, like is the case of Avast? Shouldn't all the security researchers be posting that stuff about Microsoft like they did for Avast? Do you 100% know what gets collected by Microsoft?
Microsoft, Google your ISP, etc, etc. All collect data and use it in many different ways. Making money is one of the ways your data is used.
There may not be any gathering of information via Defender but, it's collected in other places. By default, the OS is set to share as much of your info as possible.


The average user doesn't go into those settings to make changes which is what all large and small companies depend on.
Here in the US, if you've ever been on the internet for any amount of time, you no longer have any privacy.
If you delete your information from one source, you can be assured that this information has already been gathered in many other places.
Security is alive and well. Privacy is a totally different subject matter.
We now at least have the assurance from Ondrej that collection of information from it's product from now on, will only happen if you agree to that collection.

A message from Avast CEO Ondrej Vlcek
https://blog.avast.com/a-message-from-ceo-ondrej-vlcek

Avast will no longer provide data to Jumpshot
https://press.avast.com/avast-to-commence-wind-down-of-subsidiary-jumpshot
Title: Re: Official statement on the recent news about privacy
Post by: chris.. on January 30, 2020, 11:24:44 PM

A message from Avast CEO Ondrej Vlcek
https://blog.avast.com/a-message-from-ceo-ondrej-vlcek

Avast will no longer provide data to Jumpshot
https://press.avast.com/avast-to-commence-wind-down-of-subsidiary-jumpshot
Quote
“We regret the impact this will have on Jumpshot employees and we appreciate the contributions they have made. We will endeavor to make this transition as smooth as possible for them,” said Mr. Vlcek.
Why did avast make public what should have been addressed privately to Jumpshot?
Am I the only user reading this with the feeling of being guilty of the impact on the employees of this company when I originally thought I was the victim, or did I not understand it?

I sincerely hope that our opinions count for avast as it says, but it's a pity that the trigger didn't come directly from us and our questions on this forum but rather from external investigations of which we know nothing (we can just guess  :) ) about their motives.
Title: Re: Official statement on the recent news about privacy
Post by: XdxD on January 31, 2020, 06:29:35 AM
]Microsoft, Google your ISP, etc, etc. All collect data and use it in many different ways. Making money is one of the ways your data is used.
There may not be any gathering of information via Defender but, it's collected in other places. By default, the OS is set to share as much of your info as possible.


The average user doesn't go into those settings to make changes which is what all large and small companies depend on.
Here in the US, if you've ever been on the internet for any amount of time, you no longer have any privacy.
If you delete your information from one source, you can be assured that this information has already been gathered in many other places.
Security is alive and well. Privacy is a totally different subject matter.
We now at least have the assurance from Ondrej that collection of information from it's product from now on, will only happen if you agree to that collection.

A message from Avast CEO Ondrej Vlcek
https://blog.avast.com/a-message-from-ceo-ondrej-vlcek

Avast will no longer provide data to Jumpshot
https://press.avast.com/avast-to-commence-wind-down-of-subsidiary-jumpshot
Let's look at what the CEO told in the form of an example.
Imagine I took your car without informing you and sold it to some car retailer. You'd be furious right, like right now the users of Avast are with Avast? Later, the news breaks out that I have done similar activity with more than a million people.  To calm down the situation, I then tell you that I will never ever deal with that car retailer. That doesn't bring you or those million people's cars back to them. That's what has happened right now. Our data is already gone, no matter what Avast as a company does right now. Noob people, if you believe I am one of those, would always go to review sites to get a better security solution. Considering this debacle and those sites ' decision to not let Avast be on their recommendation list for their privacy scandal, I wouldn't even want an Avast product on my PC. I care about a company collecting stuffs to improve their product, not to shell out cash of their user's day-to-day activities.
I was quite happy last week when a vulnerability of malwares using EFS was already mitigated by Avast in September last year. I felt pride that my preferred Security Solution had already patched up way before other solutions. Now, after the news broke out, I wouldn't even keep this 'data collecting Champ' in my PC. Because I, as the trust is broken, wouldn't be sure no matter how many times Avast tells me that those check boxes in Privacy section even work for sure now.
I was a frequent lurker here and was quite interested and happy in your answers to all those questions that have been asked related to Anti-Virus related issues. But you still believe that Avast did nothing wrong. So, keep enjoying it.
Also, have a look here regarding why Avast shouldn't have done that. https://forum.avast.com/index.php?topic=231837.msg1533802#msg1533802
Title: Re: Official statement on the recent news about privacy
Post by: Hadrian Walker on January 31, 2020, 06:40:08 AM
Extremely disappointing, particularly from a company entrusted to protect one's security and privacy.

I guess to the old adage "if you're not paying for the product, you are the product" needs to to be updated..... "even if you're paying for the product, you are the product"!
Title: Re: Official statement on the recent news about privacy
Post by: XdxD on January 31, 2020, 06:49:23 AM
Extremely disappointing, particularly from a company entrusted to protect one's security and privacy.

I guess to the old adage "if you're not paying for the product, you are the product" needs to to be updated..... "even if you're paying for the product, you are the product"!
Seems like that's become true now in 2020.
Title: Re: Official statement on the recent news about privacy
Post by: bob3160 on January 31, 2020, 08:19:00 AM
@XdxD
"I was a frequent lurker here and was quite interested and happy in your answers to all those questions that have been asked related to Anti-Virus related issues. But you still believe that Avast did nothing wrong. So, keep enjoying it."
So now you aren't only a frequent lurker you are also a mind reader?
Where in the world did you ever see me state that I was happy with this situation?
https://bob3160.blogspot.com/2020/01/avast-and-your-privacy.html (https://bob3160.blogspot.com/2020/01/avast-and-your-privacy.html)
Title: Re: Official statement on the recent news about privacy
Post by: jsmithy on January 31, 2020, 10:18:19 AM
Have uninstalled all Avast products from my and my family's devices and won't be using these ever again. I'm sure I'm not the only one...
Title: Re: Official statement on the recent news about privacy
Post by: XdxD on January 31, 2020, 10:45:16 AM
@XdxD
"I was a frequent lurker here and was quite interested and happy in your answers to all those questions that have been asked related to Anti-Virus related issues. But you still believe that Avast did nothing wrong. So, keep enjoying it."
So now you aren't only a frequent lurker you are also a mind reader?
Where in the world did you ever see me state that I was happy with this situation?
https://bob3160.blogspot.com/2020/01/avast-and-your-privacy.html (https://bob3160.blogspot.com/2020/01/avast-and-your-privacy.html)
Forgot about your blog. Sorry for that. But still I see you don't want people to uninstall it. You still have faith on Avast. Think about this. Would have anyone known about what Avast was doing if PCMag didn't run an investigation along with Motherboard? Shouldn't have Avast just collected the detection and threat data and not privacy infringing stuff?
Title: Re: Official statement on the recent news about privacy
Post by: bob3160 on January 31, 2020, 01:01:13 PM
@XdxD
"I was a frequent lurker here and was quite interested and happy in your answers to all those questions that have been asked related to Anti-Virus related issues. But you still believe that Avast did nothing wrong. So, keep enjoying it."
So now you aren't only a frequent lurker you are also a mind reader?
Where in the world did you ever see me state that I was happy with this situation?
https://bob3160.blogspot.com/2020/01/avast-and-your-privacy.html (https://bob3160.blogspot.com/2020/01/avast-and-your-privacy.html)
Forgot about your blog. Sorry for that. But still I see you don't want people to uninstall it. You still have faith on Avast. Think about this. Would have anyone known about what Avast was doing if PCMag didn't run an investigation along with Motherboard? Shouldn't have Avast just collected the detection and threat data and not privacy infringing stuff?
Faith is a strong word and for me reserved for God. I still feel that Avast is doing an excellent job when it comes to securing everything connected. Privacy was lost a long time ago and yes, I agree that the selling of our data even in a cleansed way never should have happend.
I also take Ondrej at his word that this sort of thing will not happen again on his watch.
The practice started way before he took the reins so allowing him to put Avast back on the right track is only fair.
Title: Re: Official statement on the recent news about privacy
Post by: Be Secure on January 31, 2020, 01:28:42 PM
@XdxD
"I was a frequent lurker here and was quite interested and happy in your answers to all those questions that have been asked related to Anti-Virus related issues. But you still believe that Avast did nothing wrong. So, keep enjoying it."
So now you aren't only a frequent lurker you are also a mind reader?
Where in the world did you ever see me state that I was happy with this situation?
https://bob3160.blogspot.com/2020/01/avast-and-your-privacy.html (https://bob3160.blogspot.com/2020/01/avast-and-your-privacy.html)
Forgot about your blog. Sorry for that. But still I see you don't want people to uninstall it. You still have faith on Avast. Think about this. Would have anyone known about what Avast was doing if PCMag didn't run an investigation along with Motherboard? Shouldn't have Avast just collected the detection and threat data and not privacy infringing stuff?
Faith is a strong word and for me reserved for God. I still feel that Avast is doing an excellent job when it comes to securing everything connected. Privacy was lost a long time ago and yes, I agree that the selling of our data even in a cleansed way never should have happend.
I also take Ondrej at his word that this sort of thing will not happen again on his watch.
The practice started way before he took the reins so allowing him to put Avast back on the right track is only fair.
I completely disagree with Bob, avast loose my faith and it is not 1st time user data leak. 2014,2019,2020. If jumpshot is evil why not kick it out of avast eco system earlier?
Title: Re: Official statement on the recent news about privacy
Post by: chris.. on January 31, 2020, 02:25:45 PM
Faith is a strong word and for me reserved for God. I still feel that Avast is doing an excellent job when it comes to securing everything connected. Privacy was lost a long time ago and yes, I agree that the selling of our data even in a cleansed way never should have happend.
I also take Ondrej at his word that this sort of thing will not happen again on his watch.
For me, taking Ondrej at his word without being inside the company and the policy employed is no longer a feeling but already a faith,especially when the challenges of such a company are not the sale of one or two loaves of bread at a baker's.

Quote
The practice started way before he took the reins so allowing him to put Avast back on the right track is only fair.
Does this mean that from 2003 (when you started at avast) to 7 months ago (when Ondrej took over as CEO of avast), you didn't think avast was on the right track?
That's how I interpret your last sentence.
Before, or at least since the data collection began, you were not sure what you were doing, otherwise why is it that Ondrej needs to get avast back on track for you right now?
It was up to those you trusted before, to put Avast on the right track at the right time and not two or three years later.

I completely disagree with Bob, avast loose my faith and it is not 1st time user data leak. 2014,2019,2020. If jumpshot is evil why not kick it out of avast eco system earlier?
In spite of this, Bob never puts a damper on the past and has complete self-confidence in the future.
For me, when optimism reaches this point, it doesn't denote feeling but faith. :)

I'll end up saying that I always give my trust in avast, not because I believe that Ondrej and his team will work miracles (it won't happen  :( ) but because I'm far from being so naive to believe in something utopian elsewhere.

Title: Re: Official statement on the recent news about privacy
Post by: bob3160 on January 31, 2020, 03:02:13 PM
Faith is a strong word and for me reserved for God. I still feel that Avast is doing an excellent job when it comes to securing everything connected. Privacy was lost a long time ago and yes, I agree that the selling of our data even in a cleansed way never should have happend.
I also take Ondrej at his word that this sort of thing will not happen again on his watch.
For me, taking Ondrej at his word without being inside the company and the policy employed is no longer a feeling but already a faith,especially when the challenges of such a company are not the sale of one or two loaves of bread at a baker's.

Quote
The practice started way before he took the reins so allowing him to put Avast back on the right track is only fair.
Does this mean that from 2003 (when you started at avast) to 7 months ago (when Ondrej took over as CEO of avast), you didn't think avast was on the right track?
That's how I interpret your last sentence.
Before, or at least since the data collection began, you were not sure what you were doing, otherwise why is it that Ondrej needs to get avast back on track for you right now?
It was up to those you trusted before, to put Avast on the right track at the right time and not two or three years later.
It helps to have the correct facts. My statement was that I started using Avast in 2003. I don't work for Avast.
So I really don't understand what you're trying to get at.
Title: Re: Official statement on the recent news about privacy
Post by: k.chalkidis13 on January 31, 2020, 08:47:02 PM
I would like to mention that also Microsoft and Google collecting our privacy data.and use them as they will..
I suppose that all of you have already changed operating system and web browser....
Title: Re: Official statement on the recent news about privacy
Post by: WalKal-X on January 31, 2020, 10:52:00 PM
I've been an Avast user for "ages" and have three Avast products running in my computers but I have decided not to renew any of them instead I will jump ship to F-Secure which even have a better price for those three products I'm using at present.
Title: Re: Official statement on the recent news about privacy
Post by: estebano on January 31, 2020, 11:32:13 PM
Those are all some really weasely whataboutisms. "Google is doing this, Microsoft is doing that...". So we should't care anymore because there is no way to at least partially protect our private sphere? Sounds Orwellian to me, but ok.

I know people can get really emotionally attached to their Antivirus Products because they give them a sense of security and protection. All those Popups to protect your private sphere, to buy their vpn (thus throwing even more money at them) ensuring their user that everything is well and you are protected - symbolized by a big green checkmark. Antivir companies know which psychological buttons to press in their customers mind, to make their products attractive. In the end the feeling of safety is their business. So obviously this scandal comes as a betrayal. If I PAY for their product, I shouldn't be the product, I shouldn't sell my private sphere. And the alleged data they collected seems pretty invasive. And this is only what has been publicly uncovered. Surely no one believes, that Avast officials would come forward themselves if there is more dirt. That would only boost the scandal right now.

Also there are options to improve your privacy. Change the privacy settings of your OS and your programs/applications. Avoid data kraken like Google and Facebook. The reason, why i moved from Chrome to Avast Secure Browser was because I thought that would be an improvement to my privacy. Huh, how about that... And if is unclear whether products like avast are more like malware than actually helpful (there are obviously a number of security problems with Antivirus software, too) maybe it is for the best to just go without it.

I'm now trying Brave Browser with noscript and simply windows defender. As far as i am concerned it's just one less wolf in sheep's clothing around me.
Title: Re: Official statement on the recent news about privacy
Post by: Mike ALA on February 01, 2020, 01:43:46 AM
Am I the only one that wants to know what kind of information Jumpshot has on me? I've sent a request for information to them as I have the right to do under GDPR but no response. I'm going to wait 30 days and then sue them to get the information, the fine for not complying is quite steep. And if Jumpshot shuts down I'm going after AVAST.
Title: Re: Official statement on the recent news about privacy
Post by: Kermit80 on February 01, 2020, 06:09:16 PM
Am I the only one that wants to know what kind of information Jumpshot has on me? I've sent a request for information to them as I have the right to do under GDPR but no response. I'm going to wait 30 days and then sue them to get the information, the fine for not complying is quite steep. And if Jumpshot shuts down I'm going after AVAST.

you may want to know that if data is anonymised GDPR does not apply
Title: Re: Official statement on the recent news about privacy
Post by: Asyn on February 01, 2020, 08:26:09 PM
For Europe (GDPR): https://support.avast.com/en-eu/article/GDPR-FAQ
Privacy Preference Portal: https://www.avast.com/gdpr
Title: Re: Official statement on the recent news about privacy
Post by: DavidR on February 01, 2020, 09:22:47 PM
Am I the only one that wants to know what kind of information Jumpshot has on me? I've sent a request for information to them as I have the right to do under GDPR but no response. I'm going to wait 30 days and then sue them to get the information, the fine for not complying is quite steep. And if Jumpshot shuts down I'm going after AVAST.

you may want to know that if data is anonymised GDPR does not apply

I was wondering how long it would before someone would realise/mention this. 
Title: Re: Official statement on the recent news about privacy
Post by: anon.nona on February 01, 2020, 11:48:33 PM
Am I the only one that wants to know what kind of information Jumpshot has on me? I've sent a request for information to them as I have the right to do under GDPR but no response. I'm going to wait 30 days and then sue them to get the information, the fine for not complying is quite steep. And if Jumpshot shuts down I'm going after AVAST.

you may want to know that if data is anonymised GDPR does not apply

I was wondering how long it would before someone would realise/mention this.

well, Im not so sure. It is especially hard since we dont know what was in the data that Avast pulled from our computers, but about 5 minutes of digging gives that GDPR goes pretty far here,  Article 4, §1 clearly specifies:

"‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;"



Moving on to Avast, in the privacy policy, Avast specifies that they collect:

"Email address             -              To send you communications regarding your license and support
Username             -              To manage your account and facilitate your login into the service
Subscription renewal date             -              To tell us until when the account is valid
Trial User             -              To add a trial period before the account is charged"

Especially Email Address and Username looks to me like they would be what one would call "Online identifiers".





Furthermore, Avast privacy policy also states that these bits of information are collected:

"Product Data includes two sub-categories:

Device Data includes information about the operating system; hardware; city/country of device; error logs; browser; network; applications running on the device, including the Avast products; and
Service Data includes information about the Avast product usage and events relating to use of our product by you such as malware samples and detections, information concerning URLs of websites, usage statistics (activation, crashes, scans, errors), IP address."

IP address and city/country will most probably also fall under what GDPR considers "personal data", wouldnt you agree?

For reference:
----------------
Avast privacy policy:
https://www.avast.com/privacy-policy

GDPR official legal text, Article 4:
https://gdpr-info.eu/art-4-gdpr/
Title: Re: Official statement on the recent news about privacy
Post by: bob3160 on February 01, 2020, 11:52:33 PM
Am I the only one that wants to know what kind of information Jumpshot has on me? I've sent a request for information to them as I have the right to do under GDPR but no response. I'm going to wait 30 days and then sue them to get the information, the fine for not complying is quite steep. And if Jumpshot shuts down I'm going after AVAST.

you may want to know that if data is anonymised GDPR does not apply

I was wondering how long it would before someone would realise/mention this.

well, Im not so sure. It is especially hard since we dont know what was in the data that Avast pulled from our computers, but about 5 minutes of digging gives that GDPR goes pretty far here,  Article 4, §1 clearly specifies:

"‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;"



Moving on to Avast, in the privacy policy, Avast specifies that they collect:

"Email address             -              To send you communications regarding your license and support
Username             -              To manage your account and facilitate your login into the service
Subscription renewal date             -              To tell us until when the account is valid
Trial User             -              To add a trial period before the account is charged"

Especially Email Address and Username looks to me like they would be what one would call "Online identifiers".





Furthermore, Avast privacy policy also states that these bits of information are collected:

"Product Data includes two sub-categories:

Device Data includes information about the operating system; hardware; city/country of device; error logs; browser; network; applications running on the device, including the Avast products; and
Service Data includes information about the Avast product usage and events relating to use of our product by you such as malware samples and detections, information concerning URLs of websites, usage statistics (activation, crashes, scans, errors), IP address."

IP address and city/country will most probably also fall under what GDPR considers "personal data", wouldnt you agree?

For reference:
----------------
Avast privacy policy:
https://www.avast.com/privacy-policy (https://www.avast.com/privacy-policy)

GDPR official legal text, Article 4:
https://gdpr-info.eu/art-4-gdpr/ (https://gdpr-info.eu/art-4-gdpr/)
Disclosing what's collected is a good thing not done by many but it isn't necessarily the same as what was shared.
Title: Re: Official statement on the recent news about privacy
Post by: anon.nona on February 01, 2020, 11:57:11 PM
Are you suggesting that what avast writes in its privacy policy is not correct?
Title: Re: Official statement on the recent news about privacy
Post by: bob3160 on February 01, 2020, 11:58:20 PM
Are you suggesting that what avast writes in its privacy policy is not correct?
Where in the privacy statement does it state what they shared?
Title: Re: Official statement on the recent news about privacy
Post by: anon.nona on February 02, 2020, 12:00:08 AM
Are you suggesting that what avast writes in its privacy policy is not correct?
Where in the privacy statement does it state what they shared?

It was my understanding the poster wanted to know what data jumpshot (or in the long run, avast, since jumpshot looks shutdown already) had on them, not what they shared?
And knowing what data a company has on its customer seem to fall within the rights of gdpr, does it not?
Title: Re: Official statement on the recent news about privacy
Post by: bob3160 on February 02, 2020, 12:04:53 AM
Are you suggesting that what avast writes in its privacy policy is not correct?
Where in the privacy statement does it state what they shared?

It was my understanding the poster wanted to know what data jumpshot (or in the long run, avast, since jumpshot looks shutdown already) had on them, not what they shared?
And knowing what data a company has on its customer seem to fall within the rights of gdpr, does it not?
One has nothing to do with the other. What Avast collected is disclosed and something you agreed to have them collect.
What they shared was stripped of personal information. You also didn't notice the following, if data is anonymised GDPR does not apply
Title: Re: Official statement on the recent news about privacy
Post by: anon.nona on February 02, 2020, 12:11:13 AM
Are you suggesting that what avast writes in its privacy policy is not correct?
Where in the privacy statement does it state what they shared?

It was my understanding the poster wanted to know what data jumpshot (or in the long run, avast, since jumpshot looks shutdown already) had on them, not what they shared?
And knowing what data a company has on its customer seem to fall within the rights of gdpr, does it not?
One has nothing to do with the other. What Avast collected is disclosed and something you agreed to have them collect.
What they shared was stripped of personal information. You also didn't notice the following, if data is anonymised GDPR does not apply

That they disclosed what they collect hardly means that the user loses his right to see the data though, does it? and again, what they shared was not the point the poster was making, it was "What data Jumpshot/Avast has on them".
Title: Re: Official statement on the recent news about privacy
Post by: bob3160 on February 02, 2020, 12:13:20 AM
Again you are using Avast and Jumpshot as one entity they are two separate companies
They don't share the same data.
Title: Re: Official statement on the recent news about privacy
Post by: anon.nona on February 02, 2020, 12:17:04 AM
Again you are using Avast and Jumpshot as one entity they are two separate companies
They don't share the same data.

I am fully aware of that. I am sorry, what I intended to say was:
"That they disclosed what they collect hardly means that the user loses his right to see the data though, does it? and again, what they shared was not the point the poster was making, it was "What data Jumpshot has on them, failing that, they want to know what data Avast has on them".

Can we now agree that the user is in their full right to ask for this data, whether it contains horrible amounts of personal data, or only a nick for the forum and an email address, probably tied to an IP as well?
Title: Re: Official statement on the recent news about privacy
Post by: bob3160 on February 02, 2020, 12:19:38 AM
Again you are using Avast and Jumpshot as one entity they are two separate companies
They don't share the same data.

I am fully aware of that. I am sorry, what I intended to say was:
"That they disclosed what they collect hardly means that the user loses his right to see the data though, does it? and again, what they shared was not the point the poster was making, it was "What data Jumpshot has on them, failing that, they want to know what data Avast has on them".

Can we now agree that the user is in their full right to ask for this data, whether it contains horrible amounts of personal data, or only a nick for the forum and an email address, probably tied to an IP as well?
Avast has already declared what it collects and the user agreed to allow that collection. So I don't understand what you're trying to point out?
Title: Re: Official statement on the recent news about privacy
Post by: Kermit80 on February 02, 2020, 12:23:40 AM
That they disclosed what they collect hardly means that the user loses his right to see the data though, does it? and again, what they shared was not the point the poster was making, it was "What data Jumpshot/Avast has on them".

just to clarify:

1.) Avast states in its policy that some user data is collected, they clearly say for what purposes that data is collected (sharing it's not included). It's your right (GDPR) to know from Avast what data they have about you and to ask for its deletion.

2.) Avast share, on your consent, browsing history with Jumpshot. That data is anonymised and aggregated thus it's no more referrable to you. In this case GDPR does not apply since there is no more personal data.
Title: Re: Official statement on the recent news about privacy
Post by: DavidR on February 02, 2020, 12:24:54 AM
Again you are using Avast and Jumpshot as one entity they are two separate companies
They don't share the same data.

Even if they were, which they aren't.
When the data has identifiable data removed/anonymised (stripped out) and then aggregated, how does one go about identifying what data is held for that person making the enquiry, when personalised data has been removed.
Title: Re: Official statement on the recent news about privacy
Post by: anon.nona on February 02, 2020, 12:25:52 AM
Again you are using Avast and Jumpshot as one entity they are two separate companies
They don't share the same data.

I am fully aware of that. I am sorry, what I intended to say was:
"That they disclosed what they collect hardly means that the user loses his right to see the data though, does it? and again, what they shared was not the point the poster was making, it was "What data Jumpshot has on them, failing that, they want to know what data Avast has on them".

Can we now agree that the user is in their full right to ask for this data, whether it contains horrible amounts of personal data, or only a nick for the forum and an email address, probably tied to an IP as well?
Avast has already declared what it collects and the user agreed to allow that collection. So I don't understand what you're trying to point out?

yeah, I am sorry, but I made it fairly clear. I dont have time to try to make someone understand that actively refuses to do so. I think most other people on this forum understood my point atleast.
One last time; "The user has, in accordance with GDPR, the right to know the data that a company, in this case Jumpshot or Avast or any other company really, holds about them". That is it, end of story, thats what I am getting at, and it is within their rights, even if it says in some bundled up privacy nonsense what information they may or may not have on said user. The user still has the right to request a printout of said information. Period.
Title: Re: Official statement on the recent news about privacy
Post by: bob3160 on February 02, 2020, 12:31:54 AM
Again you are using Avast and Jumpshot as one entity they are two separate companies
They don't share the same data.

I am fully aware of that. I am sorry, what I intended to say was:
"That they disclosed what they collect hardly means that the user loses his right to see the data though, does it? and again, what they shared was not the point the poster was making, it was "What data Jumpshot has on them, failing that, they want to know what data Avast has on them".

Can we now agree that the user is in their full right to ask for this data, whether it contains horrible amounts of personal data, or only a nick for the forum and an email address, probably tied to an IP as well?
Avast has already declared what it collects and the user agreed to allow that collection. So I don't understand what you're trying to point out?

yeah, I am sorry, but I made it fairly clear. I dont have time to try to make someone understand that actively refuses to do so. I think most other people on this forum understood my point atleast.
One last time; "The user has, in accordance with GDPR, the right to know the data that a company, in this case Jumpshot or Avast or any other company really, holds about them". That is it, end of story, thats what I am getting at, and it is within their rights, even if it says in some bundled up privacy nonsense what information they may or may not have on said user. The user still has the right to request a printout of said information. Period.
If you don't reside in the US, you have the right you stated. I'm also pretty sure that Avast would honor that request if you're in the US.
Title: Re: Official statement on the recent news about privacy
Post by: Kermit80 on February 02, 2020, 12:42:29 AM
yeah, I am sorry, but I made it fairly clear. I dont have time to try to make someone understand that actively refuses to do so. I think most other people on this forum understood my point atleast.

Your point is pretty clear. Just please understand that you do have the right to know what data Avast has on you (at least if you live in the EU) but you can't ask for what data Jumpshot has on you since they don't have any (it has been anonymized and aggregated)
Title: Re: Official statement on the recent news about privacy
Post by: DavidR on February 02, 2020, 12:43:00 AM
<snip quotes>
yeah, I am sorry, but I made it fairly clear. I dont have time to try to make someone understand that actively refuses to do so. I think most other people on this forum understood my point atleast.

One last time; "The user has, in accordance with GDPR, the right to know the data that a company, in this case Jumpshot or Avast or any other company really, holds about them". That is it, end of story, thats what I am getting at, and it is within their rights, even if it says in some bundled up privacy nonsense what information they may or may not have on said user.

The user still has the right to request a printout of said information. Period.

And just how do you suggest they go about this:
When the data has had any identifiable data removed/anonymised (stripped out) and then aggregated, how does one go about identifying what data is held for that person making the enquiry, when personalised data has been removed.

They would under GDPR (even if this were the case having given permission for that data to be used) be entitled to know what information is held on them.  They would have to give personal information with which to make a search, a search on any anonymised and then aggregated data would return zero hits.

You can't just give them a print out of all of the aggregated data as they would have no right to that.
Title: Re: Official statement on the recent news about privacy
Post by: leonard53 on February 02, 2020, 02:46:08 AM
When entering the bedroom and finding your partner in bed with someone else, you don't want to hear: Darling, it's not what you think...
Even after a marriage of 10 years it SHOULD make you think.
That's the feeling I presently have about AVAST!
Title: Re: Official statement on the recent news about privacy
Post by: Mike ALA on February 02, 2020, 11:48:57 AM
And just how do you suggest they go about this:
When the data has had any identifiable data removed/anonymised (stripped out) and then aggregated, how does one go about identifying what data is held for that person making the enquiry, when personalised data has been removed.

They would under GDPR (even if this were the case having given permission for that data to be used) be entitled to know what information is held on them.  They would have to give personal information with which to make a search, a search on any anonymised and then aggregated data would return zero hits.

You can't just give them a print out of all of the aggregated data as they would have no right to that.

But that's where I would argue against you. In the leaks it's made clear that every install of AVAST has its unique ID, this ID changes if you uninstall and install AVAST again. That ID is also connected to the data collected and used by Jumpshot to identify the set of Data. It's that ID that allows the buyer of Data to follow a unique user through different sites and create a profile. It is very hard to believe that I as a user would not be able to have access to my own unique ID that I got when I installed Avast. It is also very hard to believe that AVAST wouldn't be able to connect that ID with an IP or username. In other words, maybe the buyer of Data is getting anonymized and then aggregated data, but for AVAST and the user that data is easily identifiable.
Title: Re: Official statement on the recent news about privacy
Post by: bob3160 on February 02, 2020, 12:10:23 PM
"but for AVAST and the user that data is easily identifiable"
I hope so. it's your data and you allowed it to be used by Avast.
Title: Re: Official statement on the recent news about privacy
Post by: Luukjr on February 02, 2020, 12:37:02 PM
It would be nice if all comments on the Avast policy could be grouped in one topic.
Title: Re: Official statement on the recent news about privacy
Post by: bob3160 on February 02, 2020, 12:45:03 PM
It would be nice if all comments on the Avast policy could be grouped in one topic.
It would be nice. I've forwarded your request to Avast
Title: Re: Official statement on the recent news about privacy
Post by: Kermit80 on February 02, 2020, 06:14:47 PM
But that's where I would argue against you. In the leaks it's made clear that every install of AVAST has its unique ID, this ID changes if you uninstall and install AVAST again. That ID is also connected to the data collected and used by Jumpshot to identify the set of Data. It's that ID that allows the buyer of Data to follow a unique user through different sites and create a profile. It is very hard to believe that I as a user would not be able to have access to my own unique ID that I got when I installed Avast. It is also very hard to believe that AVAST wouldn't be able to connect that ID with an IP or username. In other words, maybe the buyer of Data is getting anonymized and then aggregated data, but for AVAST and the user that data is easily identifiable.

That differs from the informations I get. Could you please post a link to your sources?
Title: Re: Official statement on the recent news about privacy
Post by: Chuck58 on February 03, 2020, 01:49:39 AM
I see a lot of "Microsoft does this, Google does it, I have faith, the CEO of Avast says.

This isn't about what MS or Google did, or do. It's about what Avast did. I have no faith in what Avast's CEO said, because it's very much like a crook being caught and apologizing to his victims. He isn't sorry he did it; he's sorry he got caught.

I'm an Avast user for over 16 years. Rather, I was an Avast user. Avast is gone and will never be on my computers again. Once burned, twice cautious.
Title: Re: Official statement on the recent news about privacy
Post by: Azure Phoenix on February 03, 2020, 01:54:02 AM
But that's where I would argue against you. In the leaks it's made clear that every install of AVAST has its unique ID, this ID changes if you uninstall and install AVAST again. That ID is also connected to the data collected and used by Jumpshot to identify the set of Data. It's that ID that allows the buyer of Data to follow a unique user through different sites and create a profile. It is very hard to believe that I as a user would not be able to have access to my own unique ID that I got when I installed Avast. It is also very hard to believe that AVAST wouldn't be able to connect that ID with an IP or username. In other words, maybe the buyer of Data is getting anonymized and then aggregated data, but for AVAST and the user that data is easily identifiable.

That differs from the informations I get. Could you please post a link to your sources?
I believe this could be one
https://www.pcmag.com/news/the-cost-of-avasts-free-antivirus-companies-can-spy-on-your-clicks

I feel that if Avast had promptly addressed the whole de-anonymization it would have significantly helped their public imaged
Title: Re: Official statement on the recent news about privacy
Post by: bob3160 on February 03, 2020, 02:37:38 AM
But that's where I would argue against you. In the leaks it's made clear that every install of AVAST has its unique ID, this ID changes if you uninstall and install AVAST again. That ID is also connected to the data collected and used by Jumpshot to identify the set of Data. It's that ID that allows the buyer of Data to follow a unique user through different sites and create a profile. It is very hard to believe that I as a user would not be able to have access to my own unique ID that I got when I installed Avast. It is also very hard to believe that AVAST wouldn't be able to connect that ID with an IP or username. In other words, maybe the buyer of Data is getting anonymized and then aggregated data, but for AVAST and the user that data is easily identifiable.

That differs from the informations I get. Could you please post a link to your sources?
I believe this could be one
https://www.pcmag.com/news/the-cost-of-avasts-free-antivirus-companies-can-spy-on-your-clicks (https://www.pcmag.com/news/the-cost-of-avasts-free-antivirus-companies-can-spy-on-your-clicks)

I feel that if Avast had promptly addressed the whole de-anonymization it would have significantly helped their public imaged
The news broke on 1/28/2020 and Avast posted their explanation on 1/29/2020.
https://blog.avast.com/a-message-from-ceo-ondrej-vlcek (https://blog.avast.com/a-message-from-ceo-ondrej-vlcek)

How much faster did you expect a reply?
Title: Re: Official statement on the recent news about privacy
Post by: Azure Phoenix on February 03, 2020, 02:53:49 AM
But that's where I would argue against you. In the leaks it's made clear that every install of AVAST has its unique ID, this ID changes if you uninstall and install AVAST again. That ID is also connected to the data collected and used by Jumpshot to identify the set of Data. It's that ID that allows the buyer of Data to follow a unique user through different sites and create a profile. It is very hard to believe that I as a user would not be able to have access to my own unique ID that I got when I installed Avast. It is also very hard to believe that AVAST wouldn't be able to connect that ID with an IP or username. In other words, maybe the buyer of Data is getting anonymized and then aggregated data, but for AVAST and the user that data is easily identifiable.

That differs from the informations I get. Could you please post a link to your sources?
I believe this could be one
https://www.pcmag.com/news/the-cost-of-avasts-free-antivirus-companies-can-spy-on-your-clicks (https://www.pcmag.com/news/the-cost-of-avasts-free-antivirus-companies-can-spy-on-your-clicks)

I feel that if Avast had promptly addressed the whole de-anonymization it would have significantly helped their public imaged
The news broke on 1/28/2020 and Avast posted their explanation on 1/29/2020.
https://blog.avast.com/a-message-from-ceo-ondrej-vlcek (https://blog.avast.com/a-message-from-ceo-ondrej-vlcek)

How much faster did you expect a reply?
Unless I missed it. Nothing there addressed the de-anonymzation claims. Which as I said, I believe they should had.
Title: Re: Official statement on the recent news about privacy
Post by: jraju on February 03, 2020, 03:43:00 AM
Hi, are these lines convey simple things?
Your antivirus should protect you, but what if it's handing over your browser history to a major marketing company?
i repeat avast  .. a vast lost of confidence
Title: Re: Official statement on the recent news about privacy
Post by: Kermit80 on February 03, 2020, 03:50:33 PM
That differs from the informations I get. Could you please post a link to your sources?
I believe this could be one
https://www.pcmag.com/news/the-cost-of-avasts-free-antivirus-companies-can-spy-on-your-clicks

thanks. I've read that article and I have a few concerns. It looks to be based on researches made by Wladimir Palant and PCmag itself.
When speaking about data aggregation, Palant states that PCmag research indicates that some Jumpshot customers could access browser histories of individual users. Still,  I can't find any real proof of that.

Title: Re: Official statement on the recent news about privacy
Post by: jraju on February 04, 2020, 04:17:04 AM
Hi, i really feel that avast has done a disservice to the mankind by falsely saying that it will protect, but instead , it did otherwise.It is unforgivable , whether the data supplying company or the received company use the data or not.
It is against mankind and i quit
Title: Re: Official statement on the recent news about privacy
Post by: Mike ALA on February 05, 2020, 02:20:10 PM
thanks. I've read that article and I have a few concerns. It looks to be based on researches made by Wladimir Palant and PCmag itself.
When speaking about data aggregation, Palant states that PCmag research indicates that some Jumpshot customers could access browser histories of individual users. Still,  I can't find any real proof of that.

I can't find any proof of that either. I requested that Jumpshot send me my data, they actually had an option about requesting your Data on their website well hidden deep inside it, but they shut down before I got any email back. You can ask yourself why that's an option if all data is annqonymized? I had hoped that I'd get some answers that way.
I've also requested my information from AVAST using the Privacy Portgal at https://www.avast.com/en-us/gdpr . The info I got on myself was only my email, adress and info I sent AVAST when I purchased a license. That also makes me wonder, doesn't AVAST consider the information mined with my installed AV as part of my personal information, or didn't they have anything from me? So many questions and AVAST is doing a lousy job of answering, just making it all way more suspect.
Title: Re: Official statement on the recent news about privacy
Post by: bob3160 on February 05, 2020, 02:45:51 PM
What I've been told following my inquiries regarding the data that was collected was the following,
“The data feed is controlled from our environment and has been turned off.
There is no action you need to take with your product. Data sent to Jumpshot will be deleted
once the wind-down process and corresponding legal obligations are completed.”
Title: Re: Official statement on the recent news about privacy
Post by: Mike ALA on February 05, 2020, 03:34:47 PM
What I've been told following my inquiries regarding the data that was collected was the following,
“The data feed is controlled from our environment and has been turned off.
There is no action you need to take with your product. Data sent to Jumpshot will be deleted
once the wind-down process and corresponding legal obligations are completed.”

If true then it's good news. I'd still want to know what the data is and how it was presented to Jumpshot's clients.
Title: Re: Official statement on the recent news about privacy
Post by: bob3160 on February 05, 2020, 03:39:37 PM
What I've been told following my inquiries regarding the data that was collected was the following,
“The data feed is controlled from our environment and has been turned off.
There is no action you need to take with your product. Data sent to Jumpshot will be deleted
once the wind-down process and corresponding legal obligations are completed.”

If true then it's good news. I'd still want to know what the data is and how it was presented to Jumpshot's clients.
If true ???
Title: Re: Official statement on the recent news about privacy
Post by: jraju on February 08, 2020, 03:00:27 AM
Bi, bob, do not blindly support .To a query , that what has jumpshot been doing, there was no answer from avast.
Could you give links if available on web on jumpshot leakage other than that appeared in initial releases.

It appears that you are just passing light remarks on something which is every bodys concern including avast
If true.....
that does not convey anything,
if not true, would be the expected answer.
Title: Re: Official statement on the recent news about privacy
Post by: bob3160 on February 08, 2020, 11:23:24 AM
Bi, bob, do not blindly support .To a query , that what has jumpshot been doing, there was no answer from avast.
Could you give links if available on web on jumpshot leakage other than that appeared in initial releases.

It appears that you are just passing light remarks on something which is every bodys concern including avast
If true.....
that does not convey anything,
if not true, would be the expected answer.
You appear to post your personal dislike all over this forum. It's call spamming.
I posted what Avast OK'd to pass along. Some of us on this forum have access to sources not available to everyone.
You may not like what I've posted but please, don't question my honesty.
I get that you aren't happy. I get you no longer use Avast. It's your choice.
This is still the Avast support forum not the forum to post personal disdain.
Have a nice day and join the forum of what ever product you've decided to move to.

Title: Re: Official statement on the recent news about privacy
Post by: davexnet on February 08, 2020, 07:19:39 PM
There are those on the forum who have so much emotional attachment wrapped up in avast
that to contemplate their wrong doing is painful, a kind of cognitive dissonance.
They handle the conflict by denying and minimizing the uncomfortable information.

What should be the typical users reaction?  My own opinion, these days, would be a healthy skepticism
to any third party A/V - Let's be honest, users' data is now big business ($$$). 

We can open hope avast is true to their word going forward.  It doesn't excuse their previous selling
of the data.  The clues were there for those wanted to see.

Title: Re: Official statement on the recent news about privacy
Post by: bob3160 on February 08, 2020, 07:58:08 PM
There are those on the forum who have so much emotional attachment wrapped up in avast
that to contemplate their wrong doing is painful, a kind of cognitive dissonance.
They handle the conflict by denying and minimizing the uncomfortable information.

What should be the typical users reaction?  My own opinion, these days, would be a healthy skepticism
to any third party A/V - Let's be honest, users' data is now big business ($$$). 

We can open hope avast is true to their word going forward.  It doesn't excuse their previous selling
of the data.  The clues were there for those wanted to see.
So you use Window and Defender and you now have no worries about your privacy?
Good luck. :)


Title: Re: Official statement on the recent news about privacy
Post by: davexnet on February 08, 2020, 08:27:57 PM
There are those on the forum who have so much emotional attachment wrapped up in avast
that to contemplate their wrong doing is painful, a kind of cognitive dissonance.
They handle the conflict by denying and minimizing the uncomfortable information.

What should be the typical users reaction?  My own opinion, these days, would be a healthy skepticism
to any third party A/V - Let's be honest, users' data is now big business ($$$). 

We can open hope avast is true to their word going forward.  It doesn't excuse their previous selling
of the data.  The clues were there for those wanted to see.
So you use Window and Defender and you now have no worries about your privacy?
Good luck. :)
What privacy? Collecting my browsing history so I can be targeted with certain advertising?
Stealing my credit card or bank information? Blackmailing me because I visited an adult site?

I still use avast free in an old XP box, version 17.3.2291.  Two or three programs I still use there, but almost no
web browsing - maybe participation in a forum or two, but no web activity where any important info is exchanged.

We do our main web access from a Windows 8.1 PC, and yes, we do use Defender.  I use Firefox
with uBlock Origin and trackers blocked.  But even still, I'm not that naive; I'm under no illusion that my web browsing
will necessarily remain private - let alone whether or not any data collected will be sold.

Are you suggesting avast users data remained private?  How did that work out?
Title: Re: Official statement on the recent news about privacy
Post by: bob3160 on February 08, 2020, 08:55:20 PM
There are those on the forum who have so much emotional attachment wrapped up in avast
that to contemplate their wrong doing is painful, a kind of cognitive dissonance.
They handle the conflict by denying and minimizing the uncomfortable information.

What should be the typical users reaction?  My own opinion, these days, would be a healthy skepticism
to any third party A/V - Let's be honest, users' data is now big business ($$$). 

We can open hope avast is true to their word going forward.  It doesn't excuse their previous selling
of the data.  The clues were there for those wanted to see.
So you use Window and Defender and you now have no worries about your privacy?
Good luck. :)
What privacy? Collecting my browsing history so I can be targeted with certain advertising?
Stealing my credit card or bank information? Blackmailing me because I visited an adult site?

I still use avast free in an old XP box, version 17.3.2291.  Two or three programs I still use there, but almost no
web browsing - maybe participation in a forum or two, but no web activity where any important info is exchanged.

We do our main web access from a Windows 8.1 PC, and yes, we do use Defender.  I use Firefox
with uBlock Origin and trackers blocked.  But even still, I'm not that naive; I'm under no illusion that my web browsing
will necessarily remain private - let alone whether or not any data collected will be sold.

Are you suggesting avast users data remained private?  How did that work out?
I personally really didn't care. I knew a long time ago that there is no privacy on the internet.
Title: Re: Official statement on the recent news about privacy
Post by: schmidthouse on February 08, 2020, 09:54:39 PM
There are those on the forum who have so much emotional attachment wrapped up in avast
that to contemplate their wrong doing is painful, a kind of cognitive dissonance.
They handle the conflict by denying and minimizing the uncomfortable information.

What should be the typical users reaction?  My own opinion, these days, would be a healthy skepticism
to any third party A/V - Let's be honest, users' data is now big business ($$$). 

We can open hope avast is true to their word going forward.  It doesn't excuse their previous selling
of the data.  The clues were there for those wanted to see.
So you use Window and Defender and you now have no worries about your privacy?
Good luck. :)
What privacy? Collecting my browsing history so I can be targeted with certain advertising?
Stealing my credit card or bank information? Blackmailing me because I visited an adult site?

I still use avast free in an old XP box, version 17.3.2291.  Two or three programs I still use there, but almost no
web browsing - maybe participation in a forum or two, but no web activity where any important info is exchanged.

We do our main web access from a Windows 8.1 PC, and yes, we do use Defender.  I use Firefox
with uBlock Origin and trackers blocked.  But even still, I'm not that naive; I'm under no illusion that my web browsing
will necessarily remain private - let alone whether or not any data collected will be sold.

Are you suggesting avast users data remained private?  How did that work out?

I personally really didn't care. I knew a long time ago that there is no privacy on the internet.

Yeh I second that
Privacy on the internet, there's an illusion for you ;D
Title: Re: Official statement on the recent news about privacy
Post by: jraju on February 12, 2020, 01:34:30 AM
HI, bob, i am not scamming. It is not nice words from you.
What i tried in web to know about jumpshot, is nothing but it is a subsidiary of avast.
Personal dislike does matter in kinds of data stealilng.
I think that you are spamming the forum, by just attempting to say that other users are spamming.
Title: Re: Official statement on the recent news about privacy
Post by: Frags on February 12, 2020, 03:54:54 PM
It was the right move to shut Jumpshot down, but it shouldn't haven taken reputation damage for it to happen.

The Czech data protection authority have now launched an investigation ("There is a suspicion of a serious and extensive breach of the protection of users’ personal data.") More here (https://www.vice.com/en_us/article/3a8vjk/czech-data-protection-authority-investigation-avast-jumpshot).

I also want to highlight that Avast is still breaking GDPR with its updates. After getting the update pop-up a few days ago i went to check the privacy settings and the boxes, again, are pre ticked to share data (screenshot attached). This is twice this has happened. I unticked these boxes recently after finding they were ticked after the previous update. They were ticked again.

The Information Commissioner's Office makes it clear: "Consent requires a positive opt-in. Don’t use pre-ticked boxes or any other method of default consent."

Sort it out!
Title: Re: Official statement on the recent news about privacy
Post by: Asyn on February 12, 2020, 04:15:43 PM
I also want to highlight that Avast is still breaking GDPR with its updates. After getting the update pop-up a few days ago i went to check the privacy settings and the boxes, again, are pre ticked to share data (screenshot attached). This is twice this has happened. I unticked these boxes recently after finding they were ticked after the previous update. They were ticked again.
-> https://forum.avast.com/index.php?topic=231125.msg1535562#msg1535562
Title: Re: Official statement on the recent news about privacy
Post by: jraju on February 13, 2020, 06:39:23 AM
Hi, Frags, thanks for the link.
This is what the govt is doing.
there is no word from avast , of the action taken on jumpshot on the breach of users data.
i thought , that avast cares more above privacy of users data only for evaluation and further fix  purposes.
Selling users data and some users saying in this forum , that nothing is secret these days comments are not at all digestable.

hackers stealing data is on the dark side, what to say of sellilng it openly
Title: Re: Official statement on the recent news about privacy
Post by: jf22 on March 13, 2020, 04:51:00 PM
I rarely visit the user forum but did so because of another matter. I noticed this thread and read the comments. This led me to find the location on my Avast Free Antivirus application where the opt-out, opt-in shared data check boxes are listed. Mine were already checked for opt in. I definitely didn't check them. I therefore unchecked them.

My question is, how soon does unchecking the boxes go into effect? Do I need to do anything else such as restart my computer, etc? Thank you.
Title: Re: Official statement on the recent news about privacy
Post by: bob3160 on March 13, 2020, 05:12:08 PM
I rarely visit the user forum but did so because of another matter. I noticed this thread and read the comments. This led me to find the location on my Avast Free Antivirus application where the opt-out, opt-in shared data check boxes are listed. Mine were already checked for opt in. I definitely didn't check them. I therefore unchecked them.

My question is, how soon does unchecking the boxes go into effect? Do I need to do anything else such as restart my computer, etc? Thank you.
Immediately. No need to restart the system.
Title: Re: Official statement on the recent news about privacy
Post by: jf22 on March 13, 2020, 05:19:40 PM
Thank you for the prompt reply.
Title: Re: Official statement on the recent news about privacy
Post by: bob3160 on March 13, 2020, 06:23:17 PM
Thank you for the prompt reply.
You're welcome.