I want to explain some things in regards to this thing. People seem to be freaking out like it’s end of the world and I have a feeling 3/4 of them don’t even understand what’s going on, they are just jumping on the rage bandwagon. For TLRD, scroll down and skip the next two paragraphs.
I do have to admit this is pretty bad fuckup on avast!’s end and it was just a question of when it’s going to happen. I’ve been long time avast! supporter since it’s quite early days when it was still a relatively small company. It felt like family run company, team was super invested into actually listening to users and while it had some issues like unusual fancy interface and detection that wasn’t the best of the best, everything felt genuine and their top priority was product quality and user satisfaction. Fast forward to now and all their company seems to care is profits, profits, profits and again profits. I guess that’s what always happens when you get investors from outside, all they care is money and they always do it in most desperate ways. Selling user data is one of them…
As evident from investigation by PCMag and Motherboard. avast! of course responded with their official response and blog post, but I don’t think this will fix much. Damage has been done and to my surprise, they don’t seem to understand or care how quickly you ruin your reputation that took decades to build up. Coz if they cared, it wouldn’t even cross their mind to do it like this. Or have a whole freaking subsidiary that deals with data selling.
So, yes, they were selling user data and although they say it was anonymized, it was a dick move. But there is no need to be totally freaking out and uninstalling avast! like it’s end of the world. After all, avast! does have a very good detection and that’s what we use antiviruses for.
- If you were/are only using avast! Antivirus without any browser extensions, you are NOT affected.
- If you were/ are using avast! browser extensions, but you have disabled Data Sharing in extension settings, you are NOT affected.
So, chances are, some users who weren’t using their browser extensions or had data sharing disabled, it’s like nothing happened. It’s a black mark in their rap sheet, but I’d still consider their antivirus. One coz they can’t afford another such fuckup and second, because it’s good and if you opt out from data sharing like I’ve always done, it’s still a good option. I never understood or liked sharing of data beyond protection one in antiviruses. Be it avast!, Kaspersky, Bitdefender or any other.
But ultimately, it’s up to you to decide whether you want to stay in this “relationship” or use something else…
I got some extra info from a Reddit user that data collecting was also involved with antivirus alone through Web Shield component (at least per their EULA which I haven’t analyzed to such depth). Which means users not even using browser extensions could be affected unless data sharing was also disabled in antivirus itself. Which is what I’ve always done right away after installing avast!, but I can imagine millions of casual users not doing that.
I just got a reply from avast! employee on their forums that Web Shield in desktop versions of avast! was not involved in data collection. Data collection only affected mobile version of avast! Web Shield assuming you had data sharing enabled. If you didn’t, then you weren’t affected either.