According to Wladimir Palant, “The amount of data that is being collected and sent is beyond the scope of necessity for the extension to function, especially when compared to other solutions from competitors such as Google Safe Browsing.” In the month of October this year, it was revealed by Wladimir Palant that Avast and AVG browser extensions available on various web browsers were found to be collecting user data that could be utilized to reconstruct the user’s web browsing history and browsing behavior. This was considered a direct violation of the user’s privacy. Below is the detailed list of the user data sent to Avast servers:
Page titleComplete the web URL of the visited page, including the query and anchor data.Referrer URLThe way you arrived upon the landing page of the website like did you directly enter the web link of the page or whether you were routed from some other source like social media ad, or did you use a bookmark, etc.Country codeThe data is collected in such a way that it can even be identified if a user is a first visiter on the concerned webpage or revisitor, through a particular identifier value.Your system-level data is also identified and sent over to the servers like the operating system you are using along with the version number.The browser name and the exact version number.The web browser extension is also capable of capturing the UID (unique user identifier) that is generated by the extension for tracking.
After such reports, Opera and Mozilla Firefox removed the extensions belonging to Avast and AVG. Google recently joined the bandwagon and as per reports from media channels, they have already removed Avast SafePrice, Avast Online Security, and AVG SafePrice from the Chrome Web Store but have retained AVG Online Security extension at the moment. Read More: Google Chrome Will Notify You When You Visit a Website That Loads Slowly Avast and AVG are well-known software security providers and they currently have around 400 million users. Avast Software SRO owns both Avast and AVG brands. While no official response from Google has been received so far, Avast did admit gathering user data; however, they have justified it by claiming that they need the data for advertisement purposes. They have also rationalized the data collection activity by claiming that this would not impact their users since they retain the data anonymously. It is to be also noted that the major web browsers have only removed the browser extensions but not blocked the security products. Therefore, it is going to be available to current users. Image Source: The Hacker News