Antivirus software maker Avast passed personal data to Jumpshot without obtaining users’ consent. By doing so, it violated the General Data Protection Regulation and must now pay a fine of around €13.9 million.

The European Data Protection Board states in »Czech SA imposed fine of 13.9 million EUR for infringement of Art. 6 and Art. 13 of GDPR«:

The LSA concluded that internet browsing history, even if not complete, may constitute personal data, since re-identification of at least some of the data subjects could occur. The controller’s infringement is even graver considering that it is one of the foremost experts on cybersecurity that offers tools for data and privacy protection to the public.

You can read the full story at »Leaked Documents Expose the Secretive Market for Your Web Browsing Data«.

The text was automatically translated from German into English. The German quotations were also translated in sense.