To all our valued stakeholders – customers, partners, employees and investors,
I’d like to take this opportunity and address the situation regarding Avast’s sale of user data through its subsidiary Jumpshot. Avast’s core mission is to keep people around the world safe and secure, and I realize the recent news about Jumpshot has hurt the feelings of many of you, and rightfully raised a number of questions – including the fundamental question of trust.
As CEO of Avast, I feel personally responsible and I would like to apologize to all concerned.
Protecting people is Avast’s top priority and must be embedded in everything we do in our business and in our products. Anything to the contrary is unacceptable.
For these reasons, I – together with our board of directors – have decided to terminate the Jumpshot data collection and wind down Jumpshot’s operations, with immediate effect.
To understand why we have come to this decision, let me give you some context. We started Jumpshot in 2015 with the idea of extending our data analytics capabilities beyond core security. This was during a period where it was becoming increasingly apparent that cybersecurity was going to be about big data. We thought we could leverage our tools and resources to do this more securely than the countless other companies that were collecting data.
Jumpshot has operated as an independent company from the very beginning, with its own management and board of directors, building their products and services via the data feed coming from the Avast antivirus products. During all those years, both Avast and Jumpshot acted fully within legal bounds – and we very much welcomed the introduction of GDPR in the European Union in May 2018, as it was a rigorous legal framework addressing how companies should treat customer data. Both Avast and Jumpshot committed themselves to 100% GDPR compliance.
When I took on the role as CEO of Avast seven months ago, I spent a lot of time re-evaluating every portion of our business. During this process, I came to the conclusion that the data collection business is not in line with our privacy priorities as a company in 2020 and beyond. It is key to me that Avast’s sole purpose is to make the world a safer place, and I knew that ultimately, everything in the company would have to become aligned with our North Star.
While the decision we have made will regrettably impact hundreds of loyal Jumpshot employees and dozens of its customers, it is absolutely the right thing to do. I firmly believe it will help Avast focus on and unlock its full potential to deliver on its promise of security and privacy. And I especially thank our users, whose recent feedback accelerated our decision to take quick action.
This change represents a new chapter in Avast’s history of keeping people around the world safe and secure. We’re excited to demonstrate our commitment to innovation and security priorities – with a singular focus in 2020 and beyond. Thank you for your continued support and the trust you are putting into us. We will not disappoint.
In the eighth episode of our podcast Avast Hacker Archives, security expert Dave Aitel demystifies the NSA, explains the fallacy of the term “zero-day,” and tells Avast CISO Jaya Baloo what started him down the hacker’s path.
In the seventh episode of our podcast Avast Hacker Archives, Avast CISO Jaya Baloo talks with Phil Zimmermann, creator of the PGP email encryption package and longtime activist for privacy and human rights.