Transparency report
Last updated: November 3, 2020
Avast believes in full transparency and protecting our customers’ privacy.
Avast provides products under the Avast, AVG and HMA! brands globally. The privacy policies that cover these products can be found here:
We are publishing our fourth transparency report to provide details into all government requests seeking access to Avast customer data that we received in 2020. We are also publishing a Warrant Canary on a quarterly basis. We want our users to have visibility about the types of government agency requests we receive, the frequency of requests, and the disclosure rate.;
Our policy is to give data only when compelled by law.
Here is the summary of requests:
| Year |
Product |
Number of Request for User Information |
Number of Disclosures of User Information |
Disclosure Rate as Percent of Requests |
| 2017 |
SecureLine VPN |
28 |
1 |
4% |
|
HMA! VPN |
102 |
40 |
39% |
| 2018 |
SecureLine VPN |
79 |
1 |
1.27% |
|
HMA! VPN |
155 |
5 |
3.23% |
| 2019 |
SecureLine VPN |
45 |
1 |
2.22% |
|
HMA! VPN |
85 |
2 |
2.35% |
| 2020 |
SecureLine VPN |
34 |
0 |
0.00% |
|
HMA! VPN |
76 |
2 |
2.63% |
- Law Enforcement Agencies: All requests that we have received to date were from law enforcement agencies, such as police departments, conducting criminal investigations.
- Avast SecureLine VPN product: We received 34 requests from law enforcement agencies from the following countries: Czech Republic (9 requests), France (7 requests), Italy (1 request), Germany (2 requests), Spain (4 requests), United Kingdom (4 requests), Belgium (1 request) and the United States (6 requests). For all 34 requests, no data was disclosed.
- HideMyAss! (HMA!) VPN product: We have had 76 requests from law enforcement agencies. The countries that requested data for criminal investigations were United Kingdom (13 requests), United States (16 requests), Spain (5 requests), Germany (9 requests), Belgium (1 request), Brazil (1 request), Czech Republic (11 requests), France (15 requests), Hungary (2 requests), Singapore (2 requests), Italy (1 request). From these requests, we disclosed data 1 time in the United Kingdom and 1 time in the United States. The data we disclosed in these instances were root IP addresses and email addresses.
