AVG's updated policy, which comes into effect October 15, says it will sell "non-personal" data including web browsing history, search query history and metadata to third parties in order to "make money from our free offerings so we can keep them free". AVG's 'free' Antivirus software is profiting off your data. Credit:AVG For anyone who's been following recent debates here in Australia over data retention and privacy, this should be ringing alarm bells. The ability to transform apparently anonymous data into personal, identifying information when viewed in bulk has been well demonstrated by privacy advocates, from German politician Malte Spitz to Australia's David Leyonhjelm, and journalists Will Ockenden, Ben Grubb and Nick McKenzie. AVG classifies "non-personal data" as:

Advertising ID associated with your device;

Browsing and search history, including metadata;

Internet service provider or mobile network you use to connect to our products; and

Information regarding other applications you may have on your device and how they are used. Other data the company considers non-personal include "approximate location", zip code (or postcode), area code, time zone, and the URL (web address) users come from to reach its products It's not clear what AVG classifies as metadata, though generally this can be assumed as location data and basic information about web activity. Browsing history can reveal an awful lot, as the tracking down of "AOL Searcher No. 4417749" nearly a decade ago made all too clear. Worryingly, AVG says it will use so-called non-personal data to build "anonymous" data profiles, which it may then sell. The company does in fact acknowledge that "sometimes browsing history or search history contains terms that might identify you", and says it "will treat that portion of your history as personal data, and will anonymise this information" if it becomes aware that a "part of your browsing history might identify you".