Avast should not be recommended.
In late 2019, Avast browser extensions were found to collect user data, including browsing behavior and history, and send it to a remote server. The discovery led to the extensions of the Avast and AVG brands being temporarily removed from the Google Chrome, Firefox and Opera extension stores, however, they returned a short time later as there was no concrete evidence that demonstrated a breach of private data of the users.
In January 2020, a joint investigation by Motherboard and PCMag found that the Avast Antivirus and AVG AntiVirus Free version were collecting user data, which was being resold to personalize advertising through a subsidiary, Jumpshot. The leaked documents showed that Jumpshot offered to provide its customers with “Every search. Every click. On every site.” from more than 100 million compromised devices. In response, Avast announced on January 30, 2020, that it would immediately shut down Jumpshot and cease all operations due to the backlash of its users’ data privacy.
On the basis of the information revealed, on 11 February 2020 the Czech Office for Personal Data Protection announced that it had initiated a preliminary investigation.
In February 2024, the Federal Trade Commission fined Avast $16.5 million for collecting user data and reselling that data. The collection was done under their program to ensure that such collection of user data was not happening.
I hope they exclude Snap from the default installation. Don’t want an OS with built-in support for Canonical’s closed source app store service when Flatpak is decentralized and FOSS on the server side.