I want to install Avast 7 Free , but i have read the EULA of Avast.
It says that personal information gathered will be send to partners , distributors , agents etc , how is that caring for the user’s privacy ?
And if u use Webrep it will see all sites u visit and all google searches etc.
And it also can send the personal information to other country’s , that maybe have less protective data laws , so AVAST doesnt take responsibility , if you send personal information , make sure their privacy policy is similar to Avast policy , not worse.
So if i care a little about my privacy , why should i use Avast ?
Ive read other eula’s from other antivirus vendors , and some do NOT send information to third party’s , why Avast cant be like that , instead it is going the GOOGLE direction.
I’m not exactly sure what is it needed to comment when EULA explains it pretty well. The info stated above the line mentioned by you explains what may be gathered (exactly). It just says your data may also go through avast! distributors or agents. This only means that if you bought your copy of avast! through distributor, some of the info might go through him. But doesn’t explicitly says it will always go that way. Pretty much all the data that goes to the avast! lab directly is out of limit for anyone else, including distributors or any other avast! affiliate. Only the HQ can access that data and i’m quite sure not just about anyone but just the staff that works with that (ie virus lab).
But about that it is sending information to other country´s who not may have high protective privacy standards , why not make sure if you send information , that their privacy policy is similar as that of Avast ( not that it is perfect but )
It is not that you cant make a living if you dont send out personal information to the whole world , i mean i know a antivirus vendor who has 1 of the best signatures and they dont send personal information to third party’s.
They use all the information collected , only to make themselfs better as a product , not in their wallet.
So my opinion is to care more about the users privacy , and not only caring about the wallet.
Avast has tons of users , they can make the product very good without acting like google.
I have been using Avast for almost 4 years, and have never had major problems, nor felt the need to register on the forum to ask questions or register a complaint, however in reading the EULA for the latest version of the software, I just had to register so that I could post my concern about this document.
The Avast 7 EULA (for all versions, not just the freeware) is vastly more intrusive than the EULA & Privacy Policy from version 6 (they were separate documents then). Anyone who is concerned about their privacy should carefully read section 8 (especially sections 8.3 & 8.4 about emails, section 8.9 about WebRep, as well as the paragraphs following the numbered list of what information is collected, which describes who could be given this information). The use of ambiguous terms/phrases like:
“The information collected by the Software is generally not correlated with any other personal information…”
and
The collected information may be transferred to third parties or to other countries that may have less protective data protection laws than the country or region in which you are situated (including the European Union). AVAST takes measures to ensure that any collected information will receive an adequate level of protection if and when transferred.
(my boldface emphasis)
is so vague that Avast could argue that the agreement promises no privacy protection at all.
I’ve already discussed this with people from my company’s IT and Legal departments, and if this EULA stays as is, it is doubtful that we will upgrade to version 7 or purchase future licenses. I would be surprised if most companies (who bother to read the EULA) would agree to this document. I still haven’t decided about whether I will upgrade my personal copy to version 7 (but it looks doubtful).
I am stunned (and saddened) by this massive change in the agreement.
PrivacyMatters, adequate means the maximum we can handle it.
Privacy concerns to us and we take it seriously.
If you do not trust in your security company, you won’t trust in the product.
First of all, I have to offer respect that anyone actually read the EULA, its nice to feel a little less weird.
Second…if you are going to compare other countries to the EU’s standards of privacy, almost all are going to look inadequate. Eu’s privacy standards are some of the strictest in the world.
That aside…you have to expect this out of anything with privileges as high as an anti-virus that incorporates cloud features. It is basically a legal disclaimer saying in short “we can only do so much”. And honestly, as far as someone snooping on the data sent, have you looked at it? (C:\Program Files\AVAST Software\Avast\Setup\setup.log) Its pretty cryptic.
@PrivacyMatters…if your “company” is big enough to have an IT department, shouldn’t you be using an Avast! business product? Business Product tend to fit business needs (like more privacy) better than consumer ones.
We do have a corporate license. In fact I was the one who recommended Avast over another product (which shall remain nameless) that we had been using for many years (to clarify, it’s not my company, I’m just an employee there).
And as I mentioned in my first post, the changes to the EULA apply to “all versions, not just the freeware”. As far as I can see, section 8 is identical for the corporate and consumer licenses, and is almost the same for the freeware (in the freeware license, it just looks like a few paragraphs were re-arranged, but the content seems to be the same).
Could you tell me why my post caused a green “! Watched” icon to appear in the forum near my account name? According to Simple Machines (who wrote the forum software):
Watched Members provides a simple interface to keep an eye on troublesome members and problem instigators.
Is simply mentioning my concern about privacy issues, and telling users to read the EULA terms for themselves enough to consider labeling me a “troublesome member” or “problem instigator”?
EDIT: I now see that Pindakaas has earned the same “Watched” label. I’m proud to be sharing it with her/him!
PrivacyMatters, it’s the tone and attitude that is not we - avast team and other old users - expect.
Weren’t you answered in your concerns about privacy?
Right , most people will just click next if installing Avast but ok.
Most people will just trust Avast to do the right thing by clicking next.
Most people dont bother reading the EULA , maybe they dont care or they just dont think about it , my opinion is just to make the privacy policy of Avast actually a ‘‘privacy’’ policy.
I mean by that , to make it a little more privacy heavy.
Tech, your assurances in the forum are fine, but I and (especially) the company I work for have to go by what we agree to in writing. And the written EULA does not make me feel comfortable with Avast’s protection of our privacy. Especially given how much it has changed from the privacy policy in previous versions. Here’s the link to the privacy policy for version 6: http://www.avast.com/privacy-policy. Compare that to the privacy section in the new EULA, they are (as I said before) vastly different.
To igor, the phrase you quoted is contradicted by other sections in the agreement - the “generally” phrase I mentioned before, and especially section 8.3:
8.3 Information about the sender and subject of emails identified by the Software as potentially infected, together with the information on the nature of identified threats;
I find it hard to see how this can be done truly anonymously. And it’s not just incoming email, Avast can scan outgoing email as well, which then identifies me as the sender. Even if the sender’s name isn’t used, combining an IP address with the subject of an email and providing that information to anyone other than the intended recipient of the email crosses a line that I’m not comfortable with.
Look, other people may be totally fine with this. But as has been stated by others, most people don’t bother to read the EULAs, and I’m just suggesting that people carefully read the EULA for themselves and make their own decision.
The layers have the final word. The EULA must apply to all countries around the world and all situations.
But, what matters to me and all avast users is what avast do with any information and how could it handle it privately.
The seriousness of the company is what concerns. The trustfulness of our users.
But, for sure, if you don’t trust in your security company, it is better to move.
List of IP addresses and e-mail subjects would certainly appear rather personal to me, too (but before you said that, something like that has really never cross my mind… I mean, e-mails and their subjects are hardly of any interest. Anything like building a list of sent/received e-mail is certainly not done, besides the privacy issues, what would it be good for?)
If the IP addresses are used for anything, then it’s some geographical distribution of something (i.e. statistics). Single IP address is irrelevant (and the pure amount of data basically prevents the exact matching you might be imagining).
My guess (but it’s my personal opinion, I didn’t know that the EULA has been changed anyhow) is that the change is simply the lawyers trying to avoid any possible liability for any unexpected/hypothetical future problems (after all that’s what EULAs are generally for, right?). The previous EULA has been written a long time ago by who knows who… and probably needed some “facelift”.
I’m certainly not aware of any changes in data processing, and I believe no non-agregated (i.e. identifiable) personal information should be given to anyone (with the exception of the registration data for the reseller you purchased the license through, if they already don’t have that info).
But I can understand that what I’m saying doesn’t really change what is written there.
Maybe for investigation , if it is requested by a law order , or other investigation by other company’s who might have some use for it ( marketing wise )
Well, that’s quite a hypothetical scenario… if we were really ordered something like that by the law, I don’t know if they would ask us whether our EULA permits that. But the user would already have to be identified somehow (we couldn’t really enable such logging for all users, the servers wouldn’t survive such load), and releasing a special program version just to handle a particular user… I really don’t think that would happen. If this is your only worry about that, then you can sleep peacefully
As for marketing… I can imagine using some of the information we already have for our own marketing, but selling users information to 3rd party companies, for unrelated marketing, that would IMHO be way over the line a security company could do. And as I said, the user base is big and the servers have limited resources (not mentioning the subsequent processing), so adding submissions of unrelated stuff (at the expense of the needed information - false alarms, malware/heuristic detections etc.) is rather unlikely.