Viruses, Internet Security, the First Amendment, Eliott Spitzer, and Escort Services

The alternative headline was going to be “Who Pimped My Internet Security Product Testing?”, but common sense won out.

In 2002, then New York State Attorney General Eliott Spitzer won a case against Network Associates’ McAfee subsidiary regarding a “censorship clause” in some of the company’s Eula’s (End User Licensing Agreements). The clause stated that customers could not publish product reviews or results of benchmark tests without permission from the company.

New York State Supreme Court Justice Marilyn Shafer issued a ruling, prohibiting Network Associates/McAfee from trying to use end-user license agreements to ban product reviews or benchmark tests. http://news.cnet.com/2100-1023-981228.html

Eliott Spitzer became governor of New York State 2007. He resigned in 2008 when his name became affiliated with an investigation being done on a high end escort service. It’d be a cheap shot to mention the v word here! Spitzer will be joining with Pulitzer Prize winning newspaper columnist Kathleen Parker on CNN this fall. Quite a trick on his part. From high end call girls to cable.

If an antivirus and internet security provider is willing to collect revenue from customers for its product, they should be willing to have the product tested, benchmarked, and/or reviewed without making the test organization jump through a lot of hoops or “hinting” that something may happen if the test group vary from what they say on the form. If a vendor is willing to allow customers to download its product for free, the same holds true.

One security vendor’s website and their EULA for testing and benchmarking states in part - “You agree that the testing/benchmarking results will only be used as specified by you in this form and for no other purpose whatsoever. …reserves the right to use its sole discretion in denying your request as a whole or in part.” The EULA requires information about the method and purpose of testing, among other details.

It’s all related to that First Amendment thing on the west side of the pond. Freedom of speech and freedom of the press. Vendors cannot be expected to be able to examine complete test plans in advance. Results could originally be posted on a web site, then appear in a print article, be written about in blogs, etc. This doesn’t waive the requirement that the testers utilize best practices. Vendors should not consider it their right to review results in their entirely before publication and then back out if they don’t like the test results or text of the article. Test organizations and reviewers should be willing to allow vendors to vet feature check lists and pricing if these are part of the article.

Vendors should be able to exert more influence over a test being performed when a product is in beta. If a new version of the product is going to be released before the article is published, discussions would have to take place. These issues with dates cannot be helped sometimes, due to release schedules, and publication deadlines. For example, it may be unfair to the vendor (and the customer), if a group review is published for example and an older version of the product is compared with competitors’ current releases. They can’t use the phrase “we’re in beta” ad nausea, though. When results are online, publications/reviewers should make the effort to footnote the article, should a new version be released.