Judge orders NAI to revamp licence agreement
A US judge has ordered Network Associates (NAI) to stop placing restrictions on what its customers can say about its products.



From forensic cyber to encryption: InfoSec17
Security technologist Bruce Schneier’s insights and warnings around the regulation of IoT security and forensic cyber psychologist Mary Aiken’s comments around the tensions between encryption and state security were the top highlights of the keynote presentations at Infosecurity Europe 2017 in London.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.
The ruling prohibits NAI from "distributing, advertising and selling its software" with language that prohibited customers from disclosing the result of any benchmark tests to any third party without the company's written approval, or publishing reviews of its products without NAI's consent.
Those restrictions appeared on NAI's software diskettes and on the company's Web site, from which customers can download software. NAI is the parent company of McAfee Security and Sniffer Technologies.
Last February, attorney general Eloit Spitzer filed a suit against NAI contesting the legality and enforceability of such clauses. Spitzer alleged that the language in NAI's licensing agreement violated the media's and consumers' first amendment rights to free speech, as well as their fair use rights.
"Being able to censor speech and criticism about software precludes academics, consumers and experts from openly and freely discussing software products. This is important because we think it is the first ruling of its kind," said a spokesman for Spitzer.
The judge also required NAI to provide it with evidence of its sales so that the court can set penalties and costs.
In striking down the restrictive clause as "deceptive" and "not merely unenforceable", the judge said that on at least one occasion NAI had used it to quell a critical review.
That review, published in 1999 had compared NAI's Gauntlet firewall software unfavourably with five other firewall products.
Spitzer described how NAI had demanded a retraction of the negative review, citing the language of the now-prohibited clause. The magazine concerned refused to make the retraction.
NAI legal counsel Kent Roberts disputed the judge's ruling that the clause was deceptive.
"We just wanted to make sure that people had the latest product and were getting the best information for testing and reviewing," Roberts said. "We have great difficulty understanding how the clause is deceptive, and for that reason we are appealing the judge's decision."
Roberts added that even before Spitzer filed his lawsuit, NAI had changed the language of its licensing agreements to "suggest" rather than "direct" reviewers to contact the company. Roberts also said NAI never tried to stop any bad reviews of its products.
Read more on IT risk management
-
Why businesses must think like criminals to protect their data
-
Security Think Tank: Use awareness, education and controls to halt cryptojacking
-
Security Think Tank: Awareness is a good starting point to counter fileless malware
-
Security Think Tank: Human, procedural and technical response to fileless malware
Start the conversation
0 comments