If you own a Windows computer, chances are you’ve installed some sort of anti-virus program. At least I hope you have. One of the more popular programs of this sort is AVG Anti-virus. I have it on my old Windows machine and I’ve installed it on my parents’ laptop. AVG recently updated their privacy policy and it’s caused a bit of a fracas. It also raises some important issues for the rest of us. 
Let me say at the outset that the manner in which AVG presents their new policy should be a model for the rest of us. You can (and should) read it here. It is clear, written in plain language that doesn’t require the reader to be either a lawyer or a technical person. Not only do they explain what data they are collecting but also why they are collecting it. I bet you can’t find another privacy policy that does so as well as this one does.
So what has happened as a result of AVG trying to be good corporate citizens? They are getting reamed. There have been many negative articles and thousands of negative posts written (this thread on reddit is particularly nasty). You see, AVG made one large change in the policy, which is that it now involves keeping the browsing history of its users and selling the data to third parties. They actually were collecting most of this data before except there was no mention of selling it to anyone for commercial purposes.
The PC World piece on the controversy summed it up nicely:
AVG’s new policy illustrates exactly why companies tend to drown their data collection practices in legalese. There’s no penalty for doing so, and being transparent only invites more outrage. In that sense, AVG at least deserves credit for helping users make informed decisions. Still, the idea of an anti-virus program tracking and monetizing your browsing history is unnerving, and if anything AVG ought to clarify that point further as it finalizes its new privacy policy.
So I’m at a loss here. Is it a better idea to confuse your customers? Is it good practice to be a little less transparent? I don’t think either of those are true. Are we all still so naive that we believe all the tracking information companies gather about our every move (and this is true about your mobile device usage too!) is just for their own information so that they can make our user experiences better? Sure, AVG makes it possible to opt out of some of this, but do we really think most people will read the new policy and do so?
I guess the real question becomes is honesty still the best policy? What’s your take?
Consult Keith 