AV-TEST scrutinizes privacy policies of security software
A study by AV-TEST reveals shortcomings in the privacy policies of security software. Many programs' terms are difficult to understand and grant manufacturers broad rights to collect user data.
14 July 2026

<table><tr><td><img src="https://www.av-test.org/fileadmin/News/Pictures/2016/2016_09_datenschutzerklaerungen.jpg" width="200" alt="Data protection or virus protection?"></td><td><div><h2>AV-TEST scrutinizes privacy policies of security software</h2><p><strong>Darmstadt, Germany โ September 22, 2016</strong> โ Security software manufacturers promise protection against viruses and privacy breaches alike. However, a review by German research institute AV-TEST shows that their privacy policies are often unclear and grant companies extensive rights to collect user data.</p></div></td></tr></table><p>Modern internet security software has evolved beyond mere virus protection to offer comprehensive safeguards. These programs aim not only to defend computers and data against malware and hacking attempts but also to protect online accounts and social media profiles. To fulfill these functions, security software requires broad access to the user's system and, consequently, their private data.</p><h3>Users Accept Terms Without Reading</h3><p>The analysis revealed that privacy policies are frequently lengthy and complex, making them difficult for the average user to comprehend. A 2014 study indicated that 53% of users accept terms and conditions without reading them during software installation. AV-TEST's review specifically examined the rights software manufacturers reserve for themselves regarding data collection, its usage, and users' ability to restrict this collection.</p><h3>Extensive Rights for Data Collection</h3><p>The study focused on the types of data manufacturers claim access to, the permissions they assert for data utilization, and the rights granted to users to prevent or limit data gathering. Various categories of collected data were identified, including information about the user, their behavior on the device, and the device itself. The policies of 26 software packages were reviewed, with two lacking any privacy statements. AV-TEST suggests that many manufacturers' policies do not provide sufficient assurances that collected data will be used solely for the promised protection, potentially rendering users' trust in these software's promises unfounded.</p>
Original source: av-test.org