Symantec hit with class-action lawsuit over auto-renewals
N.Y. man claims Symantec didn't tell him before charging his card, as 2009 settlement required
Computerworld - A New York man has sued security software maker Symantec for automatically renewing his subscription to Norton Antivirus, alleging that the company did not notify him before charging $76 to his credit card.
The lawsuit comes seven months after the New York Attorney General's office fined Symantec $375,000 for the practice and ordered it to give notice before renewing any subscription.
According to the lawsuit filed Jan. 19 in a New York County court, Kenneth Elan of Port Washington, N.Y., purchased a copy of Norton Antivirus in 2007. Early in November 2009, Symantec told him that it had automatically renewed his license to the software for one year, and charged his credit card $76.03. Elan said he had not been notified prior to the charge hitting his card.
Symantec's security software typically comes with a one-year license, which includes a subscription to new malware signature updates. When that initial signature subscription expires, consumers must renew to continue to receive anti-malware updates.
Many antivirus vendors enroll customers in automatic renewal programs when they purchase or activate the software, claiming that it's the only way to guarantee that users stay protected against new threats. Symantec started doing so in 2005, while rival McAfee began four years earlier.
But last June, New York Attorney General Andrew Cuomo announced that his office had reached a settlement with Symantec and McAfee over consumer charges that the companies didn't get users' approval to automatically bill them, and had made it difficult for customers to opt out or obtain refunds. Symantec and McAfee paid $375,000 each in penalties, and said they would clarify subscription renewal costs, and refund fees to consumers who asked for them within 60 days of being charged.
Symantec and McAfee also agreed to "provide electronic notification to consumers before and after renewal of the subscription," Cuomo's office said at the time.
The 2009 deal did not ban automatic subscription renewals, however.
Elan's lawsuit claimed that Symantec had not abided by the settlement. "Prior to the automatic renewal, defendant failed to offer plaintiff an opportunity to decline to renew the license for another year," the lawsuit maintained. "If plaintiff had notice of an opportunity to decline the automatic renewal, plaintiff would not have renewed the license."
Last July, Cuomo said the settlement with Symantec and McAfee meant that they could not longer "hide the ball with renewal fees."
Elan charged Symantec with deceptive business practices and unjust enrichment, and asked the court to make the company refund all fees generated by automatic renewals. He also asked the court to grant the lawsuit class-action status, which would open the case to a potential pool of thousands.
Symantec has not yet responded to Elan's lawsuit, according to court records.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer or subscribe to Gregg's RSS feed . His e-mail address is email@example.com.
Read more about Security in Computerworld's Security Topic Center.
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts