# Brit watchdog shows some teeth over McAfee antivirus auto-renewals

The UK's Competition and Markets Authority (CMA) has reached agreement with antivirus vendor McAfee that means some customers whose software subscription was automatically renewed will be able to get a refund. The deal follows a lengthy investigation into the antivirus sector that kicked off in 2018 amid concerns that "some …

1. #### Good. Now for the rest.

Amazon being a 'prime' example. If I were a regulator I'd mandate a 'Cancel' button alongside the 'Sign Up' one. It should be as easy to leave as to join, same number of clickthroughs, buttons of equal prominence as so forth.

1. #### Re: Good. Now for the rest.

"...It should be as easy to leave as to join..."

But it's not as I have found to my cost. It's made as difficult and complicated as possible. A deliberate decision by Amazon.

Having said that at least I did manage to free myself from their clammy grasp which is more than I can say about EVE. I stopped playing EVE about a year ago due to some unfair and discriminatory changes CCP made. I let my my subscription lapse and thought no more about it until I recently got an e-mail from CCP congratulating me on renewing my subscription and taking £ 29 from my bank account. I asked that the unauthorised charge be reversed and told them in no uncertain terms that I would be the one deciding if I wished to spend money with them again, not them. I did get a reply from a GM telling me that they had cancelled the subscription and refunded the money.

Why should I have to have done all that? Are these companies so short of money that once they have you they are most reluctant to let you leave.

No, didn't think so. They seem to regard their "customers" as a resource not people to do business with. Remember a good shepherd shears his sheep, he does not skin them.

1. #### Re: Good. Now for the rest.

\begin{RANT}

One of my bosses told me, when I had recently joined his consultancy firm:

"The job of a consultant is to determine the client's budget and spend it."

He certainly viewed customers as a resource to be harvested.

As for flocks of sheep, they are fleeced, butchered, cooked and eaten. If I ever meet a church minister who tells me God is a shepherd and I one of His 'flock', I shall remind him / her of that awkward fact.

\end{RANT}

2. #### Re: Good. Now for the rest.

The latest Amazon wheeze is pushing Prime Student. You get funnelled into giving an academic e-mail address using the exact same dark UI patterns as they use with Prime only most people won't be able to give an academic e-mail address, so all they'll do is get pushed into a dead end and end up frustrated.

1. #### Re: Good. Now for the rest.

Ugh, those Prime Student pushes are so damn annoying. I try to avoid Amazon, but Every. Time. I. Order. Something. they bug me to sign up for Prime Student (as well as bugging me to sign up for regular Prime, which ain't happening, Amazon).

If only other online bookstores (B&N, etc) could sort out their ordering and fulfillment systems. I had a minor holiday crisis with B&N some years ago where they held up an entire order of gifts for several people because they'd cheerfully let me order one book which was not in stock, and indeed has never been in stock since. If I hadn't called, discovered the problem, and browbeaten them into sending the rest of the order at the last minute I'd have been out of luck.

(I shop in local stores when I can, but often people want things which aren't available locally.)

2. #### An easy way to quit.

When you sign up for $Service use a Pay-As-You-Go (PAYG) refillable credit card like the kind you can buy as a present for someone, deposit a few$Currency into, then send as a birthday gift. The recipient of the PAYG card can use it as any other credit card, but only up to the balance currently on the card. You can't become overdrawn on it, it auto-stops allowing use the moment the balance reaches 0. You have to top it off before you can use it again.

By using a PAYG card as the default payment instrument for $Service, that service will have a quick, dirty, easy, & fulfilling means of quitting their clutches -- just don't top off the card. Let it expire with a 0 balance. The next time they go to charge you for something, they hit a brick wall of "Insufficient Funds: Charge Denied". They can complain all they want, you don't have to refill that card until whatever issue started the whole mess gets resolved to your satisfaction. And since a PAYG card does NOT require your Personally Identifiable Information (PII), there's no need for$Service to even have your real PII either.

I signed up to Amazon with a PAYG card & using an Amazon-specific pseudonym. When they tried to screw me over & charge me three times for stuff I hadn't ordered, I stopped refilling the card & told Amazon to kill the account. They refused & demanded payment. I told them to get stuffed. The only semi-real PII they have on me is my email address, and THAT includes the Amazon-specific alias to let me know where it was used. (I've mentioned this tactic before.) They refused to kill the account, so I logged back in, scrambled all my already-fake-PII, saved all the changes, & religated the Amazon-branded-email-alias to the junk folder.

Any time I get email from Amazon, or a statement from the PAYG company reminding me to refill the card "to restore functionality", I laugh & give Amazon TheFinger. They want to screw me over, I don't think so, and so Amazon gets to suck eggs.

TL;DR: The quickest, easiest way to quit a service that wants a credit card is to use a PayAsYouGo refillable card that can be safely tossed in the trash bin when said service turns out to be social underwear skidmarks.

1. #### Re: An easy way to quit.

Virtual cards from a service such as privacy.com (which I use) also work well for this. One click and the card is closed. Privacy cards are also locked to a single merchant, so card-information thefts have much smaller risk, and it's easy to set and change spending limits.

3. #### Re: Good. Now for the rest.

It's not just auto renewal, it's any account.

When I tried to cancel an old M$account which had no subscriptions, no charges, no balances, no activity at all for years (I had forgotten about it), to call the process labyrinthine was, I thought, an understatement. Until I tried to cancel my FaecesBook account with a process that made M$ look like a hedge maze.

4. #### Re: Good. Now for the rest.

Consumer law should require user consent for the auto renew action (i.e. they must check the box) and not disadvantage a user who does not. And that includes free trials periods. In addition subscribers should be reminded before their subscription renewal date of how to alter their subscription, again with no disadvantage for people who choose to change the setting.

So if Amazon wants to give a 30 day trial then fine but they must still obtain consent to renew when the trial ends and they must remind people by email before they get hit with a renewal fee.

2. #### Retaining control

"McAfee is pleased to have reached agreement with the CMA on our shared goal of improving the ease, fairness and transparency of business-to-consumer practices and policies. Our work with the CMA aligned with our efforts to enable customers to maintain ongoing protection while retaining control over their McAfee subscription."

I read this as McAfee is relieved to have agreed with the CMA that they don't have to pay a humungous fine and can just change some words on our web site, whilst retaining an 'opt out' marketing strategy for our products.

McAfee has been doing auto-renewals for ages, I recall a letter in the independent (while it was a paper publication) years ago about how difficult terminating the contract was. I suggested writing to McAfee telling them to correct their records, that you don't want a subscription or they would be reported to the ICO. I think it worked, but dragging the ICO into a simple matter of declining to renew a subscription seemed a bit OTT.

Let's hope the new website wording and process are easy to use and effective.

3. #### Continuous Payment Authority

CPA is unfortunately an easy way for companies to keep taking payments even when cards expire.

Here's a Guardian article about a Norton customer's seven year battle...

1. #### Re: Continuous Payment Authority

I never knew they could keep taking payment's if the card expired?

Even worse in that article you linked to not only had the card expired they no longer had the card they had changed cards. How the hell should that even be possible or even allowed?

2. #### Re: Continuous Payment Authority

I should imagine that many are not even aware that they have setup a CPA instead of a Direct Debit or card payment.

It is certainly very unclear when you take these things out as the assumption is that it is a Direct Debit that can be cancelled at any time.

I am guessing that these shysters are using this sort of thing for precisely this reason, they can keep taking the money in perpetuity even when the customer has stopped using the service. It is one of the many problems that are starting to become apparent with all these subscription based services. I expect that will keep taking it even if the service is no longer available!

Does anyone know if you can tell from your back account payees if it is CPA or just Direct Debit. This has made me look closely and I cannot see anything. The trouble is the CPA includes a Direct Debit form.

4. #### "a cheap first year followed by a subsequent quiet price hike"

Which is inevitably revealed by a thunderous "HOW MUCH ?!" when you review your billing record.

5. #### Only 25 years too late

Only 25 years too late... and rather toothless.

If an organisation wants to change a recurring fee then they must be made to explictly ask for permission for this, not to just assume and, well, basically steal money. Unfortunately the rules are largely made up by those with lots of money to influence things.

1. #### Re: Only 25 years too late

Yes, software subscriptions are a license to steal.

Any software contract should have a maximum duration, say 12 months, at which point the customer has to go in and explicitly sign up again for the service. In other words, opt in *again*. Opt in everywhere, all the time. It should be a mantra: opt in. But as you point out, the regulators have been captured by team opt out.

6. #### the process for turning off auto-renewal

Should never, ever, in any circumstance, be required.

A customer may request it, but a company should never be allowed to apply it without the request, even with the option of turning it off. The customer should never need to.

I am amazed how many little tricks like this 'to simplify my life' are out there. I get very tired whenever I talk to an insurance company (to take a common example) of having to say that I do not accept auto renewals. Ask me next year.

7. #### Another thing I don't get

In the days when I used Norton, why was it always much cheaper to buy a new licence than to renew the existing one? For that reason, I never used auto-renew - even when you were forced to set it up to activate the license (first task once done was to turn it off).

They obviously work on the "fleece the loyal customer" model, much like the rest of the insurance industry.

8. #### It's not just McAfee...

I've had trouble with both TrendMicro and Kasperski doing the same BS.

I suspect all so-called "antivirus/security" companies are doing this as well.

What's even worse is the automatic renewal is more expensive than the original subscription price.

It was almost double the costs with the two I mentioned above.

1. #### Re: It's not just McAfee...

Add Webroot to that, though to be fair they refunded instantly with no questions. That was to an expired card and the card provider appears unable to tell me how the payment was taken so my assumption is that it was a CPA.

2. #### Re: It's not just McAfee...

I use Bullguard and renewal price auto or not is the same as a new purchase.

Also easy to turn auto renewal off or on just click on account in the software and it will take you to a web page where with a click of a button it changes renewal.

I don't know if auto renewal is on by default I have been with them a long time.

NB this is not a recommendation just saying that not all AV companies hike the price on renewal.

3. #### Re: It's not just McAfee...

But anti-malware software is extremely useful and well worth the money, so there's no incentive to use dirty tricks to extract money from customers, right?

Or, perhaps, it's mostly useless snake oil? Nah.

9. This post has been deleted by its author

1. #### Re: McAfee?

Hell, even on Windows, Microsoft Windows Defender is at least as good as most of the commercial offerings for most users. The value proposition for McAfee appears to be corporate central control (which, I can say from experience, is primarily used by IT departments to make work impossible). I assume the value proposition for Norton is "hey, we use the name of this guy who used to have a good reputation for PC stuff about a million years ago".

10. #### Opt out? Really???

"a glimpse at the most inexpensive of Dell Inspirons shows customers needing to opt out of having McAfee's's products preinstalled"

A bit further up the line and they don't offer opt-out at all.

I had to order a couple of developer-capable Dells a few weeks back. Tried to get them to ship without McAfee - no dice, even after lengthy conversations with several of their support team...

1. #### Re: Opt out? Really???

...and this is why I always have a handy USB stick with the Windows installer on it. I can't remember the last time that I accepted the defaultly installed garbage configuration that any computer vendor has foisted on me.

For larger deployments there are better tools of course, but for just a few then the USB and nuke-whatever-the-hell-is-there and start again approach always works.

11. #### Norton

Norton Antivirus is the same. Automatic subscription at £80 per year.

As soon as I entered the authorisation key I go onto their web site and cancel that auto-renewal.

When it's time to renew the "subscription", I go on Amazon and get a new one at £20ish

Rinse and repeat the process for another year.

1. #### Re: Norton

What about Norton Antivirus is worth even £20 / year?

12. #### Nice PC you have there

New PCs preloaded with this shit are only a shade away from ransomware, cajoling people to pay for protection that they don't need and that Windows already provides for free.

13. Pretty much the first thing I do when setting up a new computer for my clients is remove McAfee.

I have also lost count of the number of times laptops come in with McAfee and a second AV program running at the same time. As soon as McAfee asks for money, people download a freebie.

14. Look at Norton pricing also!!! Several years ago the "automatically renewed" without my consent at an outrageous price (3 times for the same product on Amazon), along with a 2 year subscription costing online $110 while a one year subsciption costs$ 50..... Bye bye Norton....

15. #### If only

there were a video, somewhere, explaining how to uninstall McAfee...somewhere...

16. #### Why Don't they listen

I tried to request McAfee refund but they don't listen even after so many reminders, and then I reached out to myQuery to get the refunds and I got it so quickly. you can get full details about McAfee refund at https://myquery.co.uk/mcafee-refund/

## POST COMMENT House rules

Not a member of The Register? Create a new account here.