NortonLifeLock and Avast $8.6b deal gets provisional yes from UK regulator

Plus: Even market authorities can't seem to keep up with Microsoft's Defender branding

The UK's Competition and Markets Authority has given a provisional nod to the proposed merger of British cybersecurity company Avast and US rival NortonLifeLock.

Action by Britain's market regulators has international ramifications; the CMA's interventions in the Arm-Nvidia deal were partly responsible for the cancellation of the $66 billion sale of the British chip designer to Nvidia. And it has held up Facebook's purchase of Giphy.

As for the antivirus vendor pact, the $8.6 billion merger was announced in August 2021 and, after a gentle probe, the Competition and Markets Authority (CMA) decided that a closer look was needed in March 2022. That closer look (referred to as a Phase 2 investigation) is pretty much done and dusted and the CMA has provisionally decided that the deal doesn't raise competition concerns in the UK.

This is due to existing players, including the duo's main rival in the UK, McAfee, and Microsoft's bundling of its own security applications into Windows.

Microsoft has adopted somewhat of a scattergun approach to cybersecurity in its flagship operating system; what is built into Windows is known as Windows Security (formerly known as Windows Defender Security Center) and includes Microsoft Defender Antivirus. This is not to be confused with Microsoft Defender, which is a cross-device app "that helps people and families stay safer online" and requires a Microsoft 365 Personal or Family Subscription.

Windows Security is designed to keep Windows PCs secure unless an alternative antivirus product has been installed, such as the wares of Norton or McAfee.

The confusion seems to have spread to the CMA, which noted that "Microsoft Defender is not sold as a separate product" in its report while Microsoft states in its FAQs "Microsoft Defender is a part of the Microsoft 365 subscription."

The CMA did, however, note the arrival of Microsoft Defender for Individuals in June, which it said does indeed need that Microsoft 365 subscription.

Keeping up with Microsoft's branding gymnastics can be difficult. Microsoft Defender, being part of Microsoft 365, can't be purchased as a stand-alone product.

The CMA did say that user numbers taking advantage of Microsoft's solution are "both very high and growing very fast" but were not included in the analysis due to its inclusion in Windows.

As for Norton and its ilk, the CMA found that an important method of customer acquisition was via contracts with hardware manufacturers to have the software pre-installed on new devices in the hope of snagging customers once a free offer had expired. Retention rates once a customer had signed up were put at 80 to 90 percent. The CMA has already administered a rap on the knuckles to cyber security companies over unfair practices around renewals.

Kirstin Baker, chair of the CMA inquiry group, said: "After gathering further information from the companies involved and other industry players, we are currently satisfied that this deal won't worsen the options available to consumers. As such, we have provisionally concluded that the deal can go ahead."

Interested partners have until August 24 to respond to the provisional findings before the CMA issues its final report on September 8. ®

Send us news

Exchange Online and Microsoft Teams went down in APAC because Microsoft broke itself

Legacy process overwhelmed infrastructure, brought ten hours of trouble

SQL Server license prices rise ten percent as version 2022 debuts

Azure SQL pay-as-you-go rate is the only rate that won't change, and it was already expensive

Eat up, Windows 11 users – this is your last non-security preview update for the year

'Tis the season for plugging holes and bolstering security

NOAA, Microsoft partner to put climate models in the clouds

Don't worry, Redmond hasn't gotten its hands on the agency's coffers yet

Microsoft hikes prices in India by up to eleven percent

PLUS: Eight million more outsourced jobs for India; Australia warns on IoT shoe risks; Equinix enters Malaysia

Windows Server domain controllers may stop, restart after recent updates

Microsoft outlines a workaround while pulling together a fix to LSASS memory leak

Windows 11 still not winning the OS popularity contest

Microsoft releases out of box experience update to simplify and speed up migrations

Windows Subsystem for Linux now packaged as a Microsoft Store app

Nothing says 'We love open source and want it to be available in Windows' like only delivering updates from a closed digital tat bazaar

Microsoft's attempts to harden Kerberos authentication broke it on Windows Servers

Emergency out-of-band updates to the rescue

Microsoft adds silicon muscle into latest Azure SQL database configs

Intel's 'Ice Lake' and AMD's 'Milan' chips bump up speeds and feeds

Twenty years on, command-line virus scanner ClamAV puts out version 1

Used by millions – and the first official finished edition is here

Mozilla, Microsoft drop TrustCor as root certificate authority

'There is no evidence to suggest that TrustCor violated conduct, policy, or procedure' says biz