Its important to re-state that the apps in question performed a one-time upload of a snapshot of browser history covering the 24 hours prior to installation to identify and block the latest threats.The results confirm that Dr.
Cleaner, Dr. Cleaner Pro, Dr. Antivirus, Dr. Unarchiver, Dr. Battery, and Duplicate Finder collected and uploaded a small snapshot of the browser history on a one-time basis, covering the 24 hours prior to installation. This was a one-time data collection, done for security purposes (to analyze whether a user had recently encountered adware or other threats, and thus to improve the product service). The potential collection and use of browser history data was explicitly disclosed in the applicable EULAs and data collection disclosures accepted by users for each product at installation (see, for example, the Dr. Cleaner data collection disclosure here: ). The browser history data was uploaded to a U.S.-based server hosted by AWS and managedcontrolled by Trend Micro. Second, we have permanently dumped all legacy logs, which were stored on US-based AWS servers. ![]() Third, we believe we identified a core issue which is humbly the result of the use of common code libraries. We have learned that browser collection functionality was designed in common across a few of our applications and then deployed the same way for both security-oriented as well as the non-security oriented apps such as the ones in discussion. None of the other Trend Micro products, including consumer, small business or enterprise, are known to have ever utilized the browser data collection module or behavior leveraged in these consumer apps. To that end, we are currently reviewing and re-verifying the user disclosure, consent processes and posted materials for all Trend Micro products. Henceforth, we will no longer publish or support this product. We are aware that our other apps have been suspended as well and we are working to resolve this as soon as possible, but thus far the basis for these suspensions is unclear. We are actively pursuing the chance to engage with Apple to understand their decision further and address any issues. Several of our apps have been grouped together with a completely unrelated vendor in media articles. In addition, we have permanently deleted all legacy logs that contained the one-time 24 hour log of browser history held for 3 months and permitted by users upon install. We have also updated the one app, which did not include a clear pop-up window during installation, Dr. Unarchiver, with links to our EULA, privacy policy, and data collection notice. Please note that the EULA pop up was not active in the GUI for one of our apps, Dr. ![]() We have rectified that and it will be reflected once this app is available on the App Store again. The browser history data was uploaded to a server hosted by AWS and managedcontrolled by Trend Micro, physically located in the U.S. We have updated our consumer apps in question to fully comply with Apples requirements and are in the process of resubmitting them to Apple. We are aware that our other apps have been suspended as well and we are working to resolve this as soon as possible, but thus far the basis for these suspensions has not been clearly articulated to us. Due to the progress being made and our improved understanding of the issues, we wanted to provide an update and summary of the events to date.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |