Back in 2017, the Trump administration signed new rules banning Russian-based Kaspersky software on all government computers. Last June, the Biden administration took things further and banned distribution and sale of the software, stating that the company’s ties to the Russian government made its intimacy with U.S. consumer devices and data a national security threat.
While there are justifiable security concerns here, much like the ban of TikTok, the decision wasn’t absent of lobbying influence of domestic companies looking to dismantle a competitor. It’s relatively easy to get Congress heated up about national security concerns, because it tends to mask anti-competitive lobbying in a way you can brush aside non transparently for the greater good of the world [echoes].
Nor is a ban entirely consistently with broader U.S. policy, since U.S. government corruption prevents it from passing a meaningful privacy law, or regulating dodgy international data brokers that traffic in no limit of sensitive U.S. location and behavior data.
China and Russia don’t really need TikTok or AV software, they can simply buy access to your daily movement and browsing data from data brokers. Or, thanks to our lack of privacy laws or real accountability for lazy and bad actors, they can hack into any number of dodgy apps, software, or hardware with substandard security.
Regardless, this week Kaspersky Labs effectively left the U.S., but not before engaging in a practice that doesn’t exactly scream “high security standards.” The company effectively deleted its products from U.S. user computers without anybody’s consent, then replaced it with UltraAV’s antivirus solution — also without informing users.
Many users understandably saw this nonconsensual transaction take place and assumed they’d been hacked or infected with a virus:
“I woke up and saw this new antivirus system on my desktop and I tried opening kaspersky but it was gone. So I had to look up what happened because I was literally having a mini heart attack that my desktop somehow had a virus which uninstalled kaspersky somehow,” one user said.”
One problem is that Kaspersky had emailed customers just a few weeks ago, assuring them they would continue receiving “reliable cybersecurity protection.” They didn’t make any mention of the fact that this would involve deleting software and making installation choices consumers hadn’t approved of, suggesting that their exit from the security software industry won’t be all that big of a loss.
That said, it would be nice if U.S. consternation about consumer privacy were somewhat more… consistent.
The U.S. isn’t actually serious about U.S. consumer privacy because we make too much money off of the reckless collection and sale of said data to even pass baseline privacy laws. And the U.S. government has grown too comfortable being able to buy consumer data instead of getting a warrant. But we do like to put on a show that protecting consumer data is a top priority all the same.