AVG has taken to their blog to respond to the recent criticism of their Windows Phone 7 security suite. The app has been claimed by 3rd parties to collect and send your GPS information along with any identifying information e.g. email, device make, model, etc. Since the controversy, the app has been temporarily removed from the Marketplace by Microsoft until an investigation is complete.

AVG in their response write a lot but say very little. In short, they state their motivations for entering the WP7 ecosystem--something we don't begrudge them for, even if our security seems "tough enough". They then go on to say they worked with Microsoft on the app, including training, app feedback and suggested changes. Finally they claim that:

  • We do not share or otherwise disclose your data to anyone without your permission.
  • We do not mine your data for patterns.
  • We do not use your data to target ads.
  • We do not access your location data without your permission.

Regarding the scan engine, they have this to say:

"Having the security engines implemented in the product, we believe we can respond to security threats targeting the Windows Phone 7 platform to protect our users, whenever such threats arrive –as we have with Android — and we are committed to continuing to develop this security product to reflect the constantly changing threat landscape."

Fair enough. Honestly, at this point we don't really believe AVG was being malicious here but rather perhaps a little naive. Still, we'll wait for Microsoft to weigh in on the issue before coming to a final conclusion. Read the whole response here.