gww, thanks for your post. I think Brad summed up the situation, but to rehash a few critical points:
1. ClickProtect is off by default. As a casual observer, I would have interpreted your original post as implying that it was turned on by default or without your knowledge, which is never the case. Each customer should weigh the pros and cons of any security technology against their specific needs. We fully expect that ClickProtect will be too invasive for some users and exactly "what the dcotor ordered" for others. The same goes for many security technologies. Encryption, for example, has clear beneifts, yet not everyone uses it.
2. ClickProtect allows for various levels of protection that can be selected on a per policy basis. Some levels are less intrusive than others.
3. This functionality has been around for years and years. It hasn't always been this advanced, but URL re-writing has been around for a long time and...
4. I'm not aware of a single instance where a URL re-write for the purposes of threat detection has resulted in a spoliation claim. The fact is that many threats now arrive in the form of a URL rather than a file attachment. Stripping file attachments has been a widely accepted practice for years and amounts to basically the same things as a URL re-write. Given the risks and losses that business see every year due to phishing attacks, I would expect this to be considered a "reasonable" measure for business to take to protect their networks from data leakage and all other manner of bad things.
Sr. Product Manager
Notice: The information contained herein is for informational purposes only and should not be deemed an offer by McAfee or create an obligation on McAfee. McAfee reserves the right to discontinue products at any time, add or subtract features or functionality, or modify its products, at its sole discretion, without notice and without incurring further obligations.