Competition regulator clears £6bn merger between NortonLifeLock and Avast

The US-based NortonLifeLock had been planning to purchase UK firm Avast back in March, but as the companies are close competitors, with few other significant rivals, the Competition and Markets Authority (CMA) expressed concerns that the proposed deal could lead to a reduction in competition in the UK market.

As well as offering antivirus software, the firms also offer privacy software (such as VPNs) and identity protection software.

In its initial Phase 1 investigation, the CMA concluded that the deal raised a realistic prospect of a substantial lessening of competition. But in its Phase 2 investigation, which applied more stringent tests, it reversed its decision.

Following a consultation that ended on 24 August 2022, the CMA has upheld its provisional findings and cleared the deal.

The Phase 2 investigation found that the supply of cyber safety software to consumers is rapidly evolving with providers of both free and paid-for services continually developing and improving.

While the CMA initially raised competition concerns, it ultimately found that the merged business would still face “significant competition”. This comes from McAfee – their main rival – plus a range of other suppliers that currently have a smaller market position in the UK.

The CMA also found that security applications provided by Microsoft, which holds a unique position in the market as the owner of the Windows operating system, offer increasingly important alternatives for consumers.

In recent years, Microsoft has improved its built-in, bundled security application so that it now offers protection which is as good as many of the products offered by specialist suppliers. Other applications recently launched by Microsoft also brings its cyber safety offerings closer to those of the merging businesses, the CMA added.

Kirstin Baker, chair of the CMA inquiry group, said: “Millions of people across the UK rely on cyber safety services to keep them safe online.

“Phase 2 investigations allow us to explore concerns identified in our initial review in more detail, as we gather further information from the companies involved and other industry players. After reviewing the evidence in an in-depth review, we are now satisfied that this deal won’t worsen the options available to consumers. As such, we have concluded that the deal can go ahead.”

In February, government figures showed that the UK’s cyber-security sector had exceeded £10bn in revenue for the first time.