Many Internet users are concerned about who has access to their personal information and what is done with it. Computer security software has legitimate grounds for sending its makers some information about the system it’s running on; in particular, details of malware found on the machine must be sent to the manufacturer to protect the user effectively. However, this does not mean that a program should have carte blanche to send all personal information found on a computer to the manufacturer (other than with the specific knowledge and agreement of the system’s owner).
This report analysed the data collection and data sharing practices of 20 market-leading consumer Anti-Virus (AV) products. Each vendor was scored based on their data collection; data sharing; accessibility; control of software and processes; and openness. The scoring system is meant to provide a general overview based on qualitative evaluation and some vendors that failed to respond received lower scores. The report aims to encourage user awareness about data-sharing practices and transparency.