"trusted third parties"

Hi! After reading a conversation on another forum regarding Threatsense.net and the reporting of suspicious files and statistical data, a user brought up the subject of Eset sharing data with third parties, as mentioned in the NOD32 EULA. I appreciate that most of the data sent to Eset is anonymous, but there is a chance -- as stated in the EULA -- that some personal information might be contained within a suspicious file sent in for analysis. So I ask the following question to allay fears and paranoia in some current, and prospective, NOD32 users: Who are the "trusted third parties"...?

 

Antivirus vendors share malware samples on occasion. So they can be labeled as trusted third party due the fact they have experiences and policies on protecting privacy. When a new virus is reported to the WildList Organisation, you have to submit a sample of the file. WLO could be also censidered trusted third party.

 

As an addition to the original post concerning ThreatSense, would not the fact that NOD32 MAY upload personal details be a contravention of the Data Protection Act if you use your PC for a business?

Whether or not the files contain personal details about customers and regardless of the fact you can turn ThreatSense off, would agreeing to the EULA still be a breach of the DPA, since you have still given NOD32 permission to upload files?

This has become a heated debate on another forum for the last week or so and the views of some knowledgeable people on here would be a big plus.

SiriusB

 

What is personal details? If you use your credit card number as a login to Windows, then yes, Eset will receive this info if a suspicious file is found in "documents and settings/your_credit_card_number/my documents..."

 

The examples given are any files that contain information on customers that you may have. My PC is for personal use so there isn't anything that important, but if I use it for a business and I had client details or customer details then would it not be a breach of the DPA if I allowed any files containing some or all of their details to be uploaded to Eset?

SiriusB

 

That's why documents and files potentially carrying confidential information are excluded from submitting by default. The exclusion list can further be customized as well.

 

haha, funny image

 

That's our cat here in the threatsense server room

 

So you're using Cat-power to sniff out new RAT's?

 

Or should that be RAT power to sniff out the cats (now where is my cat soup recipe

 

Grrr!