Best answer by RetiredTripleHelix
View originalWebroot Data Collection / Privacy
+1
I bought Webroot® SecureAnywhere™ last year, and was initially super happy with it in all possible ways. However, I recently stumbled upon the Privacy Policy (https://www.webroot.com/Webroot_SecureAnywhere_Privacy_Statement), where I could read that this piece of software that I paid money for automatically collects "...network and internet information (including internet protocol [ip] addresses, URLs or domain names of websites visited, applications or files that attempt to access your network)". I'm posting this here because (1) my e-mail to the Privacy contact was ignored, (2) I would like to know why this collection is not reckless, and (3) this is information I would have liked to have when googling this software before buying it.
Userlevel 7
+56
Hello and Welcome to the Webroot Community!
Please read this older thread on the same question: https://community.webroot.com/t5/Security-Industry-News/Webroot-Privacy-Policy/m-p/282971
Thanks,
Daniel 😉
Please read this older thread on the same question: https://community.webroot.com/t5/Security-Industry-News/Webroot-Privacy-Policy/m-p/282971
Thanks,
Daniel 😉
I do not understand why a malware protection company such as Webroot needs to collect all the information it does, including internet browsing that does not result in possible infection, lists of files on my computer, and then share it for commercial purposes, when a program like Sophos, which I have used to good effect does not need to.
Take a browse through the Sophos policy, which appears much less intrusive, unless some of the more vague terms such as "disk usage information", also include sending file information--
https://www.sophos.com/en-us/legal/sophos-group-privacy-policy.aspx
"...You acknowledge and agree that the information we collect may include confidential and/or personal data, including without limitation (i) names and email addresses; (ii) account usernames; (iii) IP addresses; (iv) usage information; (v) details of changes or attempted changes to executable files, pathnames and scripts, (vi) infection logs; and (vii) files suspected of being infected with malware. ...
Sophos Anti-Virus for Mac
You acknowledge and agree that the Sophos Anti-Virus for Mac Products may provide us with Configuration and Usage Data, including without limitation (i) device model, firmware and license information, such as model and hardware version (ii) CPU, memory, and disk usage information; and (iv) product errors, which will be used for the purpose of improving product stability, prioritizing feature refinements and enhancing protection."
Further... "You have the right to ask us not to process your personal data for marketing purposes,..."
Am I missing some basic issue of Webroot's superior protection of my devices, or is this sharing just another source of revenue? Or even a more sinister possibility, could the (unnamed) third parties include entities that have malicious motives toward us. I need not mention the Kaspersky rumor of "sharing".
Why does Webroot need collect information other than that which results in malicious activity? (In addition to other information such as in the Sophos policy.)
Take a browse through the Sophos policy, which appears much less intrusive, unless some of the more vague terms such as "disk usage information", also include sending file information--
https://www.sophos.com/en-us/legal/sophos-group-privacy-policy.aspx
"...You acknowledge and agree that the information we collect may include confidential and/or personal data, including without limitation (i) names and email addresses; (ii) account usernames; (iii) IP addresses; (iv) usage information; (v) details of changes or attempted changes to executable files, pathnames and scripts, (vi) infection logs; and (vii) files suspected of being infected with malware. ...
Sophos Anti-Virus for Mac
You acknowledge and agree that the Sophos Anti-Virus for Mac Products may provide us with Configuration and Usage Data, including without limitation (i) device model, firmware and license information, such as model and hardware version (ii) CPU, memory, and disk usage information; and (iv) product errors, which will be used for the purpose of improving product stability, prioritizing feature refinements and enhancing protection."
Further... "You have the right to ask us not to process your personal data for marketing purposes,..."
Am I missing some basic issue of Webroot's superior protection of my devices, or is this sharing just another source of revenue? Or even a more sinister possibility, could the (unnamed) third parties include entities that have malicious motives toward us. I need not mention the Kaspersky rumor of "sharing".
Why does Webroot need collect information other than that which results in malicious activity? (In addition to other information such as in the Sophos policy.)
Userlevel 5
I see this in Sophos policy that seems much more vague and scary than the very specifc list of collections in the webroot policy.
In order to continuously improve the protection levels in the Sophos Home products, it may be necessary for us to collect and process certain information relating to you and to users connected to your account. You acknowledge and agree that the information we collect may include confidential and/or personal data, including without limitation (i) names and email addresses; (ii) account usernames; (iii) IP addresses; (iv) usage information; (v) details of changes or attempted changes to executable files, pathnames and scripts, (vi) infection logs; and (vii) files suspected of being infected with malware. We are committed to safeguarding the privacy of your personal data and will never share this outside Sophos.
In order to continuously improve the protection levels in the Sophos Home products, it may be necessary for us to collect and process certain information relating to you and to users connected to your account. You acknowledge and agree that the information we collect may include confidential and/or personal data, including without limitation (i) names and email addresses; (ii) account usernames; (iii) IP addresses; (iv) usage information; (v) details of changes or attempted changes to executable files, pathnames and scripts, (vi) infection logs; and (vii) files suspected of being infected with malware. We are committed to safeguarding the privacy of your personal data and will never share this outside Sophos.
99% of Webroot protection is in the cloud , with only minimal resident protection on your PC .
That's why Webroot installation folder is minimal (in kB) compared with Bitdefender / Avira which will install close ti 1 GB.
That means that information is being send back and forth CONTINUOUSLY from your PC to Webroot servers in order to provide protection.
If privacy is a concern , I will stay away from a software which is cloud based.
That's why Webroot installation folder is minimal (in kB) compared with Bitdefender / Avira which will install close ti 1 GB.
That means that information is being send back and forth CONTINUOUSLY from your PC to Webroot servers in order to provide protection.
If privacy is a concern , I will stay away from a software which is cloud based.
Userlevel 7
+34
You make a good point @ regarding privacy.
Three years ago, AV Comparatives issued a report on the privacy concerns surrounding AV solutions which included a close study of all the EULAs, vague terms and all.
It is fair to say that Webroot did not come out of that well, even when compared to other cloud based solutions. Webroot offer no option to opt out of any data collection and quite why they collect the Windows username has never been satisfactorily addressed.
At the end of the day, unless Webroot decide to change track and cut back on invasive data collection, users with privacy concerns will be forced to look elsewhere.
Three years ago, AV Comparatives issued a report on the privacy concerns surrounding AV solutions which included a close study of all the EULAs, vague terms and all.
It is fair to say that Webroot did not come out of that well, even when compared to other cloud based solutions. Webroot offer no option to opt out of any data collection and quite why they collect the Windows username has never been satisfactorily addressed.
At the end of the day, unless Webroot decide to change track and cut back on invasive data collection, users with privacy concerns will be forced to look elsewhere.
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.