The principles that guide our decisions and actions
Potentially Unwanted Applications (PUA) Classification Guideline
In line with F-Secure's transparency goals, the Potentially Unwanted Applications (PUA) Classification Guideline has been made public to provide information about how we evaluate and classify programs as PUAs.
A Potentially Unwanted Application (PUA) is a program that has behaviors or aspects which are considered undesirable, unwanted or risky, but does not meet the stricter definition of malware.
To determine if a program is a PUA, we evaluate it using a guideline which lists behaviors or traits in 5 categories that are generally considered unwanted or risky.
The guideline also takes general consumer opinion of the program into account. If a program exhibits behavior or traits that match, or have the same effect as, one or more of the listed items, we consider it a PUA.
Data transfer declaration
Impact on Privacy and Bandwidth
In order to detect patterns of attack and stop malware from infecting a protected machine, security products need to collect data from their users that can be used to identify and separate harmful actions from benign activity. This data collection can however be problematic from a privacy point of view.
In answer to these concerns, we created this Data Transfer Declaration to clearly detail the kind of data our Internet security products collect and how such material is processed.
Briefly put - we collect only what we need and anonymize it as early as possible, stripping away anything that looks like the user's personal data.
With the remainder, we can still continue our work in identifying and stopping attacks before they affect our users.
This summary describes the basic principles of how we process the personal data that we collect. When you buy our products, we ask you for your contact information to manage your license.
Our services also collect personal data and other data so we can provide, support, enhance and market our services to you.
Our security and content management services need to process your file and browser traffic data to protect and enable your digital life.
We anonymize such data whenever possible and restrict our own visibility to your personal content.
We always apply strict security measures to protect your personal data. When you visit our web site, we track your movement on our site so that we can improve your customer experience.
We seek to protect your privacy, not to sell it. We aim for transparency when using your personal data to market our services to you.
For more information, see:
Policy on detecting spying programs developed by various governments
In late 2001, F-Secure Corporation received various queries on our standpoint regarding the possibility of spying programs developed by various governments.
Much of this discussion was generated by media coverage on rumored backdoor trojan known as "Magic Lantern", developed by FBI or NSA in USA. Discussion was increased as several US-based anti-virus vendors made comments implying they would on purpose leave a backdoor in their anti-virus products to allow such a spying program to work.
Thus, F-Secure Corporation would like to make known that we will not leave such backdoors to our F-Secure Anti-Virus products, regardless of the source of such tools. We have to draw a line with every sample we get regarding whether to detect it or not.
This decision-making is influenced only by technical factors, and nothing else, but within the applicable laws and regulations, in our case meaning EU laws.
We will also be adding detection of any program we see that might be used for terrorist activity or to benefit organized crime.
We would like to state this for the record, as we have received queries regarding whether we would have the guts to detect something obviously made by a known violent mafia or terrorist organization. Yes we would.
F-Secure Corporation always aims to do what's best for our customers.