I've read your various privacy policies but they are not for the layman. I would like to know how SONAR works "in the cloud" and a few questions about data collection/examination in general.

From what I can gather, instead of a user downloading definitions periodically, SONAR will examine the behavior of "software"* and then "learn" more about it. But does SONAR forward your internet traffic to the "cloud" for examination? Are files that I download from the internet subsequently uploaded in real time to Symantec servers?

And, in general, does NIS2014 monitor your web traffic/files on your PC and then upload them to Symantec servers for analysis? I have read that turning off community watch is the best method to ensure no data is shared, but if virus scanning is not done purely locally (on the hard drive) now - then does that mean that user data is being uploaded in real time to the "cloud"? Or, are heuristics being downloaded from Symantec servers in real time to the users PC?

There are so many live monitoring tools in NIS2014 that I don't think you can blame people for being paranoid regarding their data. When I visit a website (be it political, or personal) I don't like the idea of my internet traffic being uploaded in real time to some server for analysis. If I wanted to share data in the cloud then I would, but I don't. So, can someone clarify for me exactly what kind of files or information is shared by NIS2014? (assuming community watch is off)

---

*Does SONAR examine the behavior of "applications", or all content (images, songs, .doc files, etc)?