> When a virus scanner finds a virus, it alerts me and I can either quarantine or delete it. It’s up to me to decide if what it’s found is actually a virus, or a false positive.
This is also a bit superficial. If you are breaking the law, you can't decide by yourself whether you are breaking the law of not. That is up to the judge.
While you can quarantine or delete the virus, AV vendor is still getting all the stats. It is not maybe including PhotoDNA matches but cryptographical hashes are included for identical match. It is still perfectly legal to inform CSAM content against these matches, and we can't be sure if that has been made or not.
In case of Windows Defender, what if automatic sample submission is enabled? Uploading and storing a file makes Windows as cloud-provider for this specific scenario, and is required by law to report CSAM content.
Who knows if PhotoDNA is also applied into this content, but that hasn't been told yet? It is legal, there is no need to to tell that.
This is also a bit superficial. If you are breaking the law, you can't decide by yourself whether you are breaking the law of not. That is up to the judge.
While you can quarantine or delete the virus, AV vendor is still getting all the stats. It is not maybe including PhotoDNA matches but cryptographical hashes are included for identical match. It is still perfectly legal to inform CSAM content against these matches, and we can't be sure if that has been made or not.
In case of Windows Defender, what if automatic sample submission is enabled? Uploading and storing a file makes Windows as cloud-provider for this specific scenario, and is required by law to report CSAM content.
Who knows if PhotoDNA is also applied into this content, but that hasn't been told yet? It is legal, there is no need to to tell that.