The fact that it has hooks to even know of the keystrokes is the real issue here. Even without recording or logging them afterwards, the fact that it has the ability means its a possible attack vector for things like worms/etc...

Even if they never do anything with keystroke data, just the fact that they can is the dangerous part. What is to prevent some switch to start sending the keystrokes in the future? I'll be blunt, this companies implementation of its business model strikes me as being borderline wiretapping.

I don't think you read my comment correctly -- or you meant to reply to someone else.

Yep sorry wrong reply, i'll nuke my comment sorry, dont' think its adding much where it is to be honest.