Well, there really isn't much to go on in the original article. Without explicitly stating which products are violating user's consent for information sharing, we are deprived from the possibility of independent analysis.
Not saying it is impossible, it's just I fail to derive value from incomplete alarmist statements. If there is a legitimate issue, I'd like to know if I or my clients have a problem and look for a solution.
Considering that most of the serious security solutions require cloud-scale analysis to be effective, we hardly can expect not to ship data offsite for running it in sandboxes, if existing hashes are not locally present.
Inevitably, some of that information, including documents, links, executables, scripts, etc.. will contain something that we rather not find in a poorly secured AWS S3 bucket.
So long as the information is properly secured in transit and analyzed by fully automated solutions, I suspect that most organizations with less than a square acre of computing power, will have to live with it.