It's pretty clearly key-logging and on top of that they've had poor security in the past which is not great when they're key-logging everything you type.
Personally I can't say I took the high ground though I just blocked swiftkey with a firewall and figure that's good enough for me.
Cloud sync is opt in and I don't know why anyone in their right mind would enable it...
That being said, using a closed source application packed with features (also known as "attack surface") as your main input method clearly isn't ideal.
Personally I can't say I took the high ground though I just blocked swiftkey with a firewall and figure that's good enough for me.