The objective of the tamper-resistance offered by the uninstall key is to minimize the chances that a user will deactivate their agent when encryption policies are in effect (doing so will prevent them from being able to open encrypted files).
The protection is provided by the system only when the services are active with the agent running and executing policies. When active, trying to uninstall the agent will require the use of the uninstall key. However, if the agent isn’t running (e.g. a failed install, failed to connect to a tenant, failed user registration, in case of an error, etc.) the agent may be removed without a key.
Note: While the functionality delivers some tamper resistance, the Actifile agent isn’t registered as a malware tool with Microsoft and therefore isn’t designed to be tamper proof. For tamper proofing, we believe that the use of a monitoring system that alerts the admin when an agent is tampered with is best.