Dropbox Accused Of Lying To Users Over Data Security [News]

Ads by Google

Dropbox has recently revised its claims on how securely they maintain user data, prompting a lawsuit claiming that Dropbox has misled its customers about its privacy policy and encryption processes.

The crux of the matter is that Dropbox previously claimed to encrypt all user files and that no employees would have access to these files. As of April 13th, Dropbox privacy policies have been changed and it’s clear that Dropbox employees do have access to user files. However, Dropbox have not contacted its customers to advise of this change in user data privacy, prompting the accusations that Dropbox has been misleading their customers.

Before April 13th, the website clearly stated that: “Dropbox employees aren’t able to access user files, and when troubleshooting an account, they only have access to file metadata (filenames, file sizes, etc. not the file contents).”

After April 13th, the claim changed to: “Dropbox employees are prohibited from viewing the content of files you store in your Dropbox account, and are only permitted to view file metadata (e.g., file names and locations).”

Dropbox’s response was as follows: “That statement didn’t say anything about who holds encryption keys or what mechanisms prevent access to the data. We updated our help article and security overview to be explicit about this. Also, to clarify we’ve never stated we don’t have access to encryption keys. We’ve made quite a few posts in our public forums over the years about this very fact and we are quite open with our community.”

Ads by Google

Other privacy claims also changed on April 13th, such as a previous claim that “All files stored on Dropbox servers are encrypted (AES256) and are inaccessible without your account password” now simply reads “All files stored on Dropbox servers are encrypted”.

The complaint revolves around the fact that these security claims were confusing and misleading to users.

Here at MakeUseOf we love making use of cloud storage and finding unique ways for students and others to use tools such as Dropbox.

Image Credit:Wired

From the Web

3 Comments - Write a Comment



“we’ve never stated we don’t have access to encryption keys”

That’s always been my main complaint. If you can’t trust it to back up anything remotely personal/sensitive then what good is it.



If you want your data encrypted, do it yourself.



 I agree with Clazy8.  I only keep encrypted before storing files anywhere

Your comment