
Has Dropbox set the stage for a privacy revolution? - Flemlord
http://gigaom.com/cloud/has-dropbox-set-the-stage-for-a-privacy-revolution/
======
itg
I don't know why Dropbox is catching so much flak for this when the TOS were
standard stuff you see pretty much anywhere.

ex: <http://www.google.com/accounts/TOS>

“By submitting, posting or displaying the content you give Google a perpetual,
irrevocable, worldwide, royalty-free, and non-exclusive license to reproduce,
adapt, modify, translate, publish, publicly perform, publicly display and
distribute any Content which you submit, post or display on or through, the
Services.”

“You agree that this license includes a right for Google to make such Content
available to other companies, organizations or individuals with whom Google
has relationships for the provision of syndicated services, and to use such
Content in connection with the provision of those services.”

~~~
jinushaun
Hating on Dropbox seems to be the flavour of the week on the intarwebs it
seems. Fascinating to see how easily geeks fall prey to basic thought
manipulation by the media. Aren't we supposed to be smarter than the average
bear?

~~~
alanthonyc
I've recommended Dropbox to a number of _personal friends_ throughout the past
couple of years. When the first security incident (Dropbox employees being
able to read files when they said they couldn't) came up a couple of months
ago, one of my friends emailed me to ask what the deal was with this company.
He doesn't know them from HN. He only knows them from me. In my circle, _I'm
the one responsible for Dropbox._

When the password incident came up a couple of weeks ago, I was on guard and
emailed my friends proactively before they found out about it via news sites.

I don't bash on Dropbox because:

    
    
      - they have a great product
      - security is hard
      - startups are hard
      - they are a yc company
    
    

But I think it's fair to say that:

    
    
      - they made mistakes
      - they handled the initial mistakes poorly
      - they are now working to address any issues, but...
      - ...every subsequent action is therefore under more scrutiny
    
    

In summary, there is no thought manipulation by the media. There are a lot of
lessons that can be learned from this, but being dismissive of it is the exact
wrong thing.

------
a3_nm
A privacy revolution would be to use client-side encryption on this sort of
services, not change the TOS -- especially since questions about ownership of
the data would become pretty irrelevant.

------
Synaptic
Since day one I've stored an arsenal of Truecrypt archives in my Dropbox
folder for anything that I really don't want anyone else to find out about.
(Not that there is much of that.) Most of the rest of what I store there is
ebooks, university lecture notes, my portfolio, and other stuff that I
wouldn't worry about if Dropbox really dropped the ball. Seems reasonable to
me to be a little more in charge of your own security instead of handing off
responsibility to people you don't even know. Still, I agree that we should be
holding Dropbox (and similar services) to a high standard, and they have
indeed stumbled on this issue.

------
pavel_lishin
> we won’t share your content with others, including law enforcement, for any
> purpose unless you direct us to.

So, they're somehow immune to subpoenas? How can this possibly work?

Or are they saying that since your data is encrypted, they couldn't provide
the plaintext to the authorities even if they wanted to?

~~~
kevinpet
There's another clause just above that that refers to another document which
covers law enforcement.

BTW, DropBox is legally required to comply with a valid subpoena. The data on
your computer requires a search warrant.

~~~
pavel_lishin
So that sentence I quoted is basically a lie.

~~~
smackfu
It wasn't a sentence, it was a qualified clause: "To be clear, aside from the
rare exceptions we identify in our Privacy Policy, no matter how the Services
change, we won’t share your content with others, including law enforcement,
for any purpose unless you direct us to."

~~~
pavel_lishin
Oh, duh, I don't know how I missed that part :/

------
hagyma
I always wondered why do we need all this legal bullshit... and I never liked
the order of the words in these sentences...

If google has a button, that I press and my content becomes available to the
whole world... it is me pressing the button.

It should be the other way around... or at least say: you as a user have the
option to make your content available, modify your content, distribute or bla,
bla, bla using our services... and you give no license to the provider.

ps: still... I don't care about these terms much, as they really appear
everywhere. Although, I'd feel much better if using an online service, in
legal terms would be closer to buying a tool in the hardware store. :)

------
mvzink
I haven't really been following the Dropbox fiasco(s), mostly because I've
been so happy over the last year with SpiderOak (<https://spideroak.com/>).
They go out of their way to put you in control of your data. They don't store
any passwords whatsoever, encrypt everything, and have a strong zero-knowledge
policy.

------
mariuskempe
Does anyone have any examples of Google lobbying against clearer legal
documents? I would love to see this.

