Disk Encryption and Data Protection Software
   English
Home » Dropbox Accused of Intentionally Underprotecting 25 Million Customers’ Data

The Federal Trade Commission has recently announced that private information of Dropbox’s customers is not secure any more. Let us remind that Dropbox specializes in cloud-based data storage services and has more than 25 million users.

The question about the intentionality of Dropbox’s behavior is still unclear. Some argue that Dropbox deliberately deceived its customers, others insist on the fact that Dropbox just didn’t manage to clearly deliver its security policy.
Dropbox used to encrypt all the users’ files (AES-256) so that no one could gain access to them without a password. But after a few changes to the terms of service, the private data became more accessible than customers wish them to be. Now Dropbox can see all the private information of its users and share it with law enforcement bodies in case of need. Still, it stands its ground that their employees are forbidden to check the customer data. However, some experts express worries that it’s Dropbox that owns the keys used to encrypt and decrypt information, meaning they are not kept on each user's machine. Although Dropbox does insist on having enforced strict data access policies, any dishonorable employee can still get access to the private data of the customers, they concern.
It’s interesting that at this difficult for Dropbox time Aaron Levie, a co-founder and CEO of Box.net, Dropbox major rival, supported the company instead of reaping the benefit of the situation. He states that Dropbox just acted in good faith working on security issues, but perhaps overdid it.
However, Aaron Levie underlines the importance of data security. He says it is necessary for a cloud service to ensure the security of its customers’ information both at rest and in transfer.
It’s difficult to come to a definite conclusion in this situation. Nevertheless Dropbox should be more accurate with its terms of service in the future in order to avoid such unpleasant complaints. Still, the fact that private customer data are no longer considered to be properly secured can make Dropbox clients lose their trust and may have a negative financial impact.

World News

June 23, 2011 - SEC to Charge Companies Failing to Encrypt Customer Data
GunnAllen Financial has been fined by the Securities and Exchange Commission (SEC) for breaching customer data security, and it’s not the first time that GunnAllen has been accused of violating customer privacy rules. It has already faced three cases of stolen laptops and one case of unauthorized access to corporate email by a former employee.
June 6, 2011 - Dropbox Accused of Intentionally Underprotecting 25 Million Customers’ Data
The Federal Trade Commission has recently announced that private information of Dropbox’s customers is not secure any more. Let us remind that Dropbox specializes in cloud-based data storage services and has more than 25 million users.
November 15, 2009 - NHS Trust patient records repeatedly exposed over the last month
Several patient data theft cases were brought to the attention of the Information Commissioner’s Office (ICO) over the last month. Those involved eight desktop computers and four laptops containing sensitive patient details stolen from different hospitals. In most cases, the computer equipment was neither protected with any of encryption means, nor kept physically secure in locked premises, thus, carelessly exposing patients’ mental and physical health details to the risk of unauthorized access or theft.
Copyright © 2002-2011 Exlade, Inc. All rights reserved.
Russian