Main Area and Open Discussion > Living Room

Dropbox and privacy (or lack of)

<< < (3/5) > >>

dr_andus:
If something is uploaded to any Dropbox account and made available to others for download, it is perfectly reasonable for the poster to be able to know who has downloaded the file.
-xtabber (March 01, 2014, 08:39 AM)
--- End quote ---

My problem is this: will any Basic or Pro Dropbox user (i.e. not a Dropbox for Business customer) know that every time they download a file that originates from a Dropbox for Business account, their name and email address may be made available to that account?

E.g. what does "accessing stuff shared by that user" mean? It doesn't sound legally or technically precise. So, let's say that you're browsing the internet while being logged in as a Basic Dropbox user. You end up on a website (unrelated to Dropbox) where you can download a PDF file. You download it without realising that it was hosted on a Dropbox for Business service, and your name and email address will be made available to the owner of that Dropbox for Business account without you knowing. How is that reasonable?

I have a Wordpress blog and I do not get told the name and email address of everyone who has visited my blog or downloaded stuff from it. The same goes for files available in general for download on the internet. You don't expect that the sites where you download them from get your full name and email address. Quite possibly people would change their internet usage drastically if they knew beforehand that they would be personally identified every time they download something.

dr_andus:
I agree with this interpretation. This pertains to Dropbox for Business accounts. The way I see it Dropbox is making available a way for business owners to see what kind of file transfers their employees are engaging in and with whom.
-Innuendo (March 01, 2014, 05:36 PM)
--- End quote ---

Not so. The privacy policy clearly says “If you are not a Dropbox for Business user but interact with a Dropbox for Business user..." So this is not about employees. It's about Basic and Pro account users who have no relationship with that particular business, they just happened to download a file from that account, perhaps even without realising it was a file on a Dropbox account. E.g. some people host image files on Dropbox. You visit their webpage and automatically download the image. According to this the owner of that website may receive your full name and your email address. Is that reasonable?

app103:
So, a 1 pixel transparent gif file embedded on a web page, served from a Dropbox for Business account would be a great way to gather a big list of names & email addresses of your website's visitors. And since you are paying for this wonderful service provided by Dropbox, it's essentially the same as them selling you that information about your site's visitors. That's a mighty powerful web bug service they are selling there. More powerful than serving that 1 pixel gif from your own server, which would not collect names and email addresses.

dr_andus:
So, a 1 pixel transparent gif file embedded on a web page, served from a Dropbox for Business account would be a great way to gather a big list of names & email addresses of your website's visitors.
-app103 (March 01, 2014, 11:17 PM)
--- End quote ---

Yes, this was exactly my concern. Moreover, this would be segmented data of potentially higher-value visitors because we can presume that Dropbox Basic and Pro users are more sophisticated than your average internet user. E.g. they are more likely to be syncing data across various platforms and own and use smartphones and tablets.

If this is really how this is going to work, then this raises again the question whether this is approaching a spyware situation. They are definitely not going out of their way to alert Basic and Pro users about this significant change. They don't mention this either in the email users receive, or on the blog post they link to. You will have to read the Privacy Policy yourself to find this out, which only a tiny fraction of users are likely to do, especially as there is nothing in the email suggesting that there is a drastic change. I find this a very underhanded way of selling out the Basic and Pro user base to the Dropbox for Business user base.

There is an analogy here with LinkedIn, whereby you can opt in to the feature which allows you to see who has visited your profile. However, there is a very clear warning step where you need to agree to participate, and it's reciprocal, i.e. others will also see when you have viewed their profile. Moreover, this feature is available to both free and paying users. What Dropbox is doing is very hush-hush. It looks to me like they don't want Basic and Pro users to find out that their identity is being sold to Dropbox for Business users.

Innuendo:
So this is not about employees. It's about Basic and Pro account users who have no relationship with that particular business, they just happened to download a file from that account, perhaps even without realising it was a file on a Dropbox account.-dr_andus (March 01, 2014, 06:19 PM)
--- End quote ---

If I am a business owner & people who have no relationship with my business are downloading files from my repository, I want to know who downloaded and what was downloaded. Besides, if you have no relationship with my business then what are you doing downloading my files?

People downloading files and not even knowing what the source is of those files is the problem. What's going on here is just an audit trail for business activity.

Navigation

[0] Message Index

[#] Next page

[*] Previous page