Main Area and Open Discussion > Living Room
Dropbox and privacy (or lack of)
dr_andus:
This caught my eye...
Dropbox erects sueball shield with new T&C and privacy legalese • The Register
There are a couple of interesting-looking additions to the policy. Here's one:
“If you are not a Dropbox for Business user but interact with a Dropbox for Business user (by, for example, joining a shared folder or accessing stuff shared by that user), members of that organization may be able to view the name, email address and IP address that were associated with your account at the time of that interaction.”
That may give you pause before you download something from a Dropbox for Business account.
--- End quote ---
How would this actually work? I presume that one would need to have the Dropbox app running on the PC or be logged on in a browser for Dropbox to see who exactly had downloaded the given file (?)
Also, is there a way to identify that you're downloading from a Dropbox for Business user, in order to avoid such an interaction? This sounds all too murky to me, and disconcerting...
tomos:
I wonder does all that stick - I mean does it really work if they just say you agree to not do a/b/c? A lot of it seems unreasonable, but I guess the real point is whether it's legal.
I almost posted about the email from dropbox the other day:
email from dropbox about changes to TOS:We want to let you know about some upcoming updates to our Terms of Service and Privacy Policy. These updates will go into effect on March 24, 2014.
You can find more details on our blog, but here’s a quick overview:
We’re adding an arbitration section to our updated Terms of Service. Arbitration is a quick and efficient way to resolve disputes, and it provides an alternative to things like state or federal courts where the process could take months or even years. If you don’t want to agree to arbitration, you can easily opt out via an online form, within 30-days of these Terms becoming effective. This form, and other details, are available on our blog.
We’ve added a section to our Privacy Policy that discusses our recently launched Government Data Request Principles. We’ve also made clarifications to better explain how our services will use your information. For example, we explain that when you give us access to your contacts, we’ll store them so that you – and only you – can do things like share your stuff easily, no matter what device you’re using.
We’ve also updated our Terms of Service and Privacy Policy to better explain and reflect our growing list of features for Dropbox for Business customers.
While we’ve simplified much of the language, our commitment to keeping your stuff safe and secure hasn’t changed. We don’t sell your personal information to third parties. We don’t serve ads based on the stuff you store in our services. As always, your stuff is yours.
If you have any questions about these updates, you can read more on our blog or email us at [email protected].
TOS: https://www.dropbox.com/terms2014
Blog: https://blog.dropbox.com/2014/02/updating-our-terms-of-service/
Vurbal:
This caught my eye...
Dropbox erects sueball shield with new T&C and privacy legalese • The Register
There are a couple of interesting-looking additions to the policy. Here's one:
“If you are not a Dropbox for Business user but interact with a Dropbox for Business user (by, for example, joining a shared folder or accessing stuff shared by that user), members of that organization may be able to view the name, email address and IP address that were associated with your account at the time of that interaction.”
That may give you pause before you download something from a Dropbox for Business account.
--- End quote ---
How would this actually work? I presume that one would need to have the Dropbox app running on the PC or be logged on in a browser for Dropbox to see who exactly had downloaded the given file (?)
-dr_andus (February 26, 2014, 11:46 AM)
--- End quote ---
According to their website there's a web-based admin interface. I suspect there's also some way to download some kind of activity log using desktop software or a mobile app.
dr_andus:
How would this actually work? I presume that one would need to have the Dropbox app running on the PC or be logged on in a browser for Dropbox to see who exactly had downloaded the given file (?)
-dr_andus (February 26, 2014, 11:46 AM)
--- End quote ---
According to their website there's a web-based admin interface. I suspect there's also some way to download some kind of activity log using desktop software or a mobile app.
(see attachment in previous post)
-Vurbal (February 26, 2014, 01:42 PM)
--- End quote ---
Thanks. But actually I was thinking about it from the non-business users' perspective who do not want to have their personal data collected by Dropbox for Business users. E.g. does one need to log out from all Dropbox accounts and exit Dropbox apps before clicking on an innocent-looking URL of a file that might be coming from a Dropbox for Business account (to avoid being "data collected")?
wraith808:
I think that if you want no information to be passed, you'd have to do more than that. But it could possibly work for identifying information. It might not even work for that, depending on how they correlate. When you use the dropbox for PC app (or are logged in for pretty much anything) the IP is there and can be recorded. If they correlate that to your account, then they have the information, even though you might be currently logged out. Some sort of anonymizing connection would be your defense.
Navigation
[0] Message Index
[#] Next page
Go to full version