Saturday, July 2, 2011

Dropbox Warning!

We all know and love Dropbox, the web-based service that lets us share files between our computers using 'Cloud' technology, right?  Just drop your files in the Dropbox folder, and you can access them from any other Dropbox connected computer.  Great concept!

Here's the problem: By using a 'Cloud' service, you essentially allow someone else to hold your data for you, and you are subject to their whims as to what they can do with it.  Previously, Dropbox had a pretty decent statement of how they would hold your data.  It was all supposed to be totally private, not even Dropbox employees could get at it.  Until the US Government demanded some data that Dropbox was holding.  And then it turns out that Dropbox employees could indeed access data if it was necessary, such as to comply with a court order.  Or if some bored, disgruntled employee decided they wanted to snoop.

Now it's worse.  Dropbox just changed their Terms of Service (TOS), and there's some worrisome language in there that essentially assigns full copyright to all of your data to Dropbox: 
'By submitting your stuff to the Services, you grant us (and those we work with to provide the Services) worldwide, non-exclusive, royalty-free, sublicenseable rights to use, copy, distribute, prepare derivative works (such as translations or format conversions) of, perform, or publicly display that stuff to the extent we think it necessary for the Service.'
Oh, and sublicenseable, meaning they can let anyone else use your data as well.   Is that what you signed up for?  Is that okay with you? 

This is one of my biggest problems with 'Cloud Computing'.  It's like handing someone your wallet, and trusting them to just hold it, not let anyone else access it, and not access it themselves.  The pressure is just too great for them to just snoop a little, or give in to demands from others to get access for various reasons.  This has always been my problem with Cloud Computing, but the market was all gung ho with a new buzzword, a new (not really) concept, and a huge marketing push to drive customers.  What providers like about Cloud Computing is that it's portable.  They can build new data centers anywhere it's cheap to do so.  Cost of doing business in Hong Kong getting too high?  Let's move the datacenter to Thailand.  Somewhere that labor and rent is cheap.

Dropbox is very convenient.  But is it worth giving away your data?

This and all other articles on this blog are © copyright 2011 by Daniel G. Dillman