Dropbox Revises Terms of Service After Security Debacle
Not too long ago we covered Dropbox's security lapse, during which time users' data was available to anyone for about four hours. Now, in an effort to mend broken digital relationships, Dropbox has revised its terms of service, privacy policies and security overview to be more transparent and remove near-incoherent "legalese." Here's what you should know …
On July 1, 2011, the official Dropbox blog noted the company e-mailed every user about its service changes, including the aforementioned legalese reduction, but there's more. Dropbox also made it more transparent in how it handles encryption: yes, the company handles users' encryption keys, but that doesn't mean users can't add their own encryption. Dropbox has now spelled out exactly how it handles the encryption keys and how users can enhance the security of their data by using their own encryption on top of it.
Lastly, Dropbox updated its mobile apps to ensure encryption of data over the air, and has now made it clear when mobile media cannot be encrypted.
What can the channel take from Dropbox's moves? Both cloud providers, customers and resellers alike may want to brush up on their terms of service contracts when deploying and/or buying a cloud backup solution. Cloud service users should be smart on how their data is used and how a service provider handles the data once the relationship is terminated. While a cynic could say that Dropbox is sprucing up its ToS to mitigate legal action from the last mixup, others may see this move as Dropbox pioneering more transparency for a controversial and hot-button topic that is privacy in the cloud.
Either way, take Dropbox's rise and fall (or stumble) as a cautionary tale for the future of cloud data solutions.