iTnews
  • Home
  • News
  • Technology
  • Storage

Researcher files FTC complaint against Dropbox

By Nicole Kobie
May 17 2011 7:24AM
Follow google news

Cloud storage firm isn't honest about security practices, researcher claims.

A PhD student has filed a complaint with US regulators accusing Dropbox of offering an insecure service.

Researcher files FTC complaint against Dropbox

Christopher Soghoian first highlighted issues with Dropbox's security in April, but decided to follow that up by filing a complaint with the US Federal Trade Commission.

The complaint accuses the cloud storage firm of "deceptive trade practices" for not coming clean about how its security works.

Soghoian claims that although Dropbox files are encrypted, employees have access to the keys and can access users' data - despite the site previously claiming otherwise.

"If Dropbox disclosed the full details regarding its data security practices, some of its customers might switch to competing cloud-based services that do deploy industry best practices regarding encryption, protect their own data with third-party encryption tools, or decide against cloud-based backups completely," the filing said.

The document notes that rival cloud storage firms do offer full encryption, and have to charge more because they can#t deduplicate files.

For example, if a Dropbox user uploads a file that another user also has, Dropbox can identify the copy and retain only one version.

However, by claiming to offer a similar service as such rivals and charging less, Dropbox is being unfair to the competition, the filing said.

The filing also alleges Dropbox lied about the use of SSL for its mobile app, with the storage firm admitting it traded off security for performance for transferring metadata sent via mobile connections.

Soghoian is asking the FTC to force Dropbox to come clean about how its security works on its website, advise its 25 million users that it has access to their unencrypted data, and to offer refunds to any users that paid for Pro accounts.

"We believe this complaint is without merit," said company spokeswoman Julie Supan, noting Dropbox had addressed the issues in a blog post in April. "Millions of people depend on our service every day and we work hard to keep their data safe, secure, and private.”

Soghoian is studying for his degree at Indiana University, but has previously worked for the FTC. He is also one of a few privacy specialists who spoke out after being approached by Facebook as part of a negative PR campaign against Google.

This article originally appeared at pcpro.co.uk

Add iTnews as your trusted source

Add iTnews As Your Trusted Source Add iTnews As Your Trusted Source
Got a news tip for our journalists? Share it with us anonymously here.
Copyright © Alphr, Dennis Publishing
Tags:
againstcomplaintdropboxfilesftcresearcherstorage

Related Articles

  • Government data sharing law falls flat Government data sharing law falls flat
  • APRA to modernise data stack with Databricks on Azure APRA to modernise data stack with Databricks on Azure
  • CASA exploring AI for digital asset operations CASA exploring AI for digital asset operations
  • In Pictures: NEXTDC & Vocus AI infrastructure roundtable in Melbourne In Pictures: NEXTDC & Vocus AI infrastructure roundtable in Melbourne
Join our WhatsApp Channel

Partner Content

You meet the security standard. Shame no one can see it
Promoted Content You meet the security standard. Shame no one can see it
The hidden economics of AI: Why token usage matters more than you think
Partner Content The hidden economics of AI: Why token usage matters more than you think
Why resilient communications are becoming critical infrastructure for modern enterprise IT
Promoted Content Why resilient communications are becoming critical infrastructure for modern enterprise IT
Scalable AI solutions: secure delivery
Scalable AI solutions: secure delivery

Sponsored Whitepapers

Are Australian organisations as cyber-ready as they think?
Are Australian organisations as cyber-ready as they think?
Are New Zealand organisations as cyber-ready as they think?
Are New Zealand organisations as cyber-ready as they think?
From visibility to execution: Fixing the SaaS management gap
From visibility to execution: Fixing the SaaS management gap
When cyber risk has no clear owner: A practical guide for senior Australian business leaders
When cyber risk has no clear owner: A practical guide for senior Australian business leaders
Agile in the AI Era: why projects still fail
Agile in the AI Era: why projects still fail

Events

  • iTnews State of Security Breakfast iTnews State of Security Breakfast
  • iTnews State of Data & AI Breakfast iTnews State of Data & AI Breakfast
  • Forrester's AI Forum Sydney Forrester's AI Forum Sydney
  • The 2026 iAwards The 2026 iAwards
  • Integrate 2026 Integrate 2026
Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

All-flash storage slowly making its mark on Aussie enterprise

All-flash storage slowly making its mark on Aussie enterprise
NSW govt data centre goes down after power outage

NSW govt data centre goes down after power outage
Alienated from your own data? You’re not alone

Alienated from your own data? You’re not alone
ATO to match data for early access super scheme, JobKeeper crackdown

ATO to match data for early access super scheme, JobKeeper crackdown
techpartner.news logo
Sydney-based AI-cloud waste startup raises $3m
Sydney-based AI-cloud waste startup raises $3m
Brennan uses NiCE to modernise its contact centre
Brennan uses NiCE to modernise its contact centre
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Interactive introduces private cloud platform
Interactive introduces private cloud platform
Digital61 expands cybersecurity portfolio
Digital61 expands cybersecurity portfolio
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.