Security News > 2011 > May > Dropbox Lied to Users About Data Security, Complaint to FTC Alleges
http://www.wired.com/threatlevel/2011/05/dropbox-ftc/ By Ryan Singel Threat Level Wired.com May 13, 2011 Dropbox, the wildly popular online storage system, deceived users about the security and encryption of its services, putting it at a competitive advantage, according to an FTC complaint filed Thursday by a prominent security researcher. The FTC complaint charges Dropbox (.pdf) with telling users that their files were totally encrypted and even Dropbox employees could not see the contents of the file. Ph.D. student Christopher Soghoian published data last month showing that Dropbox could indeed see the contents of files, putting users at risk of government searches, rogue Dropbox employees, and even companies trying to bring mass copyright-infringement suits. Soghoian, who spent a year working at the FTC, charges that Dropbox âhas and continues to make deceptive statements to consumers regarding the extent to which it protects and encrypts therir data,â which amounts to a deceptive trade practice that can be investigated by the FTC. Dropbox dismissed Soghoianâs allegations. [...]