Patents optimize

Dropbox update (Updated): Terms of Service are in flux

If you're one of the 25 million people using Dropbox, expect an email from Dropbox management. Policies concerning you are changing.

Drop box has been in the news lately:

I wrote about the first two Dropbox issues. The third problem seems to be a mistake and, we all make those.

Now what?

It seems much of the controversy centers on Dropbox policies. True to form, they are the focal point once again.

During the first day of July 2011, Dropbox management revised several of their online policies -- specifically; Terms of Service (ToS), Privacy Policy, and Security Overview.

Here's what changed in the ToS:

"We sometimes need your permission to do what you ask us to do with your stuff (for example, hosting, making public, or sharing your files). By submitting your stuff to the Services, you grant us (and those we work with to provide the Services) worldwide, non-exclusive, royalty-free, sub-licensable rights to use, copy, distribute, prepare derivative works (such as translations or format conversions) of, perform, or publicly display that stuff to the extent we think it necessary for the Service. You must ensure you have the rights you need to grant us that permission."

The term "stuff" bothered me. I finally found what Dropbox considers "stuff":

"By using our Services you may give us access to your information, files, and folders (together, "your stuff"). You retain ownership to your stuff. You are also solely responsible for your conduct, the content of your files and folders, and your communications with others while using the Services."

The above changes made to the ToS raised a ruckus; witness for yourself on the Twitter account Dropped Box. The site icon could be considered offensive.

The very next day July 2, Dropbox changed the ToS policy to reflect feedback:

"We asked for your feedback and we've been listening. As a result, we've clarified our language on licensing:

You retain ownership to your stuff. You are also solely responsible for your conduct, the content of your files and folders, and your communications with others while using the Services.

We sometimes need your permission to do what you ask us to do with your stuff (for example, hosting, making public, or sharing your files). By submitting your stuff to the Services, you grant us (and those we work with to provide the Services) worldwide, non-exclusive, royalty-free, sub-licensable rights to use, copy, distribute, prepare derivative works (such as translations or format conversions) of, perform, or publicly display that stuff to the extent reasonably necessary for the Service. This license is solely to enable us to technically administer, display, and operate the Services. You must ensure you have the rights you need to grant us that permission.

Drew & Arash"

Contentious part

It appears that Dropbox is saying they have rights to do anything they want to with "stuff" after it is uploaded to Dropbox servers:

"By submitting your stuff to the Services, you grant us (and those we work with to provide the Services) worldwide, non-exclusive, royalty-free, sub-licensable rights to use, copy, distribute, prepare derivative works (such as translations or format conversions) of, perform, or publicly display that stuff to the extent reasonably necessary for the Service."

I suspect that Dropbox management feels they need this to cover themselves when members share their "stuff" with others. Is that your take?

Not alone in this

As I was preparing this post, I asked a colleague what she thought about this. She said it's not uncommon; Facebook, she added, has something similar. Oh -- really? I had to check that out.

From the Facebook Statement of Rights and Responsibilities:

"For content that is covered by intellectual property rights, like photos and videos ("IP content"), you specifically give us the following permission, subject to your privacy and application settings: you grant us a non-exclusive, transferable, sub-licensable, royalty-free, worldwide license to use any IP content that you post on or in connection with Facebook ("IP License"). This IP License ends when you delete your IP content or your account unless your content has been shared with others, and they have not deleted it."

Instead of "stuff", Facebook defines Intellectual Property as:

"Intellectual property (IP) is a term referring to a number of distinct types of creations of the mind for which a set of exclusive rights are recognized-and the corresponding fields of law. Under intellectual property law, owners are granted certain exclusive rights to a variety of intangible assets, such as musical, literary, and artistic works; discoveries and inventions; and words, phrases, symbols, and designs."

Like Dropbox, Facebook has a section that attorneys love:

You grant us a non-exclusive, transferable, sub-licensable, royalty-free, worldwide license to use any IP content that you post on or in connection with Facebook ("IP License")."

What does it mean?

Beats me. I'd need to be an attorney specializing in intellectual property to understand. One thing I do know -- there's a lot at stake. Meaning, entities such as Dropbox and Facebook are motivated to protect their figurative behinds, so we need to do the same.

Update (04 Jul 2011): I asked Dropbox management about the policy changes, but have not received an answer as of post time. Update (08 Jul 2011): Dropbox has again altered their Terms of Service. It appears they have been listening. Much of what has been questioned by myself and members in the comments has changed. Please read the new version and let us know what you think.

I also received the following update from Julie Supan, Dropbox spokesperson:

"Millions of people rely on Dropbox for their life's work and are passionate about the service.  People felt our terms were unclear and we wanted to make them easier to understand. We value our users' trust and we will continue to listen to them closely."

About

Information is my field...Writing is my passion...Coupling the two is my mission.

44 comments
Jill_McGinnis
Jill_McGinnis

Very nice post, very informative! I'm glad to have found it surfing through the web. YouTube to mp4

fjpoblam
fjpoblam

Google has ALWAYS had this wording for ALL its products (e.g., Gmail, Docs, Calendar, old Notebook, Picasa, Youtube, Blogger...): Terms item 11.1 state "By submitting, posting or displaying the content you give Google a perpetual, irrevocable, worldwide, royalty-free, and non-exclusive license to reproduce, adapt, modify, translate, publish, publicly perform, publicly display and distribute any Content which you submit, post or display on or through, the Services."

online
online

I won't quit using them. I understand the concerns, but I'm not that concerned. Anything I put on Dropbox that I consider sensitive is in Truecrypt containers. The remainder wouldn't affect my privacy or livelihood if someone got ahold of it. Simple.

craig
craig

"worldwide, non-exclusive, royalty-free, sub-licensable rights to use, copy, distribute, prepare derivative works (such as translations or format conversions) of, perform, or publicly display that stuff" This means they can sell your "stuff" and give you nothing in return, not only that but they can sell a license to your stuff, sell to someone else the right to sell licenses to it, show it, add to it (for instance turn a story about a cute bunny into a pro-nazi hate story and presumably leave your name attached) and all without giving you a dime. Upload a cool picture, then some media outlet pays a million dollars for it, guess what you get, yep, nothing! happy birthday!

sperry532
sperry532

I'm not a lawyer, nor do I play one on TV. However, I work at a law firm and it tends to rub off. Ignoring the potential legal quagmire of putting confidential or privileged information on Dropbox, it seems a very bad idea to use it under the ToS as written. Essentially, Dropbox is telling you that if you put it on their servers, they can access it, and use it. Example: One of the marketing geeks just "happens" across a nice piece of art that a user uploaded. Under the ToS, marketing can then use that art, in a slightly changed form (derivative), in their marketing collateral without notice, acknowledgment, or payment to the original user. Or so it appears. Admittedly, this is an extreme example, but this is why good attorneys define everything to the nth degree. There must be absolutely no room for misunderstanding. Bottom line, friends don't let friends use services with vague and questionable ToSs

chrisp1591
chrisp1591

To a lay person it does sound like "giving away your IP rights".

dairobi
dairobi

Here's what I got from my queries to Dropbox: Me: Does the following (i.e. the paragraph quoted in Michael's article) mean that you and those you work with can use the files I put in Dropbox in any way you want? If so, this is the end of my relationship to Dropbox because that's totally insane. Kevin Dropbox: Thanks for writing to Dropbox. That section is meant for files that you make public or share with other users. If you choose to make a file public the world has access to it and you can't expect royalties, etc. Your private files are not released in that manner. Please contact us if you have any other questions. Me: Thanks for your quick reply, Kevin. If I???m sharing my files with just one person or a specific number of people, and not the World, what the situation then? Kevin Dropbox: Same. As the text says, "for example, hosting, making public, or sharing your files." So, it seems that as long as you don't share your files they have no rights to them. My current plans are to disengage with Dropbox and find another solution, unless they back down from the new TOS. It's a shame because it was really a great service. Now it's just another social networking legal nightmare.

mishkafofer
mishkafofer

Trying to use hip terms in legal document makes it all look like a PR mess.

techrepublic@
techrepublic@

I use rsync+ssh to syncing (and backup) my personal systems to a internet server. All files are encrypted with encfs or gpg (for the "stuff" I want to share). Why does so many people use Dropbox when far better options are available?

h8usernames
h8usernames

From memory Google also has these types of terms for Google Apps. Google took harsh criticism a few years ago about it but I'm not sure how much has changed. From my point of view I prefer (but still don't like) Facebooks version because if at any time I feel that my IP is going to be misused I can delete the content or my account and the IP rights I have given Facebook are immediately cancelled and Facebook can no longer use that content. A few years ago I wrote a custom web application for a print house that dealt with large format file sharing, my lawyers recommended similar terms but instead of this style of disclaimer we found that a liability waiver was better for us and the client. This meant that the sole responsibility for IP rights fell on that of the party uploading the information and we took no responsibility if there was an issue with the IP. The client initially had a problem because of the "what if you screw up and the information gets online before it can be printed resulting in loss of income?", in this case if it was our app that caused the problem our professional liability insurance would cover it but the terms were specifically covering the IP side of the problem. In response we still supplied the alternative of granting us IP rights and explained that we can act on behalf of an authorised party in delivery if we have a liability disclaimer but without it we would require the IP rights to for delivery otherwise it could be seen as copyright infringement (this is the basic gist anyway). In our case the issue was 3rd party designers that did not own the rights to trademarks and copyright material were uploading files for printing items such as billboard posters. The designers had the right to provide copies of the material to the printers and companies they use in service delivery (very standard clauses in these types of contracts) so we used that. We also had a box on every upload to the servers confirming that and making it clear that the designer has liability should they be doing something wrong, we also made sure there was a box to confirm that they have permission to provide the copy to our client. I have been considering redeveloping this over the past couple of months however I haven't been able to get a straight answer if the same terms can be used due to changes in the IP laws. The only thing we have been told is if the client has the server (or VPS) under their name and the software is licensed to allow the upload of items that the client has the permission to provide to the specified 3rd party/parties and the 3rd party/parties are advised of the permission(s) they have been granted prior to download and they must agree then our liability to the IP is almost completely negated with responsibility going back to the user uploading and the licensee that is responsible for the usage of the application being on a server under their control. But it is a complicated situation, there are a few other aspects but this is the big one. I hope all that make sense you you guys, I had to re-read the legal liability assessment of this about 3 times before I understood it as this (more basic) version. What do you guys think of this type of license and solution allowing professionals to securely share their files with clients/colleagues?

zefficace
zefficace

Nevermind the IP considerations, just the terms "to the extent reasonably necessary for the Service." is vague enough. It means that you have to trust the judgement of people unknown (their employees) to have access to your data for various undefined reasons relative to the service offered. What is "reasonably necessary" for a dropbox employee might not be for me. As a lawyer (in Quebec, not US), this sort of thing sends chills down my back. And the French version of the TOS isn't any better. In any case, I can't use dropbox for my clients files. There is no access that I can grant to a third party because of client-attorney privileges, under any circumstances, even if I own the IP for those files. In my opinion, it also means that you can't really put anything in dropbox (or other similarly licenced services) that you have not created yourself or do not own the IP of entirely. You can't transfer that e-book you bought since you can't grant any IP rights on that. You can't put a text your friend wrote and want to read later at home, because your friend owns the IP. Since most things created on the job have their IP rights in the hands of the employer, you can't even put thoses documents you created yourself in dropbox because they're job related. In other words, unless the content of my dropbox is entirely my creation (documents, and photos), I'm technically in violation of the terms of service because I couldn't grant IP rights on at least a portion of the content. Mind you, I'm convinced that you won't have any "real" problems if you use the service. I'm sure that I could use dropbox for years for my client files without anybody complaining. But, I refuse to take that chance. Even my personnal files will not be subjected to such terms. I might not be in the US, but "legalese" is pretty much the same everywhere and I can't trust such wording at all.

h8usernames
h8usernames

Google have had this wording for a few years now and it did cause a stir a few years back but it basically used it's company motto of 'don't be evil' as half the response to criticism, the other half was more or less "we don't need to misuse the terms to make more money because you give us billions anyway". This eased many fears somehow.

Michael Kassner
Michael Kassner

The entities using it are all concerned about uploaded information.

Michael Kassner
Michael Kassner

But, you are aware of this or are now. There are many many people that aren't. And, they have sensitive data on Dropbox.

h8usernames
h8usernames

In a nutshell this is correct, however in this sort of situation I don't believe these terms will actually hold up in court, but the main extent of my expertise is corporate not IP. The courts will ask a few questions like: Does this clause represent fair treatment of the user? Does the actions of Dropbox represent the nature of the agreement when it was entered into? Could Dropbox reasonably expect to profit from the sale of items that users have posted into their account? Has the action taken been in violation of the good faith that a reasonable person would provide when entering into such an agreement? The thing is the purpose of the clause is not to profit but to allow Dropbox to send the file to another person (regardless if you know them or not) via the service based on the permissions you have given. The nature of the clause is to allow Dropbox to provide the service you have requested without the express risk of liability. I believe that should another person sell your image, without this clause Dropbox could well be liable to you for royalties even though it was your actions that allowed the other person access to the image and this is when the clause would stand up in court. You also need to understand before taking on such a case you need to be able to prove the image is your IP or copyright, if you took the image how can you prove that?

Michael Kassner
Michael Kassner

Your two comments: "There must be absolutely no room for misunderstanding." And: "Bottom line, friends don't let friends use services with vague and questionable ToSs." Are important allowing us to make informed decisions.

Michael Kassner
Michael Kassner

I wish I had the money to afford the services of an attorney with IP experience.

h8usernames
h8usernames

Your more or less right on the "as long as you don't share your files they have no rights to them" part but this is only if you do not upload the items to their server in the first place. You will probably find that simply by uploading the file(s), due to the vague nature of the document, should there be be any violation you wish to pursue, they will likely argue that you granted them worldwide rights to distribute the documents, files and content held within as specified in the IP portion of the ToS, that this should withstand scrutiny as the examples are specified only as examples and these examples are not specified as the only way the files are handled or dealt with. They will also argue that the term "hosting" is defined by "upload and storage for any quantity of time" so the second you send your file to them they will instantly have all the rights they may need or want over the property of the document. Unfortunately this argument should win in most courts I'm familiar with. The only thing that I can think of that may sway the argument (but probably won't win it unless the judges personal views were aligned with yours) would be the view that the ToS was unfairly drafted and does not provide adequate rights to the customer in the event that Dropbox does something wrong. Dropbox just needs to say that you were given adequate time to remove content and cancel the account. As I said, the judges view would have to be closely aligned to yours to win this.

Michael Kassner
Michael Kassner

I appreciate your providing the information. I still have not heard from them. I was hoping to. We had a good exchange for the first article I wrote about Dropbox. The problem, my attorney friends and the lawyers commenting here seem to point out is the ToS can be interpreted to mean they can use your IP. I don't necessarily believe they will, but there is the potential.

h8usernames
h8usernames

Definitely agree, personally I don't like legal docs that are designed to look like something they aren't or that are designed to influence people in a way that could have them agreeing to something they don't want to. They are trying to disarm the younger generations with this and get them to agree without really seeing the forest for the trees.

h8usernames
h8usernames

I think people don't use alternatives because they don't know about them. A great example is how many "social networks" do you know of? A recent survey has shown over 500 "popular social networks" exist (sorry I cannot find the link to the resource now but do a quick search and you will find websites that list hundreds regardless), so have you joined "Avitars United" or "Cloob"? Did you even know these websites exist? I only found them now on Wikipedia in a list of "social networks". The best way to move people to better services is to tell them, invite them to use the service and encourage them. Marketing is bloody hard and the likelihood that my company with a better solution than what is being used can reach you is pretty minimal, even with massive marketing budgets then will you get my message? I doubt it. So do your part to spread the word of great services you find. Don't be embarrassed to recommend but do make sure you're recommending something that is likely to be valuable to the person you're recommending it to. For example I would not recommend TechRepublic to my mother who is in her mid 50s and only got the nerve to turn the computer on a couple of years ago but I would recommend it to my dad who has always been and early adapter to technology and does some work for technical companies as an accountant.

Michael Kassner
Michael Kassner

What is better for you may not be for others. I am not sure, is your approach automated? That might be a problem to many. Also the real key is syncing to mobile devices and apps. That is where Dropbox is amazingly convenient.

Michael Kassner
Michael Kassner

Dropbox is international. Did your ToS statement reflect what I posted in the article? It would be quite a task to have all these policies reflect specific laws in each country. Might that be why the ToS is so "unspecific"?

zefficace
zefficace

We're not, but what we do is confusing at best. I can only tell you how things would go here in Quebec, but it can give you an idea. So as a disclaimer, I don't pratice in the US, and urge you to continue your relation with your attorneys. In any case, such disclaimers, that dump the responsability on the party uploading the files are fine for both you and your client. Unfortunatly, they only form a type of defense, not a complete cut-off of any risk of litigation. Understand that the party which actually owns the IP did not accept, read or have knowledge of your terms. In light of which, the IP owner is not bound by the terms of any terms you put up. Those terms do allow you to "dump" the costs of damages on the party which has in fact uploaded files without permission. Your defense, based on the responsability lying with the party that uploaded the files, would probably hold up fine here in Quebec. Since the principles of IP are pretty much the same globally, I would imagine it would work in the US too, but I can't say for sure. In any case, you can write the most complete, sophisticated, legally magical terms you can, but if the party suing hasn't accepted those terms, they can still try to sue you as they please. The terms will probably keep you from paying out of your pocket, but might still see litigation. That is the thruth In other words, you (and your client) should be protected from actual damages with a waiver, but not necessarily from having to deal with some kind of litigation, should the IP owner think it an absolute need to sue everybody, even the print house. You probably won't like my answer, but then, we lawyers don't make it easy now do we? But remember, we lawyers don't make the laws, the government does!

Michael Kassner
Michael Kassner

Your comments are helpful. I was curious about how this applied in other countries. With these terms, could they alter the data? I realize they probably would not, but? In my quest, I also tried to find how Dropbox defines "reasonable" and could not.

Michael Kassner
Michael Kassner

I agree, momentum--more people using it--makes app developers less nervous to use Dropbox as a syncing tool for their app.

techrepublic@
techrepublic@

For some people Dropbox may be the best option available, but I find it hard to believe that it is the best for the many that use it, considering the other available options. As for my approach, it does require some work and knowledge to setup, in particular the server side (e.g. ssh, apache), and is beyond the abilities for the mythical average user. The sync/backup runs are fully automated and don't require any action or knowledge from the user. I have this sync/backup approach setup in hundreds of systems (desktops, laptops, and servers) in several companies. Several friends and family also use this setup. I have been unable to setup adequate encryption on Android and iOS so they are banned from the sync/backup servers due to the obvious potential for information leaks and security compromises. Phones being lost (or stolen) are a frequent occurrence. edit: strive for better english :)

h8usernames
h8usernames

We were lucky Michael, we only had to write specific ToS (for lease of the server), contract (for product development and scope) and usage license (for ongoing payment for management and maintenance) for New Zealand due to the application being a custom development and the other party also being a legally incorporated entity in New Zealand. They 'owned' the application even though the IP of the application was retained my ourselves. We were able to be very specific. As the application was being developed for a specific party and for their exclusive use, even under their discretion they could provide access to any specified party, we had the same liability of a "standard" employee of the client that contracted us under the contracts law at the time. Many developers do not understand the type of liabilities they face as they don't consult the right lawyers half the time, that is if they consult lawyers at all. It is very complex and confusing, developers are not stupid but normally we don't know where the lines are. For example, my customer is a company, a company member authorised to open, provide information to my business as a supplier and maintain the account has access to the system, he/she creates a login for another staff member who has not been authorised to have the information provided about the company, I am now sharing "private" or "confidential" and potentially damaging information about the company with an unauthorised party putting my business in a position where we may be liable, so what do I need to do to cover myself as a developer/SaaS provider? Most developers don't think or understand about these aspects of where their liability stands. If I were to produce the application now on a SaaS basis then I would probably be advised by my IP lawyers to use something very similar to Facebook, Google and Dropbox. ToS for an international service is a pain because of what you have pointed out, it needs to be enforceable and relevant in every country and district/state the service is provided in. This is what I'm thinking about, do I want to open myself up to this scrutiny and liability? Is it worth it to produce this product? Thinking about it, I do wonder how other free email providers and IM providers deal with it? Could be an interesting follow up for you Michael? One thing that from a legal standpoint does raise concern also is the way the ToS is written, if Google, Facebook or Dropbox wants to publish a book of your innermost thoughts with the pictures of your girlfriends half nipple that you accidentally uploaded and didn't realise, they have permission to do so if you have put that content on their website or via their service. In the case of Facebook you can remove permission by closing your account or deleting the content where they would have to immediately remove it but the others could continue to use your information in this way should they want to. I'm sure the couldn't care less about me but think about the celebrities such as Cameron Diaz, Nicole Kidman, Mike Tyson and Micahel Kassner (haha) that have all sorts of bits and pieces that fans/gossips would pay to read.

zefficace
zefficace

@Michael Kassner: It's hard enough to cover all bases in just one jurisdiction, I can only imagine the nightmares they had while preparing those international ToS. I still stand by my comment on the ToS. The difficulty in making a ToS for international use is not an excuse. Those terms of dropbox still make their service unacceptable for my pratice period, and I don't like them personnally. @H8usernames, yeah we have those "predefined" terms too in Canada, and I know the US does too. We even have legal dictionaries and NZ & Australia too I'm sure! But, the terms in the dropbox ToS (reasonably necessary) do not qualify as predefined legal terminology in my opinion, might it be only for the IT aspect of those words.

des.allin
des.allin

Mr. Canadian lawyer, you need to be a little more careful with your spelling: viz. personnal, responsability, and thruth. For all the rest, great stuff. Desmond in Cape town.

h8usernames
h8usernames

Us lawyers are defiantly not evil, we're just a complete pain in the arse/ass for developers like myself, I feel like I have split personalities right now! And this is the other part I didn't go into but briefly mentioned because the size of my post would have been double in size! Thanks for the brief on the Canadian situation zefficace, this is a great help to me with this. There is a risk in NZ and Australia too but with delivery permissions from the copyright owner it is a very grey area according to my IP lawyer, the thing is if a graphic designer does not have delivery permissions the only way the actual IP owner has to collect their material and pass it on is with an authorised party to physically pick it up and deliver it on a physical format such as a disk, this party then requires express written consent for the designer to release it so delivery permissions are common even if designers don't really realise or understand it. Because this specific application transfers files between specified parties and would not address a group of any kind it meets a formal definition of "delivery method" in both New Zealand and Australia as long as the file is then removed from the server upon confirmation of delivery to the recipient. The question really is are the laws up to date enough to provide adequate protection to a developer and/or a service provider dealing in this area? Personally I don't think so but I'm no expert. I think the IP laws probably have a long way to go to before it is a truly viable solution to transfer IP protected information electronically when it is not the IP owner themselves doing the transfer. But will the laws ever be sufficient for this type of service? I doubt it. There are 2 other options (per my IP lawyers in NZ) that is an administrative pain in the backside and would raise viability concerns for this reason. The first one is for the IP owners to grant blanket consent on use of the system for all parties wishing to use it, this could be obtained by a user sending a waiver basically giving permission. The second is for the party uploading the content to get either specific written consent or to have it put into their contract that the use of the system is allowed. Both options would require us to have an original signed copy of the contract or waiver before granting access of the system to the user and we would have to restrict the files being used, probably based on a pre-defined file name for that IP owner and their specific property. Zefficace, out of interest, for transferring your clients files for your purposes, what is it you need to be in the ToS to make it viable for you? What in your opinion would be fair for a provider to be protected under Canadian law?

zefficace
zefficace

Definitions. They don't have any! It's hard even for a lawyer to truly figure out the intent of terms when they are not fully defined. Many contract, which make use of specific terms, will define them, to the point of having a special section for definitions so that parties are clear as to the meaning. Such quality is unfortunatly not found here, and can only generate unnessary litigation in the future. If they at least gave examples of "reasonably necessary"! But they don't, and as a lawyer I'm sure I can speculate, but I know better and won't. Examples would serve to give an idea, and the idea would define and limit the meaning of the terms to a point where both parties would probably have a shared common understanding of the terms. Right now, what those terms mean to dropbox, and what they mean to me are probably two very diffirent things. As for the data, yes they could modify it as they specify: "derivative works (such as translations or format conversions". How that fits in "reasonably necessary", I have no idea. Why would dropbox need to make derivatives or format conversions? How's that related to the necessities of the service? It's ridiculous, and I can't imagine a justification myself, but then I'm a lawyer with an interest in IT, so what do I know! I might just be clueless for matters of IT, not that I think so. Furthermore, I have big doubts as to the legality of such terms here in Canada because of our privacy laws. I haven't studied the question yet, but I could if there is an interest, although I know your public is mostly american.

tommyboy21
tommyboy21

Just took a look at the changes. Seems like they have really stepped back from the legal jargon to specify that they only need some room for providing "the Service." Anyone see anything concerning still?

h8usernames
h8usernames

We do have legal dictionaries too, I have mine gathering dust somewhere that I need maybe 1 or 2 times per year... freely available information that I had to pay for by purchasing the book, a great example

h8usernames
h8usernames

After reading the Spideroak Terms of Usage and Service Agreement they are actually open to litigation from copyright and IP owners but are employing a tactic to put responsibility back to the copyright and IP owners themselves. The reason being is the Spideroak service is still potentially technically playing a role in unauthorized distribution of copyright or IP material, the agreement is between the user and Spideroak not the owner and Spideroak. As mentioned previously ignorance is not a valid legal defense so Spideroak cannot say "but it was the user, we didn't know". Spideroak also hasn't taken much care to ensure users have permission of the IP owners when it is not their own, this could be seen as neglect of responsibilities and lack of duty of care as a service provider to ensure their services are only being used for a lawful purpose. They do have a statement saying that the service can only be used lawfully however I'm not convinced that this is enough when combined with the IP aspects being discussed. This is a professional approach they are taking saying we will do what we can in the event of an IP issue, however all they need is a company like Coke or McD's claiming against them and it's all over Rover. Even if Spideroak wins the costs will be significant and a smaller provider likely could not withstand this. Spideroak is trying to take the high road and I respect and admire this but I'm pretty certain in NZ and Australia they will be in trouble. From a user point of view I do like their terms much more than those of Dropbox, Facebook or Google. EDIT: as a quick after thought also, Spideroak in their terms have demonstrated a knowledge that their service does deal with IP related content, the lack of care in the rest of their terms could also be damaging to them.

Michael Kassner
Michael Kassner

That ability is due to the popularity of Dropbox. And, many users will find it difficult to give Dropbox up for single feature. For example, Docs To Go will sync with any Office file that is in the Dropbox folder.

zefficace
zefficace

But seriously, I didn't think about that. I actually don't share anything as a lawyer, as it kind of goes against the rules of practice in most situations. Evidently, from a personnal aspect, I see the problem of sharing. I don't know if spideroak got some secret sauce here. Will look into it.

Michael Kassner
Michael Kassner

Must come into play here. Isn't that where Dropbox would need the content un-encrypted? Otherwise, the party you are sharing the files with would need the encryption scheme and pass key.

zefficace
zefficace

I think spideroak is closer to what I need. I have yet to open an account, much less read the ToS, but their "zero-knowledge" policy is appealing. I think such is the way to go, but reserve my official opinion for later. For that matter, if dropbox wish to furnish a service, that's fine. But I see no reason for them to have access to the content of files. Have access to the files for backup yes, not to the content of them. The encryption on spideroak seems more to my liking personnally, but I have yet to decide if it is even usable as a lawyer. I have to compare their ToS to the file management rules set by the Bar, which I haven't had time to do.

Michael Kassner
Michael Kassner

I was hoping to get comments from people outside the United States. It is hard to discover a country's interpretation of documents like the ToS of Dropbox. As an ex-debater, I see all sorts of advantages in having a set of definitions. I do not think that is the case here in the United States.

Michael Kassner
Michael Kassner

I suspect that the ToS was drawn up by attorneys to be all-encompassing and to protect Dropbox as much as possible. Facebook's ToS seems similar. I did not ponder how the ToS fits with a country's privacy laws. That is a good point. As for viewing public, It is amazing, TechRepublic's reach is world-wide. I try to pay attention to that as much as I can. And why learning what people in other countries think is so important.

h8usernames
h8usernames

In NZ and Australia there are "common knowledge" terms that are specifically legal in nature and do not require any definition in contracts. The reason being is the terms are formally defined in legislation or other "recognised" locations that are "freely available". Also, in both countries, and most others around the world there is other law that states "ignorance is not a defence", this is generally applied in Criminal Law however it does have application in commercial law also and has been successfully argued in the past. "Freely available" happens to be one of these "common knowledge" terms that telcos love because it does not mean "free of charge" but "available upon request within a reasonable amount of time" where reasonable is not defined under "common knowledge" due to its meaning is relative to the context of the contract being entered into and 'should' be defined separately therein, this means that when this is used in a ToS or contract you can still be charged for your own information. I was caught out on one of these in 2000 so since then I have studied commercial law since but this only has an overview of IP so I will not pretend to know much about IP, I rely on my lawyers to get me specific information about that.