Dropbox Releases Revised TOS

vanstinator writes "Today Dropbox has released a revised Terms of Service agreement due to the controversy caused by their recent update. This new version clarifies their position on data ownership and makes it very clear that you, and only you, have a right to your data. This is welcome news to any serious Dropbox user." On the downside, though, NorbMan writes that a company called FilesAnywhere.com is "suing Dropbox, Inc. for trademark infringement. The complaint alleges that FilesAnywhere has been using the term 'DROPBOX' since 2004 as part of its service, and that Dropbox, Inc. has also closely duplicated one of its logo designs."

"dropbox"

[Joehonkie]

Dropbox is a generic term which predates either of those companies and I've frequently heard network shares named or referred to as "dropbox" or "drop box."

Re:

[Normal Dan]

If they win, I'm going to start using and patent and trademark the letter e. Then sue anyone who uses it.

Re:

[tripleevenfall]

You should patent being able to log in to any account without a password, like you could do on dropbox for a day or two last week

Re:

[Anonymous Coward]

4 hours, fyi. not a day or 2.

Re:

[account_deleted]

Comment removed based on user account deletion

HAHAHAHA

[Anonymous Coward]

You're missing the important lesson: bitching works!

Let's bitch, bitch, BITCH until we change the whole bitchin' world!

Re:

[lazybeam]

Not really "throw away" if you've been using it for eleven years!

Officeware filed long after Dropbox, too

[Anonymous Coward]

Despite claiming to have used the term Dropbox since August 4th 2004, Officeware didn't file for a trademark until April 12, 2010, some seven months *after* Dropbox filed for their trademark, and nearly 20 months after Dropbox first launched their service. Heck, Dropbox even owned the dropbox.com domain six months before Officeware bothered to file for the trademark. Seems to me that if, even once you own it, you still have to proactively protect your trademark to be allowed to keep it, the law's not likely

Re:

[VGPowerlord]

Yes, unlike the US patent system, the US trademark system is first to file. Since Dropbox filed a trademark first, I'm not seeing the problem here...

...

...

...

...except that Dropbox is a generic term. My local library has had a dropbox to return books since the 1980s. Local video stores have them to return videos, too.

Re:

[peragrin]

Windows is a Generic term which predates either of those companies by hundreds of years and i've frequently heard of builders installing windows.

don't argue about generic terms to the trademark office. if they can accept windows as legitmate trademark-able name then dropbox is too.

Re:

[Anonymous Coward]

Not true. You refer to any GUI environment as a windows or windowing environment. It is a generic term used in the computing industry long before microsoft used it. You have various windows too. xwindowsm, ms windows, etc. Mac had a windows environment pre-windows and so did xerox.

Re:

[MobileTatsu-NJG]

A small niche of people refer to any GUI environment as a windows or windowing environment.

FTFY.

Re:

[Toonol]

I don't believe Windows is trademarked. Isn't the trademark the full term "Microsoft Windows"?

Re:

[Rudolf]

I don't believe Windows is trademarked. Isn't the trademark the full term "Microsoft Windows"?

No. That is often repeated but is untrue. You can search the trademark database at uspto.gov. Microsoft has several trademarks of just "Windows". (And so do several other companies, in different fields).

Re:

[speedplane]

The term "windows" with respect to a part of your house is definitely generic. The term "windows" with respect to an OS is not. Much like how the term "apple" is generic for fruit, but not for computers. The legal term for this type of use is "fanciful": a common word that is relatively meaningless in a given context. That said, "windows" is not totally meaningless with respect to a GUI, it has a suggestive meaning as well making it a bit less inherently distinctive. http://en.wikipedia.org/wiki/Trademark_ [wikipedia.org]

Re:

[digitig]

The term "windows" with respect to a part of your house is definitely generic. The term "windows" with respect to an OS is not.

Although as a term for a GUI element it appears to go back to the early 1970s at Xerox PARC.

Re:

[speedplane]

Yes, as I said, with respect to a GUI or OS, the term "windows" is somewhat suggestive and there is some evidence supporting its prior use in similar areas. But it was hardly "generic". I doubt (although I really don't know) the term was so widespread prior to Microsoft that everyone would commonly use the term "windows" to mean a GUI system. A few isolated uses in a handful of companies isn't enough to be generic.

Re:

[digitig]

"WIMPs", meaning "Windows, Icons, Mice and Pointers" was in widespread use before MS Windows was released (1985), to the extent that anything to do with computers was in widespread use. Although I note that Windows 1.0 was announced a couple of years before it was released (1983), and although the term "WIMPs" existed even before that announcement (1980) I can't remember how widespread it was by 1983.

dropbox.com is from '95

[MoFoQ]

that and the fact that the domain name was created in '95...

      Domain Name: DROPBOX.COM
            Created on: 27-Jun-95

I just wish all these *trolls would die in a horrific way such as getting "lemon"-ed to death. (aka...instead of using stones as in stoning...use lemons)
eggs might work too

Re:

[Anonymous Coward]

Do you know who I am? I'm the man who's going to burn your house down. With the lemons!

Gotta love Cave Johnson.

"dropbox" is generic.

[grub]

Oh please, we had "dropboxes" on an Appletalk network around 1990.

On a Mac SE/30 server each user had public folders and folders labelled "$USERS's Dropbox". They were effectively write-only for all but the owner. The 'dropbox' term is something I adopted from an employer before that and I'm sure we weren't the only places to use the term.

Re:

[bill_mcgonigle]

The 'dropbox' term is something I adopted from an employer before that and I'm sure we weren't the only places to use the term.

That was the standard term for a write-only folder on Appleshare. I'm pretty sure it had a dedicated icon too.

The ironic thing is that Dropbox.com breaks both the physical and AppleShare metaphors, at least for common usage patterns (perhaps there is a way to setup a dropbox.com account as a dropbox, but most people don't do that).

Re:

[mattventura]

People can give you files but cannot read all the other things that have been put in the folder.

Yeah yeah lets sue for everything...

[Haedrian]

"FilesAnywhere has been using the term 'DROPBOX' since 2004 as part of its service"

"A dropbox is a secure container in a building's wall where items can be deposited."

Wow, I wonder where they got the idea to name it like that from. Using an existing word as a metaphor to your service should not be grounds for a lawsuit.

Re:

[CarlDenny]

By your logic, Dropbox can't copyright the term either. Which they are trying to do, in the same business space.

Either Dropbox can't be copyrighted, in which case Dropbox the company is SOoL, or it can be, FilesAnywhere has precedence, and Dropbox is SOoL.

Re:Yeah yeah lets sue for everything...

[Anonymous Coward]

Trademark [wikimedia.org] != Copyright [wikimedia.org]

Please get it right or stop using the words. If it is used to identify a company or product, it's a trademark.

...unless its Generic

[DrYak]

If it is used to identify a company or product, it's a trademark.

Unless its a generic term. Then you might still also use it as part of your company or product name, but don't come back whining if some other entity use it too.

Example: App. "App" has been used as an abbreviation for "Application" since ages. The word "Store" has been used to describe stores for ages. Apple is free to call their app store "App Store", but they shouldn't be whining when other people call applications "Apps" too. (See the recent controversy mentioned here)

GP is saying that "dropbox" is in th

Re:

[dakameleon]

If it is used to identify a company or product, it's a trademark.

Unless its a generic term. Then you might still also use it as part of your company or product name, but don't come back whining if some other entity use it too.

You mean like Apple Corps v Apple [wikipedia.org]?

I don't think there's any specific restriction against using "generic" words in a trademark [wikipedia.org] to identify your company, else every company would have to have made-up words as their names. (that said, IANAL)

The Market is important

[DrYak]

You mean like Apple Corps v Apple [wikipedia.org]?

The market where it happens is important. In the Apples' case, back when it started they were different companies operating in separate markets using names which have nothing directly to do with what they are.
An apple is a dictionary word, but it's a *fruit*.
Apple Corps has always been selling music. (Nothing to do with the fruit, they could the name for their company).
Back then Apple Computer was selling computers, i.e.: a completely different market, and could not get confused with Apple Corps (you couldn

Re:

[Haedrian]

Not the same thing.

My local greengrocer has used the term "apple" for many years, should he be allowed to sue Apple Inc for breach of tradermark?

Now I don't speak lawyer, but does it say anywhere that "DROPBOX" was a registered trademark anywhere? I can hardly understand the document, it does refer to it as a 'mark', but I'm not sure whether that's a trademark.

No problem.

[matt007]

I don't care about their TOS, they can do whatever they want with my truecrypt volumes.

Re:

[Anonymous Coward]

Oh brother, do you pound sand for fun? As the article states, they don't care about your data contents either.

Re:

[afex]

i slightly agree with you, though i do find it to be a serious PITA to have to unencrypt every time i want to get something - do you use any other apps to handle that for you?

also, how big is your volume? the one i throw on there is only a few megs, but i can imagine the sadness that will occur once it stretches to a few hundred megs and has to be up/downed every time to sync something....any advice for that?

Re:

[blahbooboo]

i slightly agree with you, though i do find it to be a serious PITA to have to unencrypt every time i want to get something - do you use any other apps to handle that for you?

also, how big is your volume? the one i throw on there is only a few megs, but i can imagine the sadness that will occur once it stretches to a few hundred megs and has to be up/downed every time to sync something....any advice for that?

Simpler solution is just use a service that has individual encryption such as Spider Oak

Re:No problem.

[wastedlife]

Actually, dropbox only syncs changed blocks of files, and truecrypt volumes use a block cipher, so the entire volume isn't resynced every time, just changes. One caveat, is that you need to turn off truecrypt's default setting to not change the modify timestamp of the file or dropbox won't know that a change was made. So it actually does work pretty well for truecrypt, as long as you are only making changes on one machine at a time.

Re:

[v1]

though i do find it to be a serious PITA to have to unencrypt every time i want to get something

Store an encrypted disk image in a cloud somewhere or on a flash drive like what I do. The key to the dmg is in the keychain on my computer so if I double click it, it opens immediately like a small flash drive and I can do as I need to, the encryption is instant, transparent, and automatic. On another computer, I have to enter the password once for that same access. It's only a very minor inconvenience for me

Re:

[vegiVamp]

I have vague memories of on-the-fly GPG encryption tools, couldn't those be used instead ?

Re:

[Moryath]

I don't care about the TOS so much as I worry about the fact that Dropbox doesn't enforce secure passwords.

Seriously. Sharing pics with my older relatives? It'd probably be great. But their password would probably be 12345 or something equally stupid, and Dropbox will actually accept that as a valid password.

Re:

[SpeZek]

Do you really need uber-1337 passwords for pictures you're sharing with your grandmother?

Re:

[vegiVamp]

Yes, because allowing simple passwords makes people think simple passwords are good enough.

It really doesn't matter if you allow your kid to pull the wings off a few files, except that it also instills the belief that torturing living things can be ok.

Re:

[blahbooboo]

Truecrypt volumes seem to negate a lot of usefulness of the system. You can't mount a Truecrypt volume on my smartphone to view a single file within the truecrypt volume. When you modify a single file within the Truecrypt volume, you get to upload the entire volume up to DropBox again which is a pain on slow upload connections.

Simpler solution, use a service that has individual encryption as an option such as Spider Oak

Re:

[geminidomino]

Simpler solution, use a service that has individual encryption as an option such as Spider Oak[sic]

Better option: Use a service that has individual encryption but doesn't suffer from massive bugs and reliability issues that plague Spideroak.

Re:

[blahbooboo]

Sounds great. What service?

Re:

[geminidomino]

If I find one, I'll let you know. :P Elsewhere on this thread someone suggested SugarSync. You might check them out if you don't need Linux support (I do).

hmm .. which have i heard of ..

[vonshavingcream]

well .. i have never heard of filesanywhere until now. dropbox.com has been growing by leaps and bounds even with the limited controversy over the TOS. plus.. that stupid box they have doesn't look at all like the dropbox logo. honestly .. i doubt the people at dropbox ever heard of this company either. just jumping on the troll wagon like everyone else.

Re:

[Nemyst]

I'm still using it. If somebody wishes to steal my programming homework or my course notes on statistical mechanics, go right ahead. My valuable stuff is either not on Dropbox or it's in a Truecrypt volume - good luck breaking into that.

All this goes to show is that common sense once more comes out the victor: assuming that any such FREE service is secure and full of goodwill is foolish. They might be, but would you really want to take the risk? Start by assuming anybody can peek at your data and go from th

Re:

[adolf]

This, exactly.

I don't have much important ("secret") data anywhere, at all, and that which I do have is reasonably well-encrypted on Dropbox. It's just fine there.

I worry more about losing my wallet than losing my stuff on Dropbox and I'm not losing any sleep over that possibility, either.

Everything else? Meh. If you want to read the results of my own little personal research projects, or awe at my collection of strange Windows and MS-DOS tools that I find indispensable (but which accomplish things that

Props to Dropbox

[milbournosphere]

For being so clear in their TOS. The only legalize I saw ("your stuff" qualifier) actually made me chuckle a little bit. I wish more companies would take this route in drafting their legal copy.

Re:

[cfulmer]

The problem, though, is that trying to make your terms of service accessible to a layperson usually ends up making them a lot less precise. And that can lead to problems if they ever try to enforce them. That's especially true since there's a "rule of construction" which says, effectively, if there are two ways to read something you wrote, and you want it read one way, and your opponent in court wants it read the other way, then your opponent wins, since you had the chance to make the language not ambiguo

Re:

[Exclamation mark!]

I wish someone told that to the guys writing the Bible/Quran/Torrah

Nothing has changed

[Wingman 5]

Yes they reworded it to make it friendlier and everyone loves the quote

To be clear, aside from the rare exceptions we identify in our Privacy Policy, no matter how the Services change, we won’t share your content with others, including law enforcement, for any purpose unless you direct us to.

however their privacy agreement [dropbox.com] still says they will gladly decrypt and give your data to law enforcement

Compliance with Laws and Law Enforcement Requests; Protection of Dropbox's Rights. We may disclose to parties outside Dropbox files stored in your Dropbox and information about you that we collect when we have a good faith belief that disclosure is reasonably necessary to (a) comply with a law, regulation or compulsory legal request; (b) protect the safety of any person from death or serious bodily injury; (c) prevent fraud or abuse of Dropbox or its users; or (d) to protect Dropbox’s property rights. If we provide your Dropbox files to a law enforcement agency as set forth above, we will remove Dropbox’s encryption from the files before providing them to law enforcement. However, Dropbox will not be able to decrypt any files that you encrypted prior to storing them on Dropbox.

Re:

[Wingman 5]

When I say "will gladly decrypt" I mean files you sent to them in plain-text and they encrypt on their servers, there is no way for them to decrypt the files you send them pre-encrypted

Re:

[itsdapead]

however their privacy agreement [dropbox.com] still says they will gladly decrypt and give your data to law enforcement

Yeah, because they're really going to say "we will defy the police, laugh at court injunctions and fight the US army barehanded, even if we end up pounding rocks in Gitmo and get all our servers impounded, rather than hand over your bootleg copy of Harry Potter 7 to The Man".

To summarise the summary: DropBox may not be a suitable location for a Wikileaks mirror, the Anonymous membership list or your extreme pr0n collection. Film at 11. Aside from the security risk, the fucking Mac users would keep moving t

Re:

[scorp1us]

Drop box is legally required to comply with, of all things the law. Generally this is a court order, but laws can force data disclosure. They are only re-iterating that they need to comply with the law, and briefing you on how it will be handled. They even go so far as to tacitly suggest you pre-encrypt everything on you put on dropbox. wink wink.

Re:

[fincan]

And that's the reason I dropped dropbox last week and switched to Wuala, although I must say I am not terribly happy with that either.

Much has changed

[tverbeek]

The privacy concerns might not be addressed to everyone's satisfaction, but the usage-rights problems have been addressed, at least to mine.

There are some very substantial and specific changes in this "patch" to their recent TOS update. The original version essentially claimed publishing rights, to be used at their discretion. Not that they actually intended to do that; it was just really badly written. I pointed out some of the legal problems in e-mails to them, and they appear to have fixed the worst o

Re:

[nbossett]

Gladly? Give credit where credit is due: the word "compulsory" in "compulsory legal request" seems to mean that they'll comply with something like a legitimate subpoena (and what business wouldn't?) but not with "Well, we don't have any legal right to demand this information, but would you mind giving it to us anyway?"

Re:

[buchner.johannes]

I am working on a server-less peer-to-peer filesharing application, dubbed Jake [sf.net]. Quite interesting technology stack (XMPP, ICE/STUN, AES-encryption, RSync). As someone stated below, why involve/trust a third party?

There is also http://retroshare.sf.net/ [sf.net]

ALL CAPS?

[drb226]

Is there a legal reason that SOME PORTIONS OF A TOS/EULA/FINEPRINT ARE IN ALL CAPS? Like, are there laws that require them to make those portions all caps? Or is it just the lawyers screwing with us?

Re:

[bill_mcgonigle]

Is there a legal reason that SOME PORTIONS OF A TOS/EULA/FINEPRINT ARE IN ALL CAPS? Like, are there laws that require them to make those portions all caps? Or is it just the lawyers screwing with us?

I recently asked a recovering attorney this question. He said there are precedents that effectively require certain sections of contracts to be 'plainly obvious' and that all-caps was a typewriter way to accomplish that, or at least to say that the attempt was made. Thank goodness these precedents weren't set

Re:

[cfulmer]

Yes. In a nutshell, a long time ago, there was a string of court cases that said you couldn't hide "important terms" to a contract way down deep in the depths; you had to highlight them to the user by, for example, making them all-caps. That's why you often see sections waiving warranties and limiting liability in all-caps. It's a bizarre rule, especially considering that making things all-caps actually makes them *harder* to read. Further, those terms are often things that people just don't care that m

Re:

[idontgno]

While I understand the reasoning, I could imagine 15 different ways the letter of the law could be used to subvert the spirit of the law, and effectively bury the "important terms" you're supposed to be emphasizing. Just a few:

• one letter per page in 288-point bold
• printing those "important terms" in a clearly distinguisable language like Chinese. "They're clearly obvious and emphasized. They're in a completely different language."
• Printing them on a separate form, like an "attachment". I hope you didn't lose

Why involve a third party?

[harl]

Maybe I've been under the yoke of HIPAA too long but if you have sensitive information why are you trusting a third party with it?

Re:

[bill_mcgonigle]

Maybe I've been under the yoke of HIPAA too long but if you have sensitive information why are you trusting a third party with it?

That's easy - the cost of having the data compromised is less than the cost of running your own infrastructure (properly).

Though I doubt many make this choice so conscientiously.

Re:

[Jeng]

Does Google insure their services?

Cause if someone goes into a bank, and robs the bank, I know I'll still have my money.

Now if Google does have a security breach, that is it, all your information is out there and all Google will do about is close the barn door after the cows are gone.

Same with Dropbox or any other online service, a data breach is almost guaranteed if the timeline is stretched out far enough. For someone in the medical field such as the GP that would be disastrous.

Re:

[dkf]

[A] data breach [of any online storage service] is almost guaranteed if the timeline is stretched out far enough. For someone in the medical field such as the GP that would be disastrous.

But what's the security of the system that it is replacing? You can't just consider these things in isolation; you've got to consider where they're coming from too, and what threats are actually likely on a timescale that anyone really cares about. After all, if you stretch the timeline out far enough, the Earth will be fried when the Sun goes into its red giant lifecycle phase, yet I'm not immediately concerned about this inevitable fact (nor is virtually anyone else). The indefinite future is just that: i

Re:

[Paradise Pete]

Cause if someone goes into a bank, and robs the bank, I know I'll still have my money.

Unless during the course of it the robber tells them they're you, in which case the bank will say "oh no, that's identity theft, not robbery [youtube.com]".

Tinfoil Hats

[SpeZek]

They aren't hiding their terms, and the terms aren't unreasonable. If you want something stored safely and privately... store it safely and privately. Drive space is cheap. If you want convenience in the public space, put a lock on your stuff if it's important.

To me this is like complaining that your bicycle isn't safe when you leave it on your front lawn. If you want it truly safe, keep it in your garage. If you want it to stay outside, put a lock on it.

Personally, I really don't think some nefarious hacke

Time to look at SugarSync

[flappinbooger]

I use dropbox quite a lot, and have built up the free account to over 6 gb. I use it as "safe" storage for all my important smallish files.

All this hoo-ha is unsettling, so I looked for alternatives. Sugarsync starts you off with 5 GB free and also has referrals. They are slightly different than DB but you can use it the same way. I'm not affiliated with them, but they seem worth a look... You can sign up here:

https://www.sugarsync.com/referral?rf=edddx6ednsb88 [sugarsync.com]

Yeah, that's a referral link, lol. Serio

Re:

[geminidomino]

Oh, so close!

Most of the stuff they provide above DB is pointless social networky-wankery, but double the space would have been nice. No Linux support means no go, though.

Re:

[geminidomino]

I tried SpiderOak. That's what I'm looking to replace, since their software is buggy as hell and whatever they do to handle passwords with "Zero Knowledge" doesn't work right, making adding new devices an exercise in masochism.