Dropbox amends privacy policy to conform to international Safe Harbor Laws
Data privacy protection is becoming one of the key issues in the first part of the 21st Century, affecting developments in web hosting companies and cloud computing that ultimately impact you as a user, designer or web developer.
One area to watch out for is something called Safe Harbor, which is a piece of legalese residing in Governmental regulations encompassing how data travels between countries. You will see this term used in regulations governing credit card transactions and other content-specific areas including data storage.
Along with other government initiatives, including the semi-aborted Stop Online Piracy Bill, individual tech behemoths such as Google are doing their best to revise and revamp their privacy policies to ensure users understand their rights and what measures they are taking to secure and protect your data.
While the Google Privacy Policy revisions are the most prominent in the media, other cloud computing players such as Dropbox have also been forced to revise their policies recently, especially in light of Safe Harbor rules formulated between Europe and the United States.
Back in 1998, The EU Commission put into affect a new law that “prohibit the transfer of personal data to non-European Union countries that do not meet the European Union (EU) “adequacy” standard for privacy protection.”
Both the EU and US agree that data should be protected as it flows between the two countries over servers that are now scattered around the globe. But, they differ in their approach.
This lead the two international zones to come together to find a way to bridge this divide. The result is something called “Safe Harbor” which purportedly offers a simpler and cheaper means of complying with the adequacy requirements of EU law, which should particularly benefit small and medium enterprises. That means you of course!
Over the last several months, Dropbox reported that it was receiving a number of concerned questions from users as to whether the famous online “cloud” storage provider was meeting their Safe Harbor obligations.
Dropbox had to fine-tune a few things internally before they confirmed their adherence to the framework and issued some revisions to their privacy policy, which officially go live on March 15, 2012.
They include:
Referrals/Sharing: Our new Privacy Policy notes that Dropbox sends out emails when you refer people to Dropbox. It also spells out that we may receive third-party information like email addresses when you share content with others or refer them to Dropbox.
Geo-location Information: In the Dropbox current Privacy Policy, we let you know that photos you upload to Dropbox might contain location information recorded by your camera. We’ve updated our Privacy Policy to clarify that videos you send us might already have that information in them as well.
Third Party Websites: Our new Privacy Policy makes clear that when you click a link on the Dropbox website and visit a different site, the privacy policy for the other site may govern your activity there.
The above is noteworthy, because it illustrates the rising complexity of data being scattered around continents on distributed “cloud” servers and the need to comply with different international regulations.
Generally, whenever you see a privacy policy change on a large tech provider such as Dropbox, it signals a fundamental shift in the way technology is impacting small business and the storage of information.