Cloud storage giant, Dropbox, have denied that they spy on users, after a user tweeted an image which showed a DMCA Digital Millennium Copyright Act) takedown notice for a file, stored inside his Dropbox folder.
This sparked an outrage amongst users, especially on Twitter, as the tweet crossed over 3000 Retweets. The user later tweeted saying that he did not intend to question Dropbox's practices, and that he was just stunned to see such a notice for the first time.
The nature of the file in question is unknown, and Dropbox have said that they have merely disabled sharing of the said file, and have not actually taken it down, and that the user can still access it.
Here is what the tweet said,
Dropbox issued an official statement, to calm the users and re-assure that their data is kept private.
There have been some questions around how we handle copyright notices. We sometimes receive DMCA notices to remove links on copyright grounds. When we receive these, we process them according to the law and disable the identified link. We have an automated system that then prevents other users from sharing the identical material using another Dropbox link. This is done by comparing file hashes. We don’t look at the files in your private folders and are committed to keeping your stuff safe.
A File Hash is a unique fingerprint of a file. Each and every file on the internet and on computers, or other devices have a file hash. Many users, )including myself) use File hash verification, by checking whether the checksum value of a downloaded file matches the one on the server. This is done to ensure that you don't have a corrupt file. You can use a Free tool for Windows called Hash Tab, which integrates itself to the Windows File Explorer Tool Tabs. Just right-click on any file after installing the tool, to get the checksum values. Other users, be it hackers oe even Dropbox employees, cannot access your files as all files are encrypted the moment they are uploaded to their server.
So Dropbox uses such a file hashing system, to check their servers for hashes which match those which were taken down for Copyright violations. Techcrunch notes, that this is done only when Dropbox receive a DMCA complaint. A hash of the blacklisted file is added to their server, and when a user tries to share such a file, a hash check takes place and prevents the file from being shared.
As long as a user isn't sharing copyrighted material, there is no reason to worry about this.