Encryption will not protect your privacy in the specific case of Dropbox.
They look into your activity, not files.
And that’s pretty much standard for any kind of commercial SaaS, just because of security concerns.
Also, they are quite transparent about the provider they are using for internal activities (Stripe, etc.). Companies in EU will typically not disclose such information. For example, Dropbox disclose the use of AWS (for hosting the infra & code, I guess), whereas Proton does not disclose any hosting company.
Because they actually run their own infrastructure? They own their own IP space, so the only thing they’d be disclosing is the ISP’s they advertise that IP space through, which you could glean via traceroute anyways.
Don’t get me wrong, these Proton blog posts are all just thinly veiled ads for their own products, but knocking them for not being transparent about their tech is disingenuous, with their track record of the opposite. Are they open source? No. Are they forthcoming on the steps they take to protect your data (including from themselves)? You betcha.
Dropbox on the other hand has been breeches multiple times, and each time they slow walk customer notifications to try and mitigate damage to their brand, to the detriment of the customers.
When you say things like, “Proton doesn’t disclose any hosting company,” after going on about Dropbox being out of the norm because they do, you are in fact specifically saying “Dropbox good, Proton bad.” You haven’t corrected anything, just rushed to the defense of your preferred company. And if you prefer Dropbox over Proton, that’s fine. There are plenty of people who simply don’t care about online privacy or see the trade offs for giving their data away as a fair price for “free” services. That said, there’s nothing in that Proton blog post that’s actually wrong, as far as I can see.
Just to clarify, I’m self-hosting. I’m using neither Proton nor Dropbox.
However, I’m a privacy pro, and I read Privacy Policies on a daily basis (ok… weekly basis).
The US companies recently moved to disclose ALL the providers they are using (including for controller activities) where European companies still hide this information (and disclose only the providers used to deliver the service).
For a very concrete example, Salesforces is mentionned by Dropbox where Proton is silent about the crm they use.
On this specific aspect, the USA are ahead of EU.
That’s all I meant.
If you want to read it as “give your data to the USA”, feel free, but that’s not what I said.
Encryption will not protect your privacy in the specific case of Dropbox.
They look into your activity, not files.
And that’s pretty much standard for any kind of commercial SaaS, just because of security concerns.
Also, they are quite transparent about the provider they are using for internal activities (Stripe, etc.). Companies in EU will typically not disclose such information. For example, Dropbox disclose the use of AWS (for hosting the infra & code, I guess), whereas Proton does not disclose any hosting company.
Because they actually run their own infrastructure? They own their own IP space, so the only thing they’d be disclosing is the ISP’s they advertise that IP space through, which you could glean via traceroute anyways.
Don’t get me wrong, these Proton blog posts are all just thinly veiled ads for their own products, but knocking them for not being transparent about their tech is disingenuous, with their track record of the opposite. Are they open source? No. Are they forthcoming on the steps they take to protect your data (including from themselves)? You betcha.
Dropbox on the other hand has been breeches multiple times, and each time they slow walk customer notifications to try and mitigate damage to their brand, to the detriment of the customers.
I was not saying “Dropbox good” or “Proton bad”, just correcting a few things about the privacy policy in itself and what it means.
When you say things like, “Proton doesn’t disclose any hosting company,” after going on about Dropbox being out of the norm because they do, you are in fact specifically saying “Dropbox good, Proton bad.” You haven’t corrected anything, just rushed to the defense of your preferred company. And if you prefer Dropbox over Proton, that’s fine. There are plenty of people who simply don’t care about online privacy or see the trade offs for giving their data away as a fair price for “free” services. That said, there’s nothing in that Proton blog post that’s actually wrong, as far as I can see.
Just to clarify, I’m self-hosting. I’m using neither Proton nor Dropbox.
However, I’m a privacy pro, and I read Privacy Policies on a daily basis (ok… weekly basis).
The US companies recently moved to disclose ALL the providers they are using (including for controller activities) where European companies still hide this information (and disclose only the providers used to deliver the service). For a very concrete example, Salesforces is mentionned by Dropbox where Proton is silent about the crm they use.
On this specific aspect, the USA are ahead of EU.
That’s all I meant.
If you want to read it as “give your data to the USA”, feel free, but that’s not what I said.