Cloud brings risks, one shall be aware of it, and do the math of advantages/disadvantages.
I will keep my dropbox account, despite that incident, and know deep in my heart that such glitch can happen to me as well, no matter how well my develop/test/deploy routine is designed.
Having say that, I will never have anything high sensitive on any hosted machine, no matter who the provider is, unless it is strongly encrypted (that includes, pgp for sensitive mail (gmail) attachments, etc.)
I really hope dropbox will learn from this and continue improve their service as they have been doing since day one.
from the terms page:
IN NO EVENT WILL DROPBOX BE LIABLE TO YOU OR TO ANY THIRD PARTY FOR DAMAGES OF ANY KIND, INCLUDING,
WITHOUT LIMITATION, DIRECT, SPECIAL, INCIDENTAL, PUNITIVE OR CONSEQUENTIAL DAMAGES (INCLUDING LOSS OF
USE, DATA, BUSINESS OR PROFITS) ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT, OR FROM YOUR
ACCESS TO OR USE OF, OR INABILITY TO ACCESS OR USE, THE SITE, CONTENT, FILES AND/OR SERVICES, OR FOR
ANY ERROR OR DEFECT IN THE SITE, CONTENT, FILES OR SERVICES, WHETHER SUCH LIABILITY ARISES FROM ANY
CLAIM BASED UPON CONTRACT, WARRANTY, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY OR OTHERWISE, OR
ANY OTHER LEGAL THEORY, WHETHER OR NOT DROPBOX HAS BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGE,
EVEN IF A REMEDY SET FORTH HEREIN IS FOUND TO HAVE FAILED OF ITS ESSENTIAL PURPOSE. YOU SPECIFICALLY
ACKNOWLEDGE THAT DROPBOX IS NOT LIABLE FOR THE DEFAMATORY, OFFENSIVE OR ILLEGAL CONDUCT OF OTHER USERS
OR THIRD PARTIES AND THAT THE RISK OF INJURY FROM THE FOREGOING RESTS ENTIRELY WITH YOU. FURTHER,
DROPBOX WILL HAVE NO LIABILITY TO YOU OR TO ANY THIRD PARTY FOR ANY THIRD PARTY CONTENT UPLOADED ONTO
OR DOWNLOADED FROM THE SITE OR THROUGH THE SERVICES AND/OR THE FILES, OR IF YOUR DATA IS LOST,
CORRUPTED OR EXPOSED TO UNINTENDED THIRD PARTIES.
FREE ACCOUNT HOLDERS: YOU AGREE THAT THE AGGREGATE LIABILITY OF DROPBOX TO YOU FOR ANY AND ALL CLAIMS
ARISING FROM THE USE OF THE SITE, CONTENT, FILES AND/OR SERVICES IS LIMITED TO TWENTY ($20) U.S.
DOLLARS. THE LIMITATIONS OF DAMAGES SET FORTH ABOVE ARE FUNDAMENTAL ELEMENTS OF THE BASIS OF THE
BARGAIN BETWEEN DROPBOX AND YOU.
PREMIUM ACCOUNT HOLDERS: YOU AGREE THAT THE AGGREGATE LIABILITY OF DROPBOX TO YOU FOR ANY AND ALL
CLAIMS ARISING FROM THE USE OF THE SITE, CONTENT, FILES AND/OR SERVICES IS LIMITED TO LOWER OF THE
AMOUNTS YOU HAVE PAID TO DROPBOX DURING THE THREE MONTH PERIOD PRIOR TO SUCH CLAIM, FOR ACCESS TO AND
USE OF THE SITE, CONTENT, FILES OR SERVICES, OR ONE-HUNDRED ($100) DOLLARS. THE LIMITATIONS OF DAMAGES
SET FORTH ABOVE ARE FUNDAMENTAL ELEMENTS OF THE BASIS OF THE BARGAIN BETWEEN DROPBOX AND YOU.
I've always wondered if these really work. We all use these EULAs and TOS that essentially say "you can't sue us for anything no matter what!" but I have a feeling that kind of thing doesn't actually hold up in court.
It doesn't that's why they have:
> Severability
> In the event that any provision of these Terms of Service is held to be invalid or unenforceable, the remaining provisions of these Terms of Service will remain in full force and effect.
In Australia, Europe and the UK, there are laws that make "unfair" clauses unenforceable... where unfair includes all kinds of things you see in every consumer level contract like no liability for death/injury or avoiding delivery with no notice or compensation.
In the UK the legislation is 'the unfair contract terms act 1977'. http://www.legislation.gov.uk/ukpga/1977/50
Also, the case law suggests that if you are providing a professional service your appointment should make it clear that you will take 'reasonable skill and care' in carrying out the services otherwise you will be judged as to whether the service you have provided is 'fit for purpose' which is a much harder test to pass. I dont know if this test would apply to SAAS T&C's and IANAL by the way. Edit: Clarity & Bad grammar.
I am neither a judge nor a lawyer, yet, can assume, most of us simply lie when we click on "Yes, I have read, understand and agree to the terms!" buttons.
None of us read them (most of us TBMA), but we "sign this contract"
Most people don't read the terms of service, but they do read the marketing copy. If the marketing copy contradicts the terms of service, the contract should be based on the marketing copy. The terms of service should not be a license to make false or misleading marketing claims.
If the marketing copy said something like "if we screw up, you can sue us" while the TOS says "we can't be held liable if we screw up", then that might be relevant. However, I've never seen dropbox say anything like that in their advertising, so there doesn't seem to be any contradiction.
see https://www.dropbox.com/terms#terms
Cloud brings risks, one shall be aware of it, and do the math of advantages/disadvantages.
I will keep my dropbox account, despite that incident, and know deep in my heart that such glitch can happen to me as well, no matter how well my develop/test/deploy routine is designed.
Having say that, I will never have anything high sensitive on any hosted machine, no matter who the provider is, unless it is strongly encrypted (that includes, pgp for sensitive mail (gmail) attachments, etc.)
I really hope dropbox will learn from this and continue improve their service as they have been doing since day one.
from the terms page: