If you use #GoogleDrive, you are also allowing Google to do whatever they want with your files: they can read them, copy them, give them to anyone else, make derivative works, even publish them online without your permission (see attached screenshot). #DropBox is similar.
In other words, private files uploaded to Google Drive are no longer private.
You might want to try #privacy aware #NextCloud instead, which actually lets you control who gets to see/use your stuff:
https://switching.social/ethical-alternatives-to-dropbox-google-drive-and-google-docs/
@switchingsocial Where is the evidence that #dropbox can post your stuff online, please?
@johnribbon @switchingsocial Yes please, a cursory read of their ToS and PP did not allow me to find such evidence.
Dropbox's terms of service are very vague. Perhaps they are trying to make them easier to read, but the effect is to obscure what they say.
However, they do seem to suggest that they can share your files with whoever they want (first attachment) and the original wording for these terms was almost identical to Google Drive's (second attachment).
Basic problem is Google/Dropbox have aggressive and expensive legal teams protecting their interests, while customers don't.
@switchingsocial @yac Dropbox terms, there, certainly do not include publishing your stuff online. Also, there must be a more detailed document that is specific about "purposes" for which data is collected and processed. They are required to do this by law now in the EU.
A reasonable reading of the Dropbox terms would indicate that data can only be shared with 3rd parties in order to provide concrete user features. But that text would not be legally sufficient in the EU.
Dropbox's original terms (the second attachment above) talked about having the right to "distribute" and "publicly display" the user's files.
They replaced these terms with a more vaguely worded document which allows them to pass your data to any third party that they consider "trusted". What happens to your data once it is in the hands of these third parties?
Have to make clear I am not a lawyer, but seems prudent to consider your options if you wish data to remain private.
@switchingsocial @johnribbon Pass data to third parties... But for what purpose? Are they sub-processors or plain old third- parties? This vague wording leaves something to be desired indeed. 😕
@yac @switchingsocial Fair enough, there is some digging to be done there. There must be some proper legalese to scrutinise somewhere...
Failing some clarity being provided, they *should* be a sitting duck for some uncomfortable test cases in the EU. I salute those who will do this digging. Someone will for sure.
Personally, I encrypt "data" client side anyway, but I have unencrypted photos.