July 18, 2011
By Ezra Brook

Class Action Complaint for:


  1. Violation of California’s unfair-competition law, Cal. Business & Professionals Code § 17200, et seq.
  2. Invasion of privacy, Intrusion, Public Disclosure of Private Facts, Misappropriation of Likeness and Identity, and California Constitutional Right to Privacy
  3. Negligence
  4. Breach of Express Warranties
  5. Breach of Implied Warranties

Software is no longer technological component in our mobile phones, cars, washing machines and planes. It reaches into our private lives and impacts our privacy; security, making us fragile, vulnerable and weak. Should we allow the benefits to override nay blind us to the problems of insecure software or deter us from finding potential technical solutions that might help us address the problem of insecure software? Christina Wong of Los Angeles does not think so! She has filed claims against the San Francisco based Dropbox Inc for compromising the security of the information she has entrusted to their servers in good faith on the basis of promises made by the company.

Dropbox Inc is a cloud service provider with around 25 million subscribers. Service users can store their personal information on Dropbox servers and access the same from any kind of device; from anywhere in the world. The privacy and security of data stored in their repositories is subject to commitments made to the consumers of their service, under the Privacy Policy and the Terms and Conditions of service. Consumers signing up for the service must read through and agree to the terms and conditions of service and the statements in the Privacy Policy or are free to desist from subscribing to the service. In other words, it is an adhesion contract and is indicative of the strong market position that is currently being enjoyed by online backup service providers. The service seller can push-round a buyer, who is compelled to satisfy his or her desire for the benefits accruing from the utility, irrespective of the kinds of terms and conditions that are imposed upon him or her.

But, the worm is turning. As cloud services mature, buyers are learning to coordinate among themselves and highlight the vulnerabilities of the consumer in this market. Christina Wong’s lawsuit on Dropbox is one of the first rumble of consumer discontent and a harbinger of things to come.

Wong’s charge is very specific– the San Francisco Company has violated the California Unfair Competition law and invaded the privacy of individuals through negligence. She contends that the company promised its customers security of personal and business data. But, the company violated its promise when it introduced a bug on June 19 compromising user accounts and creating a window of access to user data. It compounded the situation by not communicating with all its customers and notifying them of the glitch in their software– however, temporary and however small the number of users who were logged in at the time. The post breach action of the company in no way compensates users for the time frame in which the data could have been hijacked/accessed by unscrupulous elements or third parties to the information.

The company co-founder and CTO, Arash Ferdowsi, explained the security issue on the company blog ( on June 20, 2011, with many updated posted since then:

Hi Dropboxers,
Yesterday we made a code update at 1:54pm Pacific time that introduced a bug affecting our authentication mechanism. We discovered this at 5:41pm and a fix was live at 5:46pm. A very small number of users (much less than 1 percent) logged in during that period, some of whom could have logged into an account without the secret password. As a precaution, we ended all logged in sessions.

We are conducting a thorough investigation of related activity to understand whether any accounts were improperly accessed. If we identify any specific instances of unusual activity, we will immediately notify the account owner. If you are concerned about any activity that has occurred in your account, you can contact us at

This should never have happened. We are scrutinizing our controls and we will be implementing additional safeguards to prevent this from happening again.


The questions that are topmost in the minds of those keenly watching the outcome of the lawsuit are: Will Christina Wong, succeed in her claims? Will the courts rule that company has really used unfair competition (under Californian law) and caused damages? Will a potentiality for invasion of privacy be a sufficient cause for damages? Can damages be claimed on the grounds of Negligence or breach of express/implied warranty? Will the outcome of the lawsuit affect the future of cloud computing? We must wait and watch!

Click here to download the court filing document

General Tags: online backup, online backup services, compare online backups, online backup providers directory, cloud computing, online backup news, online backup companies, backing up online, SaaS, top rated online backups, online data backup, data security, online file storage, CEO interviews, software as a service, online file backup, online backup reviews, data storage

Like us on Facebook

Do you like this post? Subscribe to our RSS feed ===========================


Related posts:

  1. Dropbox, Online File Backup and Storage, Sync and Share Firm, Introduces Dropbox for Teams
  2. SpiderOak Online Backup, Sync, and Sharing, Advances Cloud Privacy Through Zero-Knowledge Privacy Standard

Tags: ,