A few days ago I wrote a post on Mozy Inc.’s privacy policy. A Mozy Inc. employee then decided to go ahead and tell me that I “just don’t get it”. So, to determine whether Mozy Inc.’s draconian privacy policy is representative of online backup solutions, I decided to take a closer look at some of Mozys competitors’ privacy policies.

So, without further ado, a summary of online backup solution privacy goodness (again, I would like to remind you that I am not a lawyer, simply a concerned luser):

Carbonite

The Carbonite privacy policy looks a lot friendlier than Mozys. Carbonite distinguishes between two types of disclosure. Disclosing (a) your personal information, presumably your name, address, phone number, etc, and disclosing (b) your backed up data.

With regard to (a), the privacy policy contains the following:

Carbonite is committed to protecting your privacy. Carbonite will not, under any circumstances, rent, sell, or give away your Personal Information nor does Carbonite trade or exchange mailing lists with any other organization. Carbonite maintains this information; but we may disclose your Personal Information to third parties if we believe that such action is necessary to (1) comply with the law; (2) protect and defend the rights or property of Carbonite; (3) enforce the Carbonite Terms of Use Agreement.

Although slightly rubbery, I guess that is what is to be expected, so we move on to (b), to which the following quote refers:

Carbonite will not share your encrypted files with any third party unless such action is necessary to comply with a government or court order legally compelling us to do so.

That’s more like it. As I’ve mentioned before, handing over data when ordered to do so by the courts are clearly a no-brainer.

So except for the fact that Carbonite, like Mozy, is situated in the US (which during the Bush administration has become an increasingly hostile environment with respect to legal rights), there really doesn’t appear to be much cause for concern.

In summary though, Carbonite appears to be a whole lot more privacy friendly than Mozy. Moving on to IBackup.

IBackup

The Ibackup privacy policy appears somewhat more fragmented than those of Mozy and Carbonite.

It appears that the following paragraph, taken from the IBackup terms of use, defines the cases in which Carbonite chooses to share stored data with third parties:

(…) In addition, Pro Softnet may be asked to provide user data and logs as a part of a legal issue in a third party case by a court order or a subpoena, discovery request or other lawful process that may override privacy rules.

As was the case with Carbonite, IBackup pledges not to share stored data with any third parties, unless ordered to do so by the courts.

Conclusions

Both Carbonite and IBackup provide reasonable terms of use with respect to sharing data with third parties. That is, according to their respective privacy policies, stored information is only divulged under court order.

This is in contrast with Mozy Inc. which allows itself to share stored information with any third party at any time that they deem fit.

As neither of the providers publicly disclose their encryption algorithm implementation, the privacy policy/terms of use of the providers are pretty much all that users can rely on for keeping their private data private.

This entry was posted on Monday, June 23rd, 2008 at 8:39 am and is filed under Me, Software, network. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.