What can I do about this clause?

{'method': 'IN_APP', 'recipient': 'https://www.dropbox.com/account/privacy', 'difficulty': 'EASY', 'action_type': 'EXPORT_DATA', 'instructions': 'Log into your Dropbox account, navigate to Account Settings > Privacy, and use the data export tool to download a copy of your stored files and account data before closing your account or changing your storage practices.', 'deadline_days': None, 'deadline_hours': None}

Which regulatory agencies enforce this type of clause?

{'agency': 'FTC', 'reason': 'The FTC has jurisdiction over deceptive data sharing practices involving third-party processors under FTC Act Section 5, particularly where the scope of content scanning is not clearly disclosed.', 'complaint_url': 'https://reportfraud.ftc.gov/'}

What is the severity of this clause?

ConductAtlas classifies this Broad Content License Grant clause as medium severity. Severity reflects the magnitude of rights affected, the breadth of users impacted, and the degree of discretion the platform retains.

Do other platforms have similar clauses?

Yes. ConductAtlas has identified similar Broad Content License Grant clauses across approximately 9 other tracked platforms. You can compare how platforms differ on this clause type in the cross-platform comparison view.

Broad Content License Grant — Dropbox

Share 𝕏 Share in Share 🔒 PDF

What it is

You keep ownership of your files, but you give Dropbox (and its partners) permission to access, store, and scan your content to provide features like previews, search, and backups.

Consumer impact (what this means for users)

Users' files, photos, and documents stored in Dropbox may be accessed and scanned by Dropbox and its trusted third-party partners for service features, which has privacy implications particularly for sensitive personal or business documents.

What you can do

⚠️ These actions may provide transparency or partial mitigation but may not fully address the underlying issue. Effectiveness varies by jurisdiction and individual circumstances.

Export Your Data

Log into your Dropbox account, navigate to Account Settings > Privacy, and use the data export tool to download a copy of your stored files and account data before closing your account or changing your storage practices.

Cross-platform context

See how other platforms handle Broad Content License Grant and similar clauses.

Compare across platforms →

Need full compliance memos? See Professional →

Why it matters (compliance & risk perspective)

While Dropbox says it does not claim ownership, the license to access, store, and scan your content — extended to affiliates and third parties — means your files may be processed by entities beyond Dropbox itself.

View original clause language

By using our Services you provide us with information, files, and folders that you submit to Dropbox (together, 'your stuff'). You retain full ownership to your stuff. We don't claim any ownership to any of it. These Terms do not grant us any rights to your stuff or intellectual property except for the limited rights that are needed to run the Services, as explained below. We need your permission to do things like hosting your stuff, backing it up, and sharing it when you ask us to. Our Services also provide you with features like photo thumbnails, document previews, email organization, easy sorting, editing, sharing and searching. These and other features may require our systems to access, store, and scan your stuff. You give us permission to do those things, and this permission extends to our affiliates and trusted third parties we work with.

Institutional analysis (Compliance & legal intelligence)

(1) REGULATORY FRAMEWORK: This provision implicates GDPR Art. 6(1)(b) (processing necessary for contract performance) and Art. 28 (processor obligations) for EU/EEA users. CCPA §1798.140 definitions of 'sale' and 'sharing' of personal information are relevant where content scanning involves third-party processors. ECPA 18 U.S.C. §2701 et seq. governs unauthorized access to stored electronic communications. FTC Act Section 5 applies if scanning practices are not adequately disclosed and constitute unfair or deceptive acts. (2)

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

FTC

The FTC has jurisdiction over deceptive data sharing practices involving third-party processors under FTC Act Section 5, particularly where the scope of content scanning is not clearly disclosed.
File a complaint →

Provision details

Document information

Document

Dropbox Terms of Service

Entity

Dropbox

Document last updated

April 29, 2026

Tracking information

First tracked

March 20, 2026

Last verified

April 27, 2026

Record ID

CA-P-003521

Document ID

CA-D-00195

Evidence Provenance

Source URL

https://www.dropbox.com/terms

Wayback Machine

View archived versions →

SHA-256

1cabe0ce5b80f0fae0c8728e523b1b345dbccd408313be10c74c2beaea6a8327

Verified

✓ Snapshot stored ✓ Change verified

How to Cite

ConductAtlas Policy Archive
Entity: Dropbox | Document: Dropbox Terms of Service | Record: CA-P-003521
Captured: 2026-03-20 05:12:21 UTC | SHA-256: 1cabe0ce5b80f0fa…
URL: https://conductatlas.com/platform/dropbox/dropbox-terms-of-service/broad-content-license-grant/
Accessed: May 2, 2026

Classification

Severity

Medium

Broad Content License Grant