I feel like I should point out that this article isn't about the FTC doing something, but about a private individual filing a complaint with the FTC, which anyone can do.
I like Ryan Singel. He was the first reporter to write about YC. So I can't really begrudge him the pageviews he knew he'd get from HN over this. But 'taint really news.
But I'll disagree about the news value. The complaint's allegations about what Dropbox promised, versus how the architecture actually works, are pretty strong.
Soghoian knows his tech and he knows the FTC (he used to work for them). I like Dropbox. I use Dropbox. But the blog post Dropbox keeps pointing to doesn't explain the discrepancy between what users were told about security/privacy and how the service works in practice (centralized encryption keys).
I agree with Ryan -- this is exactly the kind of news I want to see on HN. For that matter, many other HN readers may also be interested in knowing the potential costs of making apparently-exaggerated security claims in today's environment.
Can anyone explain to me how the article or even title of the article would make someone think the FTC was doing something and then require such a statement from pg?
It is referenced in both as a complaint and is news for wired readers, not necessarily here (though the FTC complaint being filed here is new).
That was my fault. I originally wrote the hed as "FTC Complaint: Dropbox Lied to Users about Data Security", which I thought would get around people reading just the "Dropbox Lied To Users" part. PG changed it to the hed from the article, I suppose to make sure nobody thought the complaint originated from the FTC.
The FTC regulatory model depends on market participants to tip them off when companies are breaking consumer law, so this could be the first step in an eventual action against DropBox.
I like Ryan Singel. He was the first reporter to write about YC. So I can't really begrudge him the pageviews he knew he'd get from HN over this. But 'taint really news.