A tweet this weekend generated quite a lot of attention, as a Dropbox user was surprised to discover “DMCA takedowns in personal folders, TechCrunch reports. However, Dropbox isn’t actively searching through the files shared by its customers in order to remove copyrighted content. What the company actually does is employ an automated system that prevents users from sharing known copyright-protected files with others.
“There have been some questions around how we handle copyright notices. We sometimes receive DMCA notices to remove links on copyright grounds,” Dropbox said in a comment on the tweet. “When we receive these, we process them according to the law and disable the identified link. We have an automated system that then prevents other users from sharing the identical material using another Dropbox link. This is done by comparing file hashes. We don’t look at the files in your private folders and are committed to keeping your stuff safe.”
The cloud storage company isn’t even deleting the file from the user account that initially uploaded it. It just makes it invisible to any other third parties. Whenever a DMCA complaint is verified by Dropbox’s legal team, the company adds the file to a blacklist of files that can’t be shared using its service.
In order to identify the files, Dropbox uses hashing, or an algorithm that pairs each file with a unique identifier. Whenever that identifier is picked up by Dropbox in links that are shared, the system blocks any sharing attempts, as long as a match is found. Dropbox does all this without even knowing what the file actually is, and it only works if the hash of the file that’s shared matches the hash of a blacklisted file.
However, changing a file “even slightly completely changes the hash,” TechCrunch says, which means the identifier will not be similar to what Dropbox stores in its blacklist.