Hi All, My Pi Hole is blocking an INCREDIBLE amount of DropBox telemetry, even more than Windows telemetry, and by a large margin.So I have a few questions.1. What is this telemetry for ?2. What information is in there ?3. Who gets to see it (ie, is it shared in any way with, let's say, advertisers)4. Why is it being blocked by my standard Pi Hole list, what threat could it be ?5. Where do I turn it off if I wish to ? Cheers,Threlly

Hi Jay,Well that’s me out.It’s constant and I have no control of data being sent from MY machine, especially when I have purposefully clicked the option that turned that off.So it turns out that we have all been deceived.If I want that turned off, that’s it. Period.I’ll migrate my data to another service.Please note: I must also refer this to European GDPR, as Dropbox are clearly not compliant.Thank you all for your patience and help.Kind regards,Gary

I found this thread because my pihole is also blocking a CRAZY amount of telemetry.dropbox.com and I fully agree with Gary. We MUST have the option to share our information or not to share the information if that is what we choose. I am very dissapointed in these findings. I will also be looking in to another service to migrate to that is more transparent.

Also fully agree w/ the other annotators. one callback per minute is way too much and not providing an option to turn off undocumented!!! telemetry is even worse. This is a 'good-bye trigger' for me. I also think this is not GDPR compliant. Dropboxers, your data protection seriousness is way too lazy!

Hi Jay,I thought I’d turned that off, nor do I want to share information that I have no control over.How do I turn this off ?Who is this information (in any form) shared with ?Thanks,Gary

Also discovering this thread while researching why my pi-hole is blocking such a lage amount of traffic for a service I pay for. Hits in 24 Hours:

Why So Much Telemetry ? | The Dropbox Community

anforowicz
New member | Level 2
5 years ago
Hello,

I am a Chrome Engineer, working for the Chrome Security team. In Chrome 85, a security feature called CORS-for-content-scripts has shipped - after Chrome 85 content scripts can no longer bypass CORS, even if an extension has permission to the target host. The Chrome 85 changes have been announced in March 2020 on chromium-extensions@ discussion list, as well as in Chrome Enterprise Release notes.

The "Dropbox for GMail" Chrome Extension has been identified as affected by Chrome telemetry in earlier Chrome versions. An email notification to CWS@dropbox.com (the email registered in Chrome Web Store) was sent out in June 2020. To avoid disruptions, the extension has been put on a temporary "allowlist" that exempts the extension from Chrome 85 changes (as we've announced earlier, the "allowlist" is being removed in Chrome 87). Our manual testing indicates that the "Dropbox for GMail" Chrome Extension has not yet migrated to the new security model and will stop working in Chrome 87 (starting with version 87.0.4266.0, currently in the Chrome Canary channel).

Please migrate the "Dropbox for GMail" Chrome Extension to the new security model as soon as possible. The tentative Chrome 87 release schedule is to ship to the Beta channel on 2020-10-15 and to start rolling out the Stable channel on 2020-11-17. More details about the changes and migration guidelines are available at https://www.chromium.org/Home/chromium-security/extension-content-script-fetches.

Best regards,

Lukasz Anforowicz
- Walter
  Dropbox Staff
  5 years ago
  Hi anforowicz; thanks for the extensive report and welcome to the Dropbox Community!
  
  As I'd like to get this under the attention of one of our experts, would it be OK if I used the email address that's connected to your profile here on our Community to further investigate?
  
  Thanks a bunch, Lukasz.
  - anforowicz
    New member | Level 2
    5 years ago
    RE: would it be OK if I used the email address that's connected to your profile here on our Community to further investigate
    
    Sure, that should be totally ok. Thank you for asking.
    
    -Lukasz
- edie828
  Helpful | Level 5
  5 years ago
  I read the "fix" script. No way am I equipped to figure this out. Is there a plain English version that I can access? My business is being severely affected by what I think this problem is.
  
  When I try to download the attachment to the dropbox using the chrome extension (in ANY of my gmail accounts), nothing happens. Everything was seamless and problem-free until a few days ago.
  - Walter
    Dropbox Staff
    5 years ago
    Hi there edie828; thanks for joining our discussion here.
    
    May I ask which exact version of Chrome are you noticing this on and if it persists after clearing your browser's cache?
    
    Thanks!
Threlly
Collaborator | Level 8
4 years ago
Ok,

So Dropbox will not address the problem of data being siphoned from our machines & devices, the options in the client do NOT stop this.
Their privacy statement does not address this issue and it remains seemingly illegal within GDPR regulations.
Why has this not been addressed ?
Threlly
Collaborator | Level 8
5 years ago
- Walter
  Dropbox Staff
  5 years ago
  Hi Threlly; welcome to our Community!
  
  I'm not aware of this exact domain and as a matter of fact is not listed within our official domains. Can you let me know some additional information about the device you're seeing this on, such as if you're running the desktop application and/or if you're using a web browser to access a Dropbox account etc.?
  
  Regarding your last queries, I'd suggest getting in touch with the 3rd party app you mentioned directly as they might have more information.
  
  In any case, please let me know what you find, Threlly.
  - Threlly
    Collaborator | Level 8
    5 years ago
    Hi,
    
    I'm using the Windows 10 desktop app v106.4.368.
    I rarely access dropbox in the browser.
    Even if I quit the client the DropBox service (DbxSvc) remains active in my task list, as does "DropBox Update 32bit".
    
    Gary
Threlly
Collaborator | Level 8
4 years ago
Hi All,

My Pi Hole is blocking an INCREDIBLE amount of DropBox telemetry, even more than Windows telemetry, and by a large margin.
So I have a few questions.
1. What is this telemetry for ?
2. What information is in there ?
3. Who gets to see it (ie, is it shared in any way with, let's say, advertisers)
4. Why is it being blocked by my standard Pi Hole list, what threat could it be ?
5. Where do I turn it off if I wish to ?

Cheers,
Threlly
- Threlly
  Collaborator | Level 8
  4 years ago
  Why can this NOT be turned off.
  - AndyBe
    Helpful | Level 5
    4 years ago
    The silence speaks for itself. Already moved all my files off of Dropbox and won’t renew my subscription.
JingleDjango
Helpful | Level 6
5 years ago
I'm following this thread with interest.
Threlly
Collaborator | Level 8
2 years ago
So,
Pi-Hole users, are you still seeing Dropbox siphon off enormous amounts of your personal data to their servers with no option to stop it?
Are dropbox still refusing to address the issue correctly and to the satisfaction of their paying customers?
Do we know who Dropbox's GDPR Data Protection Officer is in the U.K/E.U?