Dropbox handing data to OpenAI: the risks of AI in practice

Dropbox has recently ‘dropped’ a new enabled-by-default feature that has users worried about their data privacy. As almost every company in tech these days, Dropbox is latching onto the new capabilities of AI – specifically OpenAI – with a questionable approach to user privacy.

Last Wednesday, social media buzzed with apprehension over Dropbox’s new AI feature that shares data with OpenAI to perform an experimental AI-powered universal search across user data on the platform. As reported by Ars Technica and other media, the on-by-default setting led to understandable upset from many Dropbox users.

While Dropbox does offer the option to opt-out of their new feature, something that sends your data to a third party company shouldn’t be on by default without first checking with the user if they’re okay with it. At the very least, they could have enabled a pop-up dialog the first time they showed the feature, explaining the consequences and offering that opt-out in an easy way.

When we at Nextcloud introduced our AI feature set in early 2023, we recognized the challenges intrinsic to Artificial Intelligence, and from day 1 have prioritized total transparency, choice, availability to users, and the honoring of adjoining ethical implications. Nextcloud Hub features rich AI offerings with an always privacy-first approach: while many are available, our remote-AI features are optional and disabled-by-default, never exposing user data without your knowledge or consent.

For example, we released an article recently that reiterates our AI approach and explains the difference between our completely self-hosted AI options versus those implemented as integrations from external parties. We then dove into each new AI feature to illustrate their utility, the different options to enable them, and any potential AI and privacy-related implications, aided by our Ethical AI Rating system.

In Nextcloud Hub 7, we just released our advanced, Unified Search that allows you to search for any file, person and more in Nextcloud. Since the data is only indexed on your server, no data leaves your server. Nextcloud can store all your data from contacts to documents and notes, so you don’t even have a need for using or interacting with a 3rd party service if you don’t want to.

hub7-release-featured-image

Similarly, the Nextcloud AI Assistant uses the collective data from your server to help you enhance and speed up your work with all-local AI options. You can get language assistance in your documents, summarize your email threads and Talk chats, and more.

We just shared a tech preview of our Nextcloud AI Assistant with Context Chat, a new initiative developed together with the German state Schleswig-Holstein that enables local AI models within Nextcloud to search users’ local data across the platform. While on the surface this appear similar to Dropbox Dash – their new cross-platform search utility – the key implication and difference is in the implementation: Dropbox relies solely on sending user data to OpenAI for AI-assisted processing, while Nextcloud’s Assistant with Context Chat can rely completely on in-house, self-hosted local AI models, a real privacy [boon].

What we are illustrating here is that yes, AI can give great productivity benefits. And you can bring that to users in a responsible way. Even if you’re not willing or able to offer AI features in-house or on premise and instead want to rely on OpenAI or other big AI companies, there is no need for sharing your users’ data to such a third party without a warning.


Thank you for reading and staying up-to-date about current data privacy news that we, like you, care deeply about. We hope you find Nextcloud solves your needs and provides you unmatched opportunities to use and work with AI securely, easily, and privately. We would also love to continue the conversation: send us your thoughts via Mastodon and X (Twitter).

Stay informed about how Nextcloud offers AI ethically and securely

Learn more about our AI