In a letter sent to the FTC, University of Indiana PhD and security researcher claimed that while Dropbox encrypted every file it stored, this could be reversed by employees, undermining the company's security credibility.

Not only did this design fall short of "industry best practices", wrote Soghoian, it also represented a serious security risk that the company was not being upfront about.

"Dropbox has and continues to make deceptive statements to consumers regarding the extent to which it protects and encrypts their data," Soghoian wrote. "Dropbox's customers face an increased risk of data breach and identity theft because their data is not encrypted."

In Sioghan's view, Dropbox has deceived its users, infringing Section 5 of the Federal Trade Commission Act.

Trouble started for Dropbox over the encryption issue some weeks ago with a series of claims made by Soghoian and others about the way the company was handling data. Possibly in response, on April 21 Dropbox clarified its terms service to make explicit that it would allow police access to the contents of files posted to its service if requested to do so.