This question came up during the Project Photofly Facecast that Stephane Negri and I participated in. Though I am not a lawyer, here is basically what I said:
Our data privacy policy (related to security) is shown at installation time. Since Autodesk isn't charging you for the service, Autodesk doesn't want you to turn around and charge us (through litigation or otherwise) for how the service or our employees perform. In essence, we don't want to accept liability when we don't take money, and we currently do not make security guarantees for the service as it is currently a Technology Preview and not a fully commercialized product.
Beyond our lack of guarantee, I can share with you our intention.
- We intend to have a reasonably secure service, better than email, but less secure than a bank account. We believe the systems are secure against casual attempts to hack your data.
- We don't intend to publicly share any customer data without the owner’s permission.
- We store your files on Amazon’s S3 service, and they maintain their own physical and data security policy that is considered robust.
- Our compute servers are in a card-key accessed server room where only a subset of authorized Autodesk employees have physical access. The physical access is logged.
In the future if we decide to convert the technology preview into an official service, we may choose to augment our security and privacy policies. At this time I can only offer our intention to hold your data secure, but cannot guarantee it.
// Learn more about Project Photofly
Care is alive in the lab.