The most recent of these criticisms arose from an update to the Dropbox Terms of Service to state that if the government asks, it will hand over your files:
All this comes on the heels of a report last week by security engineer Derek Newton that revealed another insecurity in Dropbox. Newton reports that the machine hash — a string that uniquely identifies the computer running Dropbox to their servers — is stored unencrypted and in a standard location on any machine with Dropbox installed. This means that if someone steals that single small file, perhaps by tricking a user into revealing it or through a malware attack, they can copy the machine hash to a computer of their own and download a copy of the entire contents of the Dropbox account in a manner that is almost undetectable to the user.
Beware the cloud?