I consider it a unnecessary security threat to give a publicly exposed server full access to my Dropbox if there's no need to do so. BackWPup doesn't need access to the whole Dropbox. Access to sandboxed app folders are enough.
App folder access means:
"A dedicated folder named after your app is created within the Apps folder of a user's Dropbox. You get read and write access to this folder only. Users can share content with your app by simply putting stuff in the folder from any of their computers or the Dropbox website."
Do you plan to implement this kind of Dropbox API access?