If You Think Your Cloud Data is Safe from Prying Eyes, Think Again
The cloud has become a popular way to store huge amounts of data, giving you the ability to conveniently upload and access your files, sync them across your devices, and share them with others. Often, however, this convenience comes at the expense of your security and privacy.
As it turns out, cloud storage providers can view your files anytime and for virtually any reason. The weasel clause most cloud providers use to justify access to your files is to “verify compliance” with their service agreement.
Way of the Weasel
Here are some snippets from the terms of service issued by the most commonly used cloud storage providers, showing how they rationalize access to your files.
Amazon Drive – Amazon’s terms of service include you giving permission to Amazon for using, accessing, and retaining your files in order to provide the services to you, enforce the terms of the agreement, and improve its services.
Box – The Box terms of service gives the service provider permission to view the files stored on their servers to ensure users are in compliance with its terms of service.
Dropbox – The Dropbox terms of service gives their employees and trusted third-parties permission to access, view and share your files stored on their servers at any time.
Google Drive – The Google terms of service gives their automated systems permission to access the data stored on their servers for the purpose of monetization through advertising.
iCloud – Apple reserves the right to take steps its believes are reasonably necessary or appropriate to enforce and/or verify compliance with any part of its Terms and Conditions, and may, without liability to you, access, use, preserve and/or disclose your Account information and Content to law enforcement authorities, government officials, and/or a third party, as Apple believes is reasonably necessary or appropriate…
Microsoft OneDrive – The Microsoft terms of service gives Microsoft employees permission to view the files stored on their servers, to ensure users are in compliance with the Microsoft terms of service.
pCloud – pCloud has the right to access, review or edit any user content for the purpose of operating the site or services, to ensure your compliance with these terms, or to comply with the applicable law or the order or requirement of a court, administrative agency or other governmental body.
SugarSync – SugarSync summarizes its policy of disclosure of your data to third parties as follows: “We may disclose your Personal Data to: legal and regulatory authorities; our external advisors; our Processors; any party as necessary in connection with legal proceedings; any party as necessary for investigating, detecting or preventing criminal offences; any purchaser of our business; and any third party providers of advertising, plugins or content used on our Sites or our Apps.”
Not only do cloud storage providers routinely access, scan and read your files, but they can close your account if they see something they don’t like. pCloud, for example, states: “pCloud reserves the right, at any time and without prior notice, to remove or disable access to any content that pCloud, at its sole discretion, considers as objectionable for any reason…”
Privacy + Convenience
With privacy becoming more of a concern among Internet users, innovative competitors now offer end-to-end encrypted storage platforms and apps that ensure only you can access your data in the cloud. Sync is one of these services. It goes so far as to warn that if you lose your username or password, you may not be able to access your account or any of your files. In other words, you are entirely responsible for your files and your ability to access them.
Sync’s “zero-knowledge” storage platform guarantees your privacy by encrypting and decrypting your data locally on your computer or device before the files are transferred to Sync’s servers. This ensures that the encrypted file data stored on Sync’s servers is impossible to access, even if the servers themselves become compromised.
Since only you have access to the encryption keys, only you have access to your files, not Sync. Two-factor authentication, granular user permissions, remote wipe, custom passwords, expiry dates, and notifications provide additional levels of control. Further, Sync doesn’t collect, sell or share your personal data or app usage information to advertisers or third-parties, nor does it claim ownership of your data.
If you value security and privacy, but also want convenience and flexibility, there’s no need to compromise. You can have it all with the right cloud storage provider – if you are willing to assume full responsibility for your files and your ability to access them.
Nathan Muller is the author of 29 technical books and over 3,000 articles that have appeared in 75 publications worldwide. He also writes articles, blogs and social media content for tech companies and their executives.
Everything You Need. More Than You Expect.
703-407-4363 | firstname.lastname@example.org