0

Can I be sure that providers such as google, aws, DO, hetzner, rackspace, etc. won't disclose my private data to a third country like Russia (which resident I am).

I started a dialog with AWS support about this, and they sent me a link here. But it is not quite an answer.

Also, is it right way to choose between companies, or better to choose between countries?

Which country would not give access to Russian government?

What would be the right architecture after choosing country: store in cloud (AWS WorkDocs, gdrive), or use VPS (DO, hetzner)

According to this post - will all big companies will act the same? How about amazon, rackspace, DO, hetzner, etc.?

P.S. No one can tell me certainly, that if you do this, there would be a very big chance, that your pirate data would be safe. In pirate data I mean documents, that illegal in my country, but there is nothing about crime against humanity (not a porno, not an intellectual property or sth). So I want to operate this data, and be safe from bind me with that data and be captured by police after all.

Community
  • 1
kAldown
  • 101
  • 1
  • 3
    We are not going to be able to tell you what countries won't send data to whom. – schroeder Dec 07 '16 at 21:56
  • you need to use a service that _cannot_ give access to anyone but you; E2E encrypted. Luckily, any service with an API provides that capability, if one were so inclined. – dandavis Dec 08 '16 at 20:58

1 Answers1

1

What private data? It is likely that your government already has most data about you. They may not have data you have created privately. If you put private data on a public cloud, you can never be totally certain what will happen to it.

You need a vendor with a strong privacy track-record that operates in a territory with strong privacy laws.

Even then, it may well be easier for a nation state to hack through to the data than to tip their hand to a foreign commercial organisation.

I'd start then by looking for a vendor who has a lot to lose, has very strong and open standards/policies/processes and who takes a strong, consistent stand against government bullying & underhanded behaviour.

Are they all the same? Certainly not. Google, for example, makes most of its revenue from being able to process other people's data. Amazon and Microsoft don't have that credibility issue. Both have strong policies and processes for privacy. Both allow you to keep data in a specific region. Both take steps to restrict access to customer data from operations staff. Microsoft at least has additional services to further protect data at rest (customer private keys for example). Microsoft in particular has a lot to lose since much of their Cloud offerings are targeted at government data, that would all be lost if they messed up on data privacy, at least in the EU.

The smaller the vendor, the less likely they are to have the resources to stand up to state interventions.

Just realise though that if a major government wants your data badly enough, they are going to get it one way or another.

Julian Knight
  • 7,092
  • 17
  • 23