Let me begin by quoting from a recent episode of the podcast Firewalls Don't Stop Dragons:
And the cloud, as we like to say, is a fancy term for someone else's computer.
It can't be stated more clearly than this. There is no cloud. When you upload a photo to your social media, or to an online drive, like Google Drive or Dropbox, you are sending that photo, via your Internet connection, to someone else's computer, where that photo is stored for you to access later.
Bad metaphor
I have always felt that 'the cloud' is a terrible metaphor for how our data is stored. It suggests a fluffy, ethereal place high up in the air, barely visible. It suggests that when I upload my photos and documents to the cloud, they sort of hover in a pretty no-man's sky, mixing with other data, waiting float back down to me when I need them.
I stopped teaching high school recently (too many meetings), but I used to ask this question to my students every year: What is the cloud? I would be met with blank stares. Attempts at answers would lead to the false imagery the metaphor of a cloud suggests: a space out there, where our data sort of floats.
I would follow this up with another question: When you upload a photo to your social media, what do you think happens with it? This usually led to a better conversation about file storage and computers/servers, which helped to dispel the misdirecting cloud image.
I do believe in the power of metaphors (although 'privacy journey' is worn very thin these days, by me as well). When I try to think of better metaphors to visualise data storage, 'the basement' comes to mind, or 'the warehouse'. It needs to be a heavy, grounded metaphor, because that is where our data sits: on the earth—perhaps even under— and inside machines that require electricity to keep them running.
First hand experience with servers
This is not my first time referring to this book, but Brian W. Kernighan's Understanding the Digital World helped me grasp some of the facts about the Internet and computers as a non-programmer.
But what really opened my eyes was setting up my own server. This project came about from finding my old (old!) PC in the basement, and looking for a good use for it. A server is a computer that you can connect to remotely and use, for example, for storing your data.
I must admit that this was not an easy journey, and I went through several stages of server building on that computer before I got it right and found a simple method, namely by running a programme called Nextcloud.
Once my own server was functioning as a storage space for my friends and family members' data, I began to recognise how incorrect the cloud metaphor really is. I can hear my server computer when it's processing things, because it is sitting on the floor by my feet where I work.
I also learned that a server administrator has a surprising amount of elevated privileges. I even figured out how to take a peek at user data.1 I promptly warned all my friends and family members not to put sensitive data on my server.
The problem
If the cloud is not an open space between computers but a misguiding metaphor about hardware, and if the administrators of those computers have elevated rights, then, logically, you are putting your data and into the hands of the administrators that manage those computers.
The bottom line is that—unless your build your own server—you are going to have to trust someone with your data.
While it is possible to trawl through difficult-to-find privacy policies for every company, it might be simpler to start by thinking about the services you currently use, and how they earn money. Written policies from large, well-established tech companies can be misleading or ambiguous, and promises about anonymisation of data often turn out to be false—listen to the podcasts The Surveillance Report and Firewalls Don't Stop Dragons if you want to get a sense of how commonly data is de-anonymised. Unless you are a researcher, it is not worth your time reading those types of privacy policies.
I would therefore avoid any direct2 cloud solutions offered by Big Tech companies. Once I learned how cloud storage works, I removed all my files, photos and videos from Google Drive. It was inconvenient, as Google offered so much free storage space at the time, as well as excellent online tools for managing and sharing my files. I had to look for privacy-respecting alternatives, test them out and compare costs. And yes, I did read privacy policies from these cloud providers, and studied reviews from sources I trust.
The (partial) solution
So, what should I look for in a cloud service?
- zero knowledge and end-to-end encryption
If your data is encrypted (scrambled and encoded) on your computer and on the company's computers, then the owners of those computers cannot read your files or see your photographs without the key required to unscramble the data first.
When a company claims to have 'zero knowledge' of your data, they are referring to a deliberate decision on their part to set up their systems in such a way they can never own the encryption keys to your data.
- privacy policies
While I suggested earlier that there is no real point in reading, for example, Google's privacy policies, because their business model—earning off your data—is apparent, I would argue for carefully reading the privacy policies of companies that claim privacy is their main focus, before starting a trial and then possibly a subscription with them.
If you have questions or require clarification, you should contact these companies. I have found many privacy-focused software companies respond to my questions quickly, transparently and honestly. Privacy and trust are their main selling point, after all. And if a company doesn't respond to your questions, then you know not to bother with their product.
- local laws
It is a misunderstanding to think that a provider of private email or storage will play the role of privacy super hero, circumnavigating legal government intervention on your behalf.
While it is true that organisations have resisted unfair or secretive attempts by governments to force backdoors to your data, a company like Tuta, based in Germany, is never above German law. This is a misunderstanding you will sometimes see on privacy forums, where people show disappointment with a company's compliance with the law.
What you can do is research local privacy laws, and in doing so, you might find that a cloud provider that has its computers in Germany will benefit from these laws more than a server in the United States does.
- teachers and forums
By visiting a handful of privacy-focused forums and listening to some of the great online teachers out there, you will quickly develop a sense of the criteria that software products are judged on in the community, and you will begin to notice the same three or four company names keep popping up for each type of product. I use this organic cross-referencing a lot and it has helped me feel confident about making decisions. You can also join the forums and ask for advice or user experiences there.
The problem of trust
In the end, if you are going to entrust your personal data to someone else, there is a limit to what you can do to be 100% sure it's safe to do so. This is why we have the concept of trust.
But making intelligent decisions about who to trust makes a lot more sense than dumping all your personal data with the first company that promises they'll look after it for free, and make your life easier to boot.
Lastly, zero knowledge means that the company managing your data will not be able to help you out if you lose your encryption key, usually a master password. It is therefore important to make safe and redundant storage of your cloud passwords and local backups of your data a priority.
Documentation
Firewalls Don't Stop Dragons podcast, episode "Mitigating AI Risks" from about 55 minutes on
Author Brian Kernighan's books
The Surveillance Report podcast
Parents: Are Your Kids Backing up Their Data? (Recent post on cloud storage for kids.)
-----Discuss on Reddit-----
Subscribe to my blog via email or RSS feed.
Find me on Mastodon and Twitter.
Back to Blog
