Get posts like this one in your inbox by signing up for our newsletter.
Having everything on the cloud (i.e. cloud storage) is great; it means you don’t have to remember if you saved that document on your desktop or laptop. You can also access your files from any computer connected to the internet, as well as not worry about what happens if your computer dies. However, that convenience usually comes with a price that’s not just monetary: your privacy. So, is it possible to have your data in the cloud without sacrificing that?
What Is The Cloud?
In the context of technology, the cloud refers to this:
instead of this:
For the purposes of this post, the cloud refers to the servers that store and process your data for you. Before using cloud storage services was popular, people just stored files on their computer. As archaic as that sounds, the plus side of this is that it works without the internet, and you’re the only person that has access to your files. The negative side is that you need to remember what you put on which computer, and you have to deal with backups yourself. If you’re traveling, and forget to copy your files onto your laptop, you’re out of luck.
These days, everything is stored on the cloud. You can access all of your files from any computer, and don’t need to worry about backing up your data. If you forget to copy your files onto your laptop, it doesn’t matter because you can just access them from your web browser. You can even forget to bring your laptop, and as long as you have access to an internet-connected device (such as your phone or tablet), all of your files are still there.
Sound interesting? I actually have entire post explaining more about cloud computing, which you can read here.
What About Privacy?
When your files exist only on your computer, then only you can access them. If you put those documents on a flash drive to share with someone, then only you and the person you shared it with can access your files. However, by definition, cloud storage isn’t just on your computer, it’s on someone else’s.
When your files exist on someone else’s computer (e.g. Google’s servers), then you’re no longer the only one with access to your files; the company that stores your files can also technically access them. How much this matters depends largely on what you store in the cloud. If it’s just essays or stories you’re working on, then it’s not too much a problem. On the other hand, if all of the photos you ever took and a spreadsheet you use to keep track of your finances are on the cloud, the privacy aspect probably matters a lot more.
Do Cloud Storage Providers Read Your Documents?
Keep in mind that storing and processing data costs money, and companies need a way to pay their bills and make a profit. They can choose to either charge their users money, or use alternative sources of revenue, such as advertising, or a combination of both. Free services are great, but they’re not truly free; you’re paying with something.
Back To The Original Question, Can Cloud Storage Be Private?
In theory, yes. Practically, it depends.
Simply put, end-to-end encryption is a special type of encryption which ensures that only the only people with the necessary keys to read and edit the data are with the sender and recipient. This is usually done by using something called asymmetric encryption, which uses different keys for encrypting and decrypting the data. While this works great for sending short messages, it’s not really optimized for directly encrypting large files, and is typically slower than symmetric encryption (which uses the same key to both encrypt and decrypt the data). For this reason, end-to-end encryption often utilizes both forms of encryption; asymmetric encryption is used to encrypt the key which is then used by the symmetric cipher. This also makes it possible to efficiently share large files with multiple people; the file only needs to be encrypted once, and then only the key has to be encrypted multiple times.
This is possible to do from within a browser, so it would not come at the cost of convenience. However, encrypting and decrypting everything in your browser would make the site run very slowly on older computers. Additionally, not every browser supports the features required to securely implement end-to-end encryption.
Why Isn’t This Done Already?
Because it would take a lot of work to implement, and the cloud storage provider would break compatibility with all previous versions of their apps. While it would be possible to keep compatibility by allowing for not all files to be encrypted, it would just add more complexity and a greater chance for a security vulnerability. Additionally, it would make it harder and slower to implement features such as search (which would need to be done 100% in your browser instead of on a server) and file sharing, although it would still be possible. In fact, there are already services that offer end-to-end encrypted cloud storage, but they’re not as popular as Google Drive and iCloud Drive yet.
Until Google decides to make Drive end-to-end encrypted, here are some alternatives:
- Write your documents locally, using a program such as Microsoft Office or Pages, and encrypt them before uploading. Most word processing software has a built-in encryption option which will securely and easily encrypt your document with a password.
- Use a service/app such as Boxcryptor or Cryptomator to encrypt your data before being uploaded to the cloud.
- Create your own cloud using software such as NextCloud. All you need is a server (such as a Raspberry Pi) and storage (such as a USB HDD). Optionally, you can set up port forwarding or a proxy server to access your cloud from anywhere. Going this route gives you full control over how and where your data is stored. For maximum security, considering encrypting your storage medium.