Chief Excutive Officer at Anqlave, the company that is bringing Treasure, cloud storage with privacy first approach.
You’ve probably seen the phrase “end-to-end encrypted” on various messaging services and webpages before, and you may have an intuitive sense of what it means. The idea is that nobody but you and the intended recipient has access to the information you’re sending.
You’d think that would be standard practice on the internet — a basic minimum, given that your data passes through a number of nodes and different servers before reaching its destination.
While it is standard practice, for the most part, this isn’t the case in the world of cloud storage. Major providers love to talk about how they care about your data privacy, but when they’re asked about end-to-end encryption on their own help forums, it’s like watching a politician squirm as they’re challenged by a tough interviewer.
The truth is that major platforms don’t typically offer end-to-end encryption. While they may encrypt your data, they still have the key. That means they can view your data and even use it for their own purposes. The question is, do you trust them?
We’ll explore the reasons behind this curious fact below, but first, let’s look at what end-to-end encryption is and how it works.
What is end-to-end encryption?
You may have an idea of what end-to-end encryption means, or at least how it functions. But let’s dig a little deeper and explore what’s really going on when you send data over the internet.
Encryption is the process of scrambling information carried in files so that it can’t be understood by unwanted parties. The data is unscrambled, or decrypted, at the other end by anyone who has the encryption key. When you send information through a messaging service or through the cloud, the information passes onto these third-party servers before being sent to the recipient.
End-to-end encryption means that your data is encrypted all the way until it reaches the intended recipient’s device. This means the third parties in the middle — and anyone else who intercepts the data — cannot read the content. Given how much data we have in the cloud and how much we rely on third parties in almost all of our interactions online, end-to-end encryption is a vital piece in keeping your data private.
Why don’t major cloud storage providers want to offer end-to-end encryption?
On the face of it, you’d think that the biggest cloud storage providers would jump at the chance to offer end-to-end encryption and use it as a selling point. Seeing as it’s used on services like WhatsApp and all of the major web browsers as standard, it’s curious that major cloud storage players don’t offer it. Why is this?
Well, the innocent explanation is that they want to offer you convenience, and they need access to your data to move files around their servers and make it shareable and accessible from different devices. But they could still do this with your data encrypted.
The most cynical among you might suspect the real reason is that they want to have access to your data because it’s part of their business model. Some of the biggest tech companies make their money by using information about you to sell advertising or even by selling your data directly. Yes, they take subscription fees, but the real cash comes from exploiting their users’ data. It’s no wonder they don’t want to protect it, then — it’s the cornerstone of their business.
You might be thinking, “Fair enough. That’s how they make their money, and they’re providing me with a free service. So, why not?”
Sure, but why aren’t they open and transparent about it? Major providers will talk about data security and privacy until the cows come home, but dig into their terms and conditions, and it’s a different story.
They will argue that they offer encryption via the HTTPS standard and that your data is safe on their system. But that doesn’t mean they can’t view it and sell your information. Take a look at the privacy policies of the major providers, and you’ll likely find clauses that give them free rein to do what they like with your data.
Can you use cloud storage with end-to-end encryption?
The good news is that other cloud storage providers have recognized the demand for more transparency and respect for users’ privacy. The problem is that many of these services are difficult to use and don’t provide you access to the data you already have stored on the major platforms.
What should you consider when choosing the right end-to-end encryption cloud storage?
Some vendors tend to provide you with the encryption key, giving you control over who sees what. But they don’t back it up in a secure way, which means if you lose it, you lose access to your data. So, look for a vendor that provides this service.
Additionally, most of those using at least one cloud storage provider need to make sure the platform can support integration with your existing cloud storage for a seamless transition.
Lastly, look for multiple device support. Cloud storage is essential so the data will be accessible on any device you use. A good service is one that can work on PC, MAC and mobile platforms. Otherwise, it will be hard to utilize the benefit of the cloud storage.