5 comments

[ 3.9 ms ] story [ 25.5 ms ] thread
> No matter, how secure your cloud vendor is storing your data, you are going to lose control. Same holds true for the European cloud.

Not fully truth. You can ask for the complete deletion via EU GDPR.

About the other concepts, yes it’s true but it’s the price to pay for the convenience of having the data stored by the hardware/software of someone else.

You can always buy your home storage device, configure it, expose it online, maintenance it, etc…

Do you truly believe that it will be deleted if inconvenient to do so? If the state mandates retention?

Physical access is root access.

For anything remotely sensitive cloud is simply a non-starter.

It should be deleted, I can’t speak for a non legal behavior of the companies, but legally they must do it, if asked. Anyway I won’t put sensitive info on remote cloud owned by xyz. I was speaking for normal cloud content, like photos or simply documents.
For some anecdata on illegal behavior, Atlassian denied my data deletion request on the basis that they're legally allowed to choose to use logins as a proof of identity (since without some kind of proof anyone could prank delete anyone else's data) and since they'd given away my account the day before I thus couldn't login to prove that it was my data, despite having otherwise valid credentials and whatever other proof of identity they might need.
My favorite analogy here is the old sex education trope- "wear a condom or you are exposed to all of the STDs of all of your partner's partners". Only in the cloud, the arrow of time is reversed. Everything you share you have to trust the company to steward, and not just the company as currently constituted, but all future versions, ownerships, partners and employees of the company.