A number of cloud storage providers have received negative headlines in the past when it comes to data protection. It wasn’t just hackers who were able to gain access to a variety of accounts on these different storage providers: the NSA also broke into many Dropbox user accounts. The problem with using online storage services is it can be difficult to know exactly who has access to your files besides you yourself. For this reason, experts advise users to encrypt all files that have been uploaded to a cloud storage service. And particularly sensitive data simply shouldn’t be uploaded to the computer cloud in the first place.
The server location can also be important to know, particularly for businesses. The location of the computer on which these user files are stored determines the data protection regulations that are applicable for the files. Most file hosting servers are located partly or entirely in the USA, where data protection laws are notably more relaxed than in most countries in the EU.
Generally, it’s advisable never to upload personal customer data to a cloud storage facility, although the EU-US Privacy Shield, the follow-up to the Safe Harbour Agreement between the EU and the United States recently came into effect in the summer of 2016, meaning more protection for data sent from Europe but stored and shared in the USA. But many critics of the new EU-US data protection agreement say that it doesn’t adequately protect the data of European users and still makes it too easy for US authorities to gain insight into personal data. So it’s still recommended to refrain from storing customer data in a cloud store, whether you’re based in the US, the UK, or elsewhere.