The problem is, such notifications are often buried amid long paragraphs of legalese. And they are written in such a way that it's hard to tell what they actually mean.
We read through the Privacy Policies of several major service providers, to see if they included a notification for government data collection. What we found – every one of the providers said they would share your data with government if asked.
Here are direct quotes from each provider’s policy on cooperating with government.
Amazon Web Services: Protection of Amazon.com and Others – Amazon.com
"We release account and other personal information when we believe release is appropriate to comply with the law; enforce or apply our Conditions of Use and other agreements; or protect the rights, property, or safety of Amazon.com, our users, or others."
Facebook: Responding to legal requests and preventing harm – Facebook Data Use Policy
"We may access, preserve and share your information in response to a legal request (like a search warrant, court order or subpoena) if we have a good faith belief that the law requires us to do so."
Google Docs/Drive: Information We Share (for Legal Reasons) – Google.com
"We will share personal information with companies, organizations or individuals outside of Google if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:
Microsoft Office 365: Sharing or Disclosing Personal Information – Microsoft.com Privacy Statements
- meet any applicable law, regulation, legal process or enforceable governmental request."
"We also may share or disclose personal information, including the content of your communications:
Rackspace: Disclosure of Personal Information – Rackspace.com Privacy Statement
- To comply with the law or respond to legal process or lawful requests, including from law enforcement and government agencies."
"In particular, we may release the information we collect to third parties when we believe it is appropriate to comply with the law, to enforce our legal rights, to protect the rights and safety of others, or to assist with industry efforts to control fraud, spam or other undesirable conduct."
Most businesses will cooperate with law enforcement in the course of a criminal investigation. These efforts require a warrant and are supervised. That’s not what this Tech Tip is about.
This is about whether your data is safe from government surveillance when using public cloud providers. According to their own terms & policies…it's not.