It seems like most cloud services receive their funding via ad revenue or data mining. Which means, in the “free” cloud service you are using, you are the product. So, if you want privacy, you need to pay for a service so there is another funding model.

Three Definitions

• “Convenience” is being able to easily access the data from a new device and/or signup for the service.
• “Privacy” is when other people can’t access your data without you specifically adding them to the allowed list. This is usually implemented using encryption. There are three places encryption matters.
  • Encryption in transit is TLS. That is to prevent 3rd parties from intercepting the communication between your device or browser and the server.
  • Encryption at rest is the file stored in long term storage is encrypted. This is to prevent someone from grabbing the physical hardware and walking away with your data.
  • Encryption in memory (during use), this is the realm of end-to-end encryption where the server never actually decrypts the data in the first place. Therefore they cannot hand data over to a government because the company can’t decrypt the data.
• “Ownership” is ownership over the hardware holding the data.

Four Categories

1. Convenience without Privacy or Ownership is for fully cloud hosted services with free or discounted pricing. These services usually have user agreements, but those user agreements can be overwritten by court order, or just accidentally via a data breach. Also, they usually use encryption in transit and encryption at rest, but not encryption in memory.
2. Convenience and Privacy without Ownership is for cloud hosted services where you pay the full cost of the service, and the service uses end-to-end encryption. I also include paying for cloud compute in this category. Because while you have licensed that hardware, you don’t have physical access to it.
3. Privacy and Ownership with some Convenience is a middle ground. This is using your own hardware at your own location, to run a “cloud” service for yourself. This always requires some degree of setup and maintenance and you compromise on useability.
4. Privacy and Ownership without Convenience is when you are running fully local applications working with files on your device that you synchronize between your devices in a peer-to-peer setup. At most, you use end-to-end encrypted relays that don’t retain your data, only relay it. This requires the most effort to setup and involves finding applications that can actually work this way. See Awesome Local First, Local-first Software and Ink & Switch’s Local-first Software.

Services

These are examples for various services I have found in each of those categories. There are alternatives in each of these categories. I just chose the ones I am most familiar with. I put a 🏁 for where I am on each of these right now and a 🚩 for where I want to be.

TODO: Check through https://github.com/awesome-selfhosted/awesome-selfhosted to see if there are any worth adding to the table.