How safe is EU-based Ubuntu One cloud data?

security ubuntu-one

Solution 1:

According to the US, if a company is registered in the US, all data they hold anywhere in the world is fair game. So this includes all servers used by Microsoft, Amazon and Google anywhere in the world according to the US. And in the last few days there has been another example of this:

"Google is the next major company to admit Patriot Act issues, as it admits to handing over data held in a European datacenter back to U.S. intelligence." ZDNET, August 11, 2011

I am not a lawyer and not related to Ubuntu One/Canonical and not a lot of users here are legal experts with knowledge about this situation so an answer to your question will all be conjecture. And it also depends on how stubborn the EU is about enforcing own law and opposing the US Patriot Act.

Ubuntu One Terms of Services

This agreement is governed by the laws of England and any dispute will be heard by the courts in England. Failure by Canonical to enforce any right or provision of this agreement shall not constitute a waiver of such right or provision. If any part of this agreement is held invalid or unenforceable, that part will be construed to reflect the partie's original intent, and the remaining portions will remain in full force and effect. The terms of this agreement do not affect your statutory rights.

Ubuntu One is based in the UK so the company is subject to the EU laws and the European Data Protection Directive. So the answer to your question should be no Ubuntu one is not affected by this if you store the data on a EU server

If you want to make sure before you start using Ubuntu One that your data will not be handed over to the US you can contact them yourself and get an official responce (from Ubuntu privacy policy):

Please submit any questions or comments about this Privacy Policy, or about our use of your personally identifiable information to our account assistance form at /help/contact/ or by postal mail at the following address: Canonical Group Ltd, 27th Floor Millbank Tower, 21-24 Millbank, London, England, SW1Q 4QP.

Any data stored on a cloud worth protecting should be encrypted. Might not stop the US from getting it and also might not stop the US from decrypting it but it should be made as problematic as possible ;-)

Solution 2:

It is never safe to assume that anything you place in a public cloud is kept private, even if the service provider has the best of intentions. You should always err on the side of caution. Canonical might be based in the UK and therefore not affected by the US laws, but does anything prevent them from using another cloud as an extension of their own service? Because if they did that and the other cloud is US based, then it'd still be subject to US law.

If you use the cloud for personal stuff, then you must make sure to encrypt it. You must not make assumptions when it comes to privacy. And even Canonical is not immune to disloyal employees.

Related

Noise problems when playing any sound (On laptops or when using any sound apps)
Network configuration: resolv.conf and hosts
mysql-workbench only shows splash screen when being launched
How to convert TIFF scan file to JPEG or PNG general file format in Ubuntu?
Arrange icons on unity 2d bar
Hebrew subtitles are gibberish
Where do I find display brightness controls in Lubuntu?
The best AutoCAD 2010 Ubuntu alternative?
Problems, connecting Android ICS to Ubuntu using MTP
How to backup and restore downloaded gnome-shell extensions?
VPN connection failed because service stopped unexpectedly
gnome's file v3.6.2 (nautilus) has lost the inline folder expand function