Cloud Storage Outside The US: Providers Out of the Reach of Uncle Sam
Choosing a location for your data is not something to dismiss, but an important decision. Depending on where a cloud storage service has its servers, different laws and regulations apply to your data. The U.S. has several laws that don’t work in favor of your privacy, so we’re going to tell you how to avoid them by placing data in cloud storage outside of the U.S.
Some laws, such as HIPAA, are designed to keep citizens’ data safe. Others are more devious and work in the government’s favor by enabling them to access your data for “national security” reasons.
The newest addition to that group is the Clarifying Lawful Overseas Use of Data Act (that spells out “cloud.” Sigh). It allows the alphabet agencies to grab data belonging to U.S. residents that’s stored outside of the U.S. if the country where it’s stored has an agreement with Uncle Sam. That’s all justified with the wars on terror and crime.
Let’s not forget the USA Patriot Act, which laid the foundation for future surveillance laws, and the PRISM leak by Edward Snowden, which informed us about the U.S. National Security Agency snooping through citizens’ emails.
Storing your data in the U.S. isn’t something to be taken lightly. Though many services have data centers there, that doesn’t mean there are no other choices. For example, there are notable services in Canada and Europe, which have laws that protect your privacy better than their U.S. counterparts.
Europe introduced the General Data Protection Regulation in May 2018 to allow users more control over their data and to increase fines if services didn’t comply. You can learn more about it in our comprehensive GDPR article.
Canada scrambled to match the new regulation because not doing so would jeopardize the free data flow agreement it has with Europe. If you’re interested in Canada’s privacy laws read our cloud storage in Canada piece.
Now that you know why the U.S. is a scary place to store your data and what other places make for suitable replacements, we need to define what makes a service a good candidate to hold your data.
Best Cloud Storage Outside the US 2020
- 1
- Sync Folder
- File Link Sharing
- Folder Sharing
- Versioning
- 2
- Sync Folder
- File Link Sharing
- Folder Sharing
- Versioning
- 3
- Sync Folder
- File Link Sharing
- Folder Sharing
- Versioning
- 4
- 5
- Sync Folder
- File Link Sharing
- Folder Sharing
- Versioning
Important Factors When Storing Data Outside of the U.S.
Considering that the CLOUD Act exists, you can’t be sure you’re safe when you store your data outside of the U.S. What you can do is encrypt the data, so nobody but you can read it. That’s what private, end-to-end encryption is for.
It encrypts your data before it leaves your computer with a passphrase that only you know. Because of that, nobody else can decrypt it and read it. That means even if Uncle Sam gets your data, it won’t be able to make sense of it. Services that offer such encryption are often called “zero-knowledge.”
To learn more about encryption, read our description of encryption.
If you store your data on a distant server, speed may become an issue. You can remedy that by choosing a service that has good infrastructure and a global network of servers. That way, you shouldn’t notice a delay during upload or download.
We’ve tested services from around the world. Generally, your transfer speeds will be faster the closer you are to the server. That said, how fast and stable your connection is depends on your internet service provider, too.
Some services allow you to improve your connection by changing transfer settings. Many use a block-level transfer algorithm. That speeds up the transfer of files that have already been uploaded by only transferring the portion that has changed. Note that it doesn’t work well with private encryption, so you will have to choose between speed and privacy.
With that out of the way, let’s get to the good stuff and take a look at the services. We’re talking about cloud storage in this article. If you need online backup, you can refer to our best cloud backup for Canada and best online backup for Australia lists for suggestions. If you’re not clear on the difference between backup and storage, read our explanation to learn more.
1. Sync.com
Sync.com was founded in Toronto in 2011 and has built a reputation for strong security and user privacy, which helped it top this list and our cloud storage comparison.
Its strong security is evidenced by its use of AES 256-bit encryption to scramble files and the TLS protocol, which protects data from eavesdropping during transfer to data centers.
It generates the key to that encryption on the server and encrypts it with an RSA 2048-bit public key. Once it reaches the client side, only the private key the client has can decrypt it. That makes it one of the best zero-knowledge services on the market. Sync.com’s data centers are SOC 1 certified and use RAID architecture to prevent server failures from leading to data loss.
Besides private encryption, which protects your privacy, Sync.com uses two-factor authentication to protect your account. Version history, restore and rewind protect against malware, too. Businesses can subscribe to business plans and get even more security features. For the complete list, click here.
Overall, Sync.com has one of the most competitive pricing plans on the market. You can see the pricing table and learn more about what it offers in our Sync.com review.
Its transfer speeds are average for a cloud storage service, though, and there’s no block-level copying to boost speeds afterward. That said, Canada isn’t far from the U.S., so you should still get decent speeds. If the sync process uses too much of your system resources, there’s an option to throttle it. Sync.com enables you to set monthly upload and download limits, too, which is good for those on a limited data plan.
2. MEGA
MEGA was founded by the notorious Kim Dotcom in 2013. He’s no longer associated with the company, but it lives on and advertises itself as “the privacy company” because it provides zero-knowledge encryption and is based in privacy-friendly New Zealand.
Despite using private encryption, it uses AES 128-bit to scramble your files at rest, which is good, but it’s not AES 256-bit. The TLS protocol protects your files during transfer. It doesn’t offer two-factor authentication, though, which leaves your password more vulnerable, so make sure it’s strong (check out our guide on how to set up a strong password).
MEGA offered a free 50GB plan, which was one of the main reasons for using the service. In 2017, the company made it so most of that space evaporates, though. You can get it back after jumping through hoops, but it will disappear again. To learn more about pricing plans and storage that doesn’t disappear, read our MEGA review.
The service has data centers in Luxembourg, Germany, France, the Netherlands, Canada and New Zealand, so you should get better speeds the closer you are to one of those areas. That said, some data centers may have better I/O than others, which might explain why MEGA users give different reports on the speed and reliability of the service.
We tested it by uploading a 1GB test folder over a WiFi connection out of Canggu, Bali with 10 megabits per second upload speed and 20 Mbps download speed. Our upload took almost twice the time it should have, which makes MEGA slower than average cloud services, and block-level sync wasn’t available to improve it. The download speed was on point, though.
3. Tresorit
Tresorit is based in Switzerland, but keeps its data on servers in the Netherlands and Ireland. It’s one of the most secure cloud storage services.
It uses AES 256-bit encryption to secure your files at rest and the TLS protocol to protect them in transit. The service’s zero-knowledge practices keep your encryption key safe and your files private, which means it won’t be able to reset your password. While that level of encryption won’t help with a stolen password, its two-factor authentication will.
Tresorit’s data centers comply with the latest ISO standards and run Microsoft Azure. They employ 24/7 security, surveillance and biometric scanning.
If someone steals your device, Tresorit lets you initiate a remote data wipe. If your files were corrupted by malware or someone edited or deleted them by mistake, you can use the file versioning feature to retrieve them.
While Tresorit’s security is strong, its prices can’t compare to other services. The cheapest plan costs $12.50 a month and only provides 200GB. For more information about its prices and features, read our Tresorit review.
Tresorit is slower than other services, but it is in line with those that use private encryption. If it uses too much of your system resources, you can throttle upload and download speeds separately. You can even schedule when throttle is enabled. Block level sync isn’t available, though.
4. Jottacloud
Jottacloud’s servers and headquarters are in Norway, which has some of the best privacy laws in the world. Plus, the company has a privacy guarantee that promises it won’t monitor the information you store. That said, it records personal information and metadata for support purposes, according to its privacy policy.
It doesn’t use private encryption to scramble your files, but the level of encryption is AES 256-bit and the SSL protocol protects them during transfer. SSL is deprecated, but it’s better than transferring without protection. Two-factor authentication is available, too.
Jottacloud has two free plans: one for personal users and one for businesses. Both give you 5GB of space, but the business one lets you have two users. Besides those, there are four more plans to choose from. You can see the pricing table and read more about the plans in our Jottacloud review.
We tested Jottacloud using our 1GB test folder and it took 10 minutes more, on average, than other services. Download speeds weren’t much better. Our upload and download speeds were 6 Mbps and 30 Mbps, respectively. You can control bandwidth usage if you’re on a limited plan. By default, there’s no limit. Unfortunately, block-level sync isn’t available.
5. Koofr
Koofr’s headquarters are in Slovenia, but its servers are in Germany. Because of that, it has to comply with the laws enforced in the EU. That’s fortunate, because it doesn’t use private encryption. It doesn’t have suspicious clauses in its privacy policy, either. Taken together, that means the lack of private encryption isn’t such a big deal in Koofr’s case.
To protect you against intruders, it uses AES 256-bit to scramble your files at rest and the TLS protocol to protect your data in transit. Plus, you can use two-factor authentication, as well as “mandatory password protection.”
Koofr doesn’t offer much storage space, but it has good plan flexibility because it offers six plans to choose from. They start as low as 57 cents and go up from there. If such a low price intrigues you, read our full Koofr review.
In our test, Koofr took around 23 minutes, on average, to upload a 1GB zipped folder. We connected over WiFi in Belgrade, Serbia with an upload speed of 6 Mbps and a download speed of 102 Mbps. That’s close to the theoretical time it should take to transfer 1GB of data.
You won’t be able to speed up transfers for files that have already been upload, though, because Koofr doesn’t use block-level sync.
Final Thoughts
This list isn’t exhaustive but it gives you a good idea of what you can expect if you decide to move your data outside of the U.S. There are good reasons to do so, with the main one being laws and privacy regulations that don’t favor citizens.
Most services on the list offer private encryption, which is critical to securing your privacy. Chief among them is Sync.com, which sits near the top of our best cloud storage and best zero-knowledge services lists. Tresorit and MEGA are also viable choices. The last three services on the list aren’t superb examples, but they might have specific upsides for you.
What do you think about using services outside of the U.S.? Which one appeals to you most? Let us know in the comments below. Thank you for reading.