Admins having access to your data is always the case, unless you encrypt everything locally before you send it to any cloud.
Again, it always is like that, and whatever service tells you otherwise is lying (with exception of those with client side encryption).
However, in a company with good internal quality control, illegally accessing your data would get an admin fired.
In the case of /e/'s Nextcloud, you cannot see if admins accessed your data, but this is almost always the case. Furthermore, the server admin (of which Nextcloud is unaware) also has access and probably some more people managing the storage backend.
Than you for your info ljahn and Manoj! Sorry, but, when it comes to trying to understand the /e/OS ecosystem, I am quite an average turnip. I´m not sure if I understand the relations with ecloud and Nextcloud - or do I need to, but it is not very easy gather all the details. I have been a Wuala user, and when they shut down I went to Tresorit. They changed they user agreement after a while and I felt it was a bit unambiguous, so I stopped useing it. Now I´m looking forward to your plans to End to End Encryption. Would be very a good thing and very transparent for the user, if it would be possible, somewher in the future, to have access to all logs that consider their data. Their data is their data and the logs are crucial part of the data. Thank you again for the info!
Manoj, I see that the statement in the link you provided says that the plan to implement E2E within eos is to take place by the end of 2021. We are there now and obviously that information needs an update as to the schedule for implementation of E2E. Do you have an update or educated guess as to when we might see end to end encryption for our apps? I know I would be an early adopter and even volunteer as a tester if the developers are at that point.
Thanks!
On the other hand I have one question. Do you have any useful documentation about the way a server is working and what we can expect from a user point of view regarding the use of a server?
This also applies to E-Mail. If you want no admin to be able to read your mail, you and everyone sending mail to you have to use client side encryption.
as @ljahn explained, there are very few services offering “zero-knowledge” for admins. As Manoj said, we are updating our documentation to remove that estimate which assumed we could use Nextcloud’s E2EE, which we can’t.
So, for files, I suggest you look into https://cryptomator.org/ to encrypt files that are stored on ecloud.global.
For e-mail, you need to use OpenPGP or similar encryption tools to guarantee full confidentiality of your communications. The difference with other providers like GMail is that we will never inspect/analyze/read your data or messages. In fact, our aim is to build a service that offers transparent E2EE on all features so that it is technically impossible for us to access your data. But this is not an easy task and given the current state of the art it will require custom R&D, so we’re talking about the years for the whole platform and not months.
Sincerely,
Arnau V.
Engineering Manager at /e/ - cloud & infra