[This is a multiple-part series – go here for the full list]
Welcome to Part 4 of my De-Google series. If you haven’t done so already, I’d start with the first article (strategy), even if you want to read the other articles out of order. You’ll find nice jump links as the bottom of the page. Today I’m going to cover two very popular Google cloud services: Google Drive and Google Docs.
De-Google, Step 9: Google Drive
The “cloud drive” was popularized by DropBox, but now everyone has their own version of this. Google has Google Drive, Apple has iCloud, Microsoft has OneDrive, and there are many more. While most of these services do encrypt your files, the service providers hold the keys. This isn’t necessarily nefarious – it enables useful features like text searching. But these services can and often do automatically search your files for copyright violations, for example. And if served with a warrant, they can turn over your files. Which also means that a rogue employee could poke around in your files, too.
Thankfully, there are several privacy-focused cloud storage services that allow you to hold the encryption keys, meaning that the service provider has no way to see the contents of your files. After much research, I chose Sync.com (more info here). All encryption happens at the client side, meaning Sync can’t peak into your files. This service has lots of great features, too, including the ability to share files securely with other people (even if they don’t use Sync.com). I’ve used it for years now and have no complaints.
There are three other interesting options I want to throw out, though. First, if you are really married to your existing cloud storage provider, you can use a cool tool called Cryptomator to encrypt some of the files stored there. For example, create a folder in DropBox called “My Vault” and use Cryptomator to encrypt the contents of that folder. Second, if you own multiple computers, you can use a free and open source peer-to-peer file syncing tool called SyncThing. This syncs files between your computers only – they’re not held by any cloud service. However, this means that you are your own backup. If your desktop and laptop both die, your files are gone. See the “bonus” below for the third option.
De-Google, Step 10: Google Docs
Google Docs is an amazing suite of tools akin to Microsoft’s Office. You can edit documents (“Word”), spreadsheets (“Excel”), presentations (“PowerPoint”), and more. And it works incredibly well for a web app. And because it’s cloud-based, you have cloud backup and file sync built right in (i.e., Google Drive). Microsoft and Apple have competing services, too… Microsoft 365 with web versions of Word, Excel and Powerpoint, and iCloud Drive which supports cloud sync for Pages, Numbers and Keynote. But again, none of those are truly private.
You could use the native Mac/PC office applications and just store the files in a secure cloud drive like Sync.com. Or use Cryptomator. But I’m going to give you two other options here.
By far the most versatile and complete solution is ONLYOFFICE. It’s open source and has a very usable free version. (And if you really want to own your data, you can even host this yourself, but more on that below.) You can make documents, spreadsheets, presentations and forms. With Workspace, you get even more features like email, calendar and contacts.
Another option to keep an eye on is Skiff. They’re in beta right now and only do document editing, but it shows a lot of promise.
NextCloud is a very interesting option. This one service can replace Google Drive, Google Docs, Gmail, Gcal, and much much more (via plugins, including one for ONLYOFFICE). It’s free and open source, too. It does just about everything. So what’s the catch?
Well, to maximize privacy, you need to host this service on your own computer. That’s not practical for most people. I’m a tech savvy “computer guy” and it took me time, effort and money to set up. If you can handle this, it’s a great way to go.
You can also choose a cloud provider to host it for you, though now you have to trust someone else again. Unfortunately, NextCloud doesn’t handle client-side encryption well yet. You can read an in-depth review here. But… at least it’s not Google holding your files.
Keep an eye on these guys. Once they get client-side encryption working by default, then you can pay someone else to host it for you and you should have complete privacy.
This is probably the last article in this series. While there are a lot more Google services out there, I think I’ve covered the most popular ones that have the biggest privacy impacts. If you have other Google services you’d like me to cover, though, feel free to reach out! Please share this series with friends and family, too – maybe Google (and others, like Facebook) will start getting the idea that we do care about our privacy. Or, if nothing else, we’ll create a viable market for privacy-respecting competitors.
I’ve created a nice summary page for all of these articles, including links to more resources.
Need practical security tips?
Sign up to receive Carey's favorite security tips + the first chapter of his book, Firewalls Don't Stop Dragons.
Don't get caught with your drawbridge down!