File Encryption Checker

Is Your Cloud Storage
Actually Private?

Encryption is not the same as privacy. Find out exactly what your cloud provider's encryption means for your files — and who can read them.

✓ Free — no signup required ✓ Plain English ✓ 60 seconds

Every major cloud storage provider encrypts your files. Google Drive, iCloud, Dropbox, and OneDrive all use AES-256 encryption — the same standard used by banks and governments. But encryption alone does not make your files private. The question that actually determines your privacy is who holds the encryption keys. If the provider holds them — which is the default on every major platform — the provider can technically read your files, law enforcement can request them, and a serious breach of the provider's infrastructure could expose your actual content. This tool shows you exactly what your provider's encryption means for your files — and whether there is anything you can do about it.

Check Your Provider

Select your cloud storage provider

Choose where you currently store your personal files, photos, or documents. We'll show you exactly how their encryption works and what it means for your privacy.

✓ 🟦

Google Drive / Google Photos

Google's cloud storage and photo service

✓ 🍎

Apple iCloud

Apple's cloud storage for iPhone and Mac users

✓ 📦

Dropbox

File sync and cloud storage

✓ 🪟

Microsoft OneDrive

Microsoft's cloud storage, included with Microsoft 365

✓ ☁️

Microsoft Azure

Microsoft's cloud platform and file storage

✓ 🔀

I use multiple providers

Show a comparison of all five providers

All Providers Compared

How every major provider handles encryption

The same six dimensions — across all five providers.

Dimension	Google Drive	Apple iCloud	Dropbox	OneDrive	Microsoft Azure	StorX
🔒 Encrypted at rest	🟢 Yes	🟢 Yes	🟢 Yes	🟢 Yes	🟢 Yes	🟢 Yes
🔑 Who holds the keys	🔴 Google	⚠️ Apple*	🔴 Dropbox	🔴 Microsoft	🔴 Microsoft	🟢 You
👁 Provider can read files	🔴 Yes	⚠️ Yes*	🔴 Yes	🔴 Yes	🔴 Yes	🟢 No
⚖️ Government access	🔴 Yes	⚠️ Yes*	🔴 Yes	🔴 Yes	🔴 Yes	🟢 No
📱 Third-party app access	⚠️ Yes	⚠️ Limited	⚠️ Yes	⚠️ Yes	⚠️ Yes	🟢 No
🛡 Breach exposure risk	⚠️ Medium	⚠️ Medium*	⚠️ Medium	⚠️ Medium	⚠️ Medium	🟢 Minimal
✅ Zero-knowledge	🔴 No	⚠️ Optional*	🔴 No	🔴 No	🔴 No	🟢 Yes — default

* iCloud standard: Apple holds keys. iCloud with Advanced Data Protection (opt-in): you hold keys.

🔑

Who holds your encryption keys?

🔒 Files Encrypted at Rest

Are your stored files protected from physical theft of the server?

🔑 Who Holds the Encryption Keys

The most important question — whoever holds the key can read the files.

👁 Can the Provider Read Your Files

Does the provider have technical access to your file contents?

⚖️ Government & Legal Access

Can law enforcement obtain your readable files through the provider?

📱 Third-Party App Access

Can apps you've connected to your storage read your files?

🛡 Breach Exposure

If the provider's servers were breached, what could attackers access?

📋 Plain-English Summary

⚠️ Most iCloud users are on the less private setting

Apple offers end-to-end encryption for iCloud through a feature called Advanced Data Protection — but it is switched off by default and must be manually enabled. With Advanced Data Protection on, Apple cannot read your files, cannot comply with legal requests for file contents, and cannot recover your data if you lose your device and your recovery key.

📱 iPhone / iPad: Settings → [Your Name] → iCloud → Advanced Data Protection → Turn On

💻 Mac: System Settings → [Your Name] → iCloud → Advanced Data Protection → Turn On

⏱ Takes approximately 3 minutes · Requires iOS 16.2 or later

How It Compares

Your Provider vs StorX

The same six dimensions — side by side.

⚠️ Your Provider

Standard consumer plan

🟢 StorX

By default — all plans including free

✅ Files encrypted before leaving your device

✅ You hold the encryption keys — StorX never does

✅ StorX cannot read your files — technically impossible

✅ Law enforcement receives only encrypted, unreadable data

✅ No third-party app ecosystem with file content access

✅ A breach exposes only ciphertext with no key to decrypt

Privacy is architectural — not dependent on StorX's policies or goodwill

The difference between privacy and encryption

Every provider on this list encrypts your files. The question is not whether your files are encrypted — they are. The question is who holds the key.

If your provider holds the key, your files are encrypted but not private. The provider, governments with legal authority, and potentially other parties can access your actual file contents.

If you hold the key — which only happens with client-side encryption — your files are encrypted and private. Not even the provider can read them, regardless of what they are asked to do.

"Encryption without client-side key control is a locked door where someone else has a copy of the key."

The Alternative

Privacy That Doesn't Require a Setting Change

StorX is the only provider on this page where client-side encryption is the default — not a premium feature, not a manual setting, not an enterprise upgrade. The free tier includes 2GB and takes under 2 minutes to set up.

Try StorX Free — No Credit Card Required → See how StorX encryption works →

🔒 Client-side encryption by default 🔑 Only you hold the keys 🆓 2GB free forever ⚡ 2-min setup

Questions Answered

Frequently Asked Questions

Yes — Google Drive encrypts files at rest using AES-256 and in transit using TLS. However, Google holds the encryption keys, not you. This means Google's systems can technically access your file contents, and Google can comply with valid legal requests by providing your readable files. Google Drive encryption protects against physical theft of servers — it does not make your files private from Google.

By default, no. Standard iCloud uses encryption where Apple holds the keys — meaning Apple can technically access your files and comply with legal requests. Apple offers end-to-end encryption through a feature called Advanced Data Protection, which shifts key control to you. But it must be manually enabled in your device settings and is switched off by default. With Advanced Data Protection on, iCloud is genuinely end-to-end encrypted and Apple cannot access your files.

Technically, yes. Dropbox encrypts stored files but holds the encryption keys. Dropbox has access to your file contents and can comply with valid legal requests. Unlike iCloud, Dropbox offers no zero-knowledge encryption option for individual users — there is no setting to switch on to make your Dropbox files private from Dropbox.

Standard encryption means a provider encrypts your files for storage and transit — but holds the encryption keys themselves. The provider can decrypt and read your files. End-to-end encryption means your files are encrypted on your device using a key that never leaves your device — the provider stores only encrypted data it cannot decrypt. The provider cannot read your files under any circumstances, including legal requests. Most cloud storage uses standard encryption, not end-to-end encryption.

Zero-knowledge cloud storage means the provider has zero knowledge of your file contents — it stores only encrypted data it cannot decrypt because it never has access to your encryption keys. This is achieved through client-side encryption: your files are encrypted on your device before upload. StorX uses zero-knowledge architecture by default on all plans. iCloud with Advanced Data Protection is zero-knowledge for covered data categories.

Client-side encryption means the encryption happens on the client — your device — before data is sent to the provider's servers. Your device generates an encryption key, encrypts the file, and sends only the encrypted result to the provider. The encryption key never leaves your device. The provider receives and stores encrypted data it cannot read. This is the opposite of server-side encryption, where the provider encrypts data after receiving it — and holds the keys.

The most private cloud storage options are those that use client-side encryption where the user holds the encryption keys. StorX uses client-side encryption by default on all plans. Apple iCloud with Advanced Data Protection enabled is also zero-knowledge for covered data categories. Standard Google Drive, Dropbox, and OneDrive use provider-held encryption — the provider can technically access your files on these platforms.

Is Your Cloud StorageActually Private?