Some data could be captured less, but what about data like email contents, files, contacts, calendar data, chat histories? Retaining those things are part of the whole purpose of having web clients and dwarf logs like the IP address you used to do a web search, which is ephemeral anyway. Can we at least define the "so much data" that we're talking about here? Going to my Google account page, for the most part I see services that I specifically turned on. What other data are we talking about here that would really save the day if not present?
Meanwhile, some of the objections in this thread seem kind of selective. With a search warrant, the FBI can tap your phones and record your conversations, they can tap your internet connection and watch every IP address you connect to and record all the unencrypted connections you make, they can place tails on you that record every word they can pick up with a microphone, they can track every financial activity you engage in and every person you meet with; they can go into your house and take everything you own. If Colin was in the US, they could certainly go into his house and install a keylogger.
If you just want an online backup system, definitely use tarsnap or the like. I have an offsite backup that's locally encrypted. If you want a web service, though, with all the tradeoffs that implies, that's what you're going to be subject to. For US citizens, search warrants are actually good things; probable cause is a high bar to meet. It's the bullshit lack of disclosure/secrecy culture that the judiciary accepts so often that is the problem here (as well as the problems of if you're not a US citizen...). If we ensure that warrant disclosure policies are reformed, at least we can be informed that our data has been seized and defend ourselves.
Some data could be captured less, but what about data like email contents, files, contacts, calendar data, chat histories? Retaining those things are part of the whole purpose of having web clients and dwarf logs like the IP address you used to do a web search, which is ephemeral anyway. Can we at least define the "so much data" that we're talking about here? Going to my Google account page, for the most part I see services that I specifically turned on. What other data are we talking about here that would really save the day if not present?
LastPass is a webservice and stil encrypts the data locally; they use an extension, but Google controls the most popular browser today. They could add encryption capabilities to it and use it on Calendar, Contacts and others. Even email could be auto-encrypted on arrival.
...but at the expense of basically everything that makes gmail useful. No search, spam filtering, filtering, google now, etc. If you want that, just use IMAP in thunderbird with PGP today.
The user's choice, yes. If Google didn't do those things that required access to the data then the user would switch to a service that did. It would be like Scroogled but on steroids.
Meanwhile, some of the objections in this thread seem kind of selective. With a search warrant, the FBI can tap your phones and record your conversations, they can tap your internet connection and watch every IP address you connect to and record all the unencrypted connections you make, they can place tails on you that record every word they can pick up with a microphone, they can track every financial activity you engage in and every person you meet with; they can go into your house and take everything you own. If Colin was in the US, they could certainly go into his house and install a keylogger.
If you just want an online backup system, definitely use tarsnap or the like. I have an offsite backup that's locally encrypted. If you want a web service, though, with all the tradeoffs that implies, that's what you're going to be subject to. For US citizens, search warrants are actually good things; probable cause is a high bar to meet. It's the bullshit lack of disclosure/secrecy culture that the judiciary accepts so often that is the problem here (as well as the problems of if you're not a US citizen...). If we ensure that warrant disclosure policies are reformed, at least we can be informed that our data has been seized and defend ourselves.