Back in September I wrote about cleaning up your phone settings to keep your photos and personal information safe. (And if you got a new phone, tablet, or even laptop over the holidays, you might want to give that article another look!)  But with cloud storage becoming more and more popular as we juggle an assortment of connected devices, it’s important to be mindful of where you’re putting not just your naked selfies but also your credit card and banking information, your passwords, and the 12,000-word Captain America/Iron Man slashfic you don’t want anyone to see. 

Think you don’t need to worry about online privacy because you’re not doing anything wrong? Look at your laptop, your phone, your tablet, even most likely your desktop. See that camera? Imagine everything that camera sees. You stuffing pizza into your mouth. Dancing half-dressed to Taylor Swift songs. Your face as you’re watching porn. Imagine your boss seeing you through that lens, or your mother. Or, you know, some stuffy old white CIA guy. Now do you see why even you, law-abiding citizen, need online privacy? We all do embarrassing things all the time, things that aren’t illegal but that we’d never want anyone to see. A good rule of thumb: If you wouldn’t want your mother or your boss to see it, secure it. (Also go ahead and put a Post-It over that camera, I’ll wait.) 

Sadly, the most popular and pervasive cloud storage service, Dropbox, has an Achilles’ heel. Why? They’re easy to use, super convenient, pretty reliable, and they have two-factor authentication. What could be wrong? One name: Dr. Condoleezza Rice. Dubya’s bestie, defender of torturers, and warrantless wiretapping fan Condoleezza Rice is on their Board of Directors. And despite an outpouring of protests from customers, many swearing to drop the service entirely, they’ve done nothing but defend their decision. That’s not to say Dropbox is now completely useless—it’s still one of the best ways to share files and transfer them from one device to another—but you should be mindful of what you choose to put there and think twice about paying them for th he upgraded service. 

Dropbox isn’t the only option out there, but most of the others aren’t so appealing either. Google Drive, iCloud, and OneDrive are operated by Google, Apple, and Microsoft respectively, and while none of them have appointed an actual CIA surveillance apologist to their Board of Directors, they’re still very large companies with a lot to lose if they get on the US government’s bad side. Google’s Android phones can be encrypted, and Apple angered some in the spying business by turning encryption on by default in their newest iPhone. But when you upload files to their cloud services, they’re left sitting out in the cloud for anyone able to hack your account or subpoena access to see. 

The big name in encrypted cloud storage right now, thanks to an endorsement from security darling Edward Snowden, is SpiderOak. It’s not as simple or intuitive to use as Dropbox, and by necessity it lacks some features, but if you need to share a confidential file or back up, say, the articles you’ve written for a politically active, far-left newspaper, not even their own employees will be able to see what you’ve put on their servers. 

Whatever files you have, whatever you want to keep backed up and safe, be mindful of where you put it. Unless you really want the CIA to read about Steve doing that to Tony.