Ask LH: Can I Trust OneDrive With My Personal Data?

Ask LH: Can I Trust OneDrive With My Personal Data?

Hi Lifehacker, I recently signed up for Microsoft’s OneDrive, but I’m still not sure: can data I store there be manipulated, copied or accessed by Microsoft staff? I have all the personal information on my drive now synced, and it’s something of a concern. Thanks, Driving Me Crazy

Dear DMC,

Putting any kind of data into the cloud involves a rather obvious leap of faith because you’re implicitly placing data onto a service over which you don’t have any control.

In the specific case of Microsoft’s One Drive, the relevant documents to peruse are covered by Microsoft as part of its services agreement and privacy statements. Microsoft states that it:

may disclose information and content to Microsoft affiliates and vendors; when required by law or to respond to valid legal process; to protect our customers; to protect lives; and to maintain the security of our services. We may also disclose information and content to protect the rights or property of Microsoft – however, if we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property of Microsoft, we will not inspect a customer’s private content ourselves, but we may refer the matter to law enforcement.

So the practical upshot of all that? It’s mostly unlikely that a specific Microsoft staffer will go snooping through your private photos, but in the case of legal requests or where the server itself sniffs out that you happen to have a lot of large files that correspond with, say, popular Hollywood movie titles, you may end up being referred to law enforcement authorities, who may also come knocking at Microsoft’s door.

OneDrive also doesn’t offer encryption as standard, which isn’t ideal if you’re notably privacy-minded. But for day-to-day use, any cloud service is unlikely to put you at risk.


Have a question you want to put to Ask Lifehacker? Send it using our [contact text=”contact form”].


  • The nice thing missing from MS’s statements there? That they won’t use it to ram products and services down your throat. Or let others do so.

  • Turn on 2 form authentication at the veryleast. My outlook account was sending out spam for a while to my contacts. I think that someone may have got my password – at the time I had sensitive documents in my OneDrive. I removed the data and turned on 2-form authentication.

  • DMC – personally I think you’re pretty safe, but if you’re genuinely concerned about your privacy and data, you should look into Steve Gibson’s approach to TrustNo1 privacy.

    • Or, go with another Gibson favourite – Encrypt! If I didn’t regulary use OneDrive on my iPhone/web my whole drive would be encrypted, but I think I will create one particular folder to be encrypted – containing personal data etc.

  • My brother once sent me a file via one drive and I ended up logged in as him. Said my name in the corner but the settings button went to his details and I could access his files. Have never used it again.

Show more comments

Comments are closed.

Log in to comment on this story!