[sunchild]

Sorry, but that is just a huge blunder. I can see from your comment that you think it's no big deal, but I read that item and immediately blacklisted 37Signals as a vendor that looks at customer files.

Your explanation makes it worse, not better; you shouldn't even be looking at filenames.

[vl]

While it was stupid of them to publish this, you do realize that engineers working on cloud storage services have access to user data, don't you? However restricted it is, there are always people who have to debug this last mile and look at things, including actual user data, if something is not working on the live site.

[sunchild]

Yes, I realize that. In my opinion, there's no qualitative difference between employees of AWS peeking into my data or employees that I hired peeking into my data. It's about trust in the end.

Anyone who has set up company email knows this. A lot of people think that having an in-house team manage a dedicated, on-premises mail server is somehow "better" or "more secure" than hiring Google or Microsoft or Ma&Pa Exchange Hosting to do it. Those people either: (1) have a reason to trust their employees that they don't have when it comes to Google/Microsoft/Ma&Pa, or (2) are living in a fantasy of their own delusions.

[bluesnowmonkey]

How do you know that other vendors don't look at your data? Really, what assurance do you have, other than that they don't casually mention doing so?