[iigs]

IMO it depends on what you're securing. If you have a line of business that is particularly susceptible to espionage and the expected loss would be fatal to the business you obviously shouldn't trust anyone you don't have to. However, be realistic about it: many companies don't have anything of substantial enough value to merit infiltrating Amazon to break in to your server to analyze, and while it's of course possible to statically analyze a filesystem the effort bar is higher than the "I'll just snoop in this user's mailbox" level.

On the other hand, if you're doing anything that is either illegal now or could become unpopular with a government that Amazon could be pressured by, you should consider your data confiscated now. I'm not saying I've heard of Amazon doing it, but there are already enough service provider wiretap and warrant laws out there that you'd never know what hit you if it happened.