[kybernetyk]

1) For critical services run them locally where possible. Avoid 'cloud' or 'remote' at all costs - no matter where the hosting company is located.

[toble]

This is more apt advice. At Hacker News we are swimming in a sea of start-ups, who are constantly evangelising the 'cloud' (it's often their bread and butter). But if you genuinely want privacy then keep it local and locked down. Stick to mainstream open source products and keep things as simple as possible.

[SilasX]

Well ... What if I launched a cloud based startup that used homomorphic encryption on your data? I mean, it'll be another 10 years before we get the encryption overhead below a factor of a million, but at least we won't be able to give away your data in any useful form...

[hariis]

And what will you do when Feds knock on your door?

[kybernetyk]

At least they need a warrant in that case and you know that there's something going on.

Also: You can encrypt the server hard drives.

[noloqy]

Fun fact: in Holland the department of justice has recently obtained the right to force you to decrypt your hard drive.

[krasin]

This is why deniable encryption exists.

http://en.wikipedia.org/wiki/Deniable_encryption

[killerpopiller]

use hidden truecrypt-container in a truecrypt container.

[drivingmenuts]

Keep your server in a hardened concrete closet and a strong magnetic coil in the only doorframe.

Hey, it sounded good on paper.