Cloud providers can be legally compelled to hand over your data, and every backdoor becomes a target the moment it exists. Here is what zero-knowledge storage changes.
The pitch for cloud storage is convenience: your files, everywhere, backed up and searchable. The quiet part is custody. When a provider can read your files, so can anyone who can compel, breach or coerce that provider. This is not a hypothetical edge case; it is the normal way the cloud works.
Encryption is not one yes-or-no switch. The question that matters is who holds the keys. If the provider holds them, "encrypted" mostly means encrypted against outsiders, while the provider itself keeps the ability to read, index and hand over your data. Most mainstream cloud storage works this way, because features like server-side search and thumbnail previews require the provider to see your files in the clear.
A provider that can read your data can be made to produce it. Warrants, subpoenas and production orders are routine, and they often arrive with a gag order that stops the provider from telling you it happened. This is not misconduct; it is the system working as designed. The uncomfortable part is simple: if the capability to disclose your files exists, it will eventually be used, and not always in the jurisdiction, or for the reason, you expected.
Some propose a narrower version: keep encryption, but add an exceptional-access path, a key held in escrow, a master key, a lawful-intercept hook. The trouble is that a backdoor does not know who is walking through it. Every such mechanism is a permanent, high-value target that has to be protected perfectly, forever, against every attacker and every insider. Cryptographers have argued for decades, with unusual consensus, that you cannot build an access path only the well-intentioned can use.
The alternative is to remove the capability entirely. In a zero-knowledge, non-custodial design, files are encrypted on your device and the provider stores only ciphertext. There is no server-side key, no master key, no escrow. If a court orders the provider to produce your files, the honest and complete answer is a pile of unreadable bytes, because that is all the provider ever had.
SpaceBox is built around that principle. Your private key is generated on your device and never reaches us. Files are sealed locally with AES-256-GCM and wrapped to your public key using post-quantum ML-KEM-768. We hold ciphertext, and the roadmap pushes custody further still, toward off-territory and air-gapped storage that removes even the option of quiet local compulsion. See Why SpaceBox for how that compares to the mainstream cloud.
You cannot be compelled to hand over what you were never able to read.
Convenience and custody are not always in tension, but where your most sensitive files are concerned, the safest amount of trust to place in any provider is as little as the design allows. Zero-knowledge is how you get there.