Did you know that data stored on a 3rd party server has limited protection after 180 days in the United States?
I was an surprised as you when I first learned of this law. It is called the Stored Communications Act and you can read details here: https://en.wikipedia.org/wiki/Stored_Communications_Act
Basically, by agreed to ‘give’ information to a 3rd party provider, you no longer have a reasonable expectation of privacy.
“Furthermore, users generally entrust the security of online information to a third party, an ISP. In many cases, Fourth Amendment doctrine has held that, in so doing, users relinquish any expectation of privacy. The Third-Party Doctrine holds “…that knowingly revealing information to a third party relinquishes Fourth Amendment protection in that information.”
This is why you must take control of encrypt any data you store with third parties – and don’t store the keys there as well..