← Blog
NDA protection5 min read

The hidden risk of storing NDA files on traditional clouds

An NDA binds people. It does not bind their tools. If the cloud holding the file can read it, your contractual promise is partly architectural luck.

Try it in one click.

Three private surfaces. Same zero-knowledge architecture.

The mismatch between contract and architecture An NDA is a contractual promise about who may read certain information. It does not, by itself, change what the recipient's tools can technically do with that information. If those tools can read the file — through staff access, automated scanning, AI features, or compelled disclosure — the contractual promise sits on top of an architectural gap.

The realistic risks - Internal staff with administrative access. - Automated content scanning for safety or product features. - AI features that index, classify or summarise content. - Court orders or law enforcement requests directed at the provider. - Breaches that expose plaintext stored on the provider's side.

What encrypted storage adds Zero-knowledge storage means the provider receives ciphertext and nothing else. A subpoena, a misconfigured AI feature, or a staff incident can only return ciphertext. The contractual promise of the NDA is now matched by a technical one.

Practical guidance for NDA-bound work - Use per-project vaults so a single compromise does not expose unrelated work. - Share via recipient-keyed envelopes rather than public links. - Keep an access log so you can prove who opened what, and when. - Document the architectural posture of the storage you use in the NDA itself.

The contractual gap Most NDAs require "reasonable security measures". For a long time, uploading to a major cloud was considered reasonable by default. That assumption is now contested: regulators, enterprise procurement, and increasingly courts are asking *who else can read this data*. If the answer is "the provider and any government that compels them", the NDA's protection is paper-thin.

What changes with zero-knowledge The provider becomes a custodian of ciphertext. There is no readable copy on any server, in any log, in any backup, in any AI training set. When a counterparty asks how their data is handled, the answer is architectural, not a promise.

A concrete playbook 1. Create a per-engagement folder in DRIVUNO. 2. Share with the counterparty by recipient key — never public links. 3. Set view-once or expiry where appropriate. 4. Revoke at engagement end. Wrapped keys are deleted; remaining ciphertext is mathematically inert.

Try it in one click.

Three private surfaces. Same zero-knowledge architecture.

Encrypted on your device · upload in 1 click
Upload