Safeguarding Personal Cloud Storage Accounts In A Breakup

Summary

Article Overview: In summary, when going through a breakup, it is crucial to secure personal cloud storage accounts by changing passwords, enabling two-factor authentication, revoking access permissions, and untangling any linked digital lives. For high-conflict situations, consider advanced measures like link encryption, endpoint security, credit freezes, and possibly engaging a specialized cybersecurity firm, while also being aware of the complex and evolving legal landscape around digital privacy rights post-breakup.

Protecting Your Cloud Data During a Breakup: A Legal & Cybersecurity Guide

When a relationship ends, the emotional turmoil and logistical challenges can be overwhelming. In our digital age, an often overlooked but critical consideration is how to secure your personal data stored in the cloud. It's all too easy for a vengeful ex to access sensitive information like private photos, financial records, and personal documents that could be used against you. As a legal and cybersecurity expert, I've seen firsthand the havoc that can result from leaving cloud accounts vulnerable during a split. In this article, I'll share essential steps to safeguard your digital life when uncoupling.

Take Inventory of Shared Accounts

Begin by making a thorough inventory of all cloud storage accounts you share with your former partner. This commonly includes:

• Photos/videos (iCloud, Google Photos, Amazon Photos)
• Documents (Google Drive, Dropbox, OneDrive)
• Passwords (LastPass, 1Password, Dashlane)
• Backups (Backblaze, Carbonite, IDrive)

Don't forget about accounts that may have your credit card on file for automatic payments. Apple, Google, and Amazon accounts often serve as a single sign-on for multiple services. Carefully review your list of connected apps and websites.

Real-world example: Sarah broke up with her live-in boyfriend Tom and moved out. A few weeks later, she discovered he still had access to her Google account which stored her Gmail, work documents, and smartphone photos, some of which were quite personal. Tom threatened to share the revealing photos unless Sarah let him keep their dog.

Change All Passwords & Enable 2FA

For any service that contains private data, immediately change the password on your personal account. Use a strong, unique password for each one - at least 12 characters with a mix of upper and lowercase letters, numbers, and symbols. Consider using a password manager to generate and securely store complex passwords.

Whenever available, enable two-factor authentication (2FA) for an extra layer of protection. 2FA requires a second form of verification, such as a code from an authenticator app or hardware security key, to access the account. This makes it extremely difficult for an ex to break in, even if they guess or obtain the password.

Caution: If you use SMS text messages for 2FA codes, a bitter ex could attempt to intercept them by transferring your phone number to a device they control, known as a "SIM swap" attack. Stick with more secure methods like authenticator apps or hardware keys.

Revoke All Access & Permissions

Even if you change the password, your ex may still have a back door into the account if you previously granted them access. Some examples:

• Google: Review your list of connected devices and apps, and revoke access for any you don't recognize or no longer need. Also check the "people with access" section under "sharing" for any old permissions.
• Dropbox: Go to "settings" then "connected apps" to unlink any third-party services you no longer use. Under "sharing", remove your ex from any shared folders.
• iCloud: Check your list of iCloud-connected devices and remove any that belong to your former partner. In iCloud settings, turn off the "Share My Location" feature.

Be extremely thorough in your review - a single overlooked permission could leave your personal data exposed. When in doubt, revoke it. It's better to accidentally turn off access to something you still use than to inadvertently allow your ex a window into your private life.

Untangle Your Digital Lives

Many couples link various aspects of their digital lives for convenience. But those connections need to be severed when the relationship ends to close potential security gaps.

If you use a password manager like 1Password or LastPass to share login credentials with your former partner, remove them from your "family" or "shared" folder. Immediately change the passwords for any accounts they had access to.

For two-factor authentication apps like Google Authenticator or Authy, you can't remotely revoke access on someone else's device. Instead, disable 2FA on your accounts and then re-enable it. During setup, only configure the authenticator app on your own phone, not your ex's.

Review any recovery methods set up for your key accounts, like backup email addresses or phone numbers. Remove any that belong to your ex. They could use those to reset your password and regain entry.

Real-world example: Mike moved out when he and Lisa separated. To help with the transition, he left his iPad logged into their shared iCloud account so Lisa could access some family photos. A year later, Mike started dating someone new. Lisa saw the new girlfriend's texts and photos popping up on the old iPad, and in a jealous rage, deleted important documents from their still-connected iCloud Drive.

Handling Shared Cloud Services

Many couples have joint subscriptions for cloud storage and backup services. How you divide those up will usually get determined as part of the larger legal process of separating assets. Consult your attorney on the proper way to split accounts that are in both your names.

For shared accounts in your name, you'll want to remove your ex's access entirely to ensure your data remains private going forward. But keep in mind that could result in deletion of files they stored on the service - potentially relevant later if there's a dispute.

Before shutting your ex out, consider asking your lawyer about making a complete backup of the account, in case you need to produce those files in court someday. An archiving tool like Spanning or CloudAlly can create a searchable snapshot of all the data.

Scenario: John and Carla shared a Dropbox Pro account during their five-year relationship. John handled the payments since it was his credit card on file. During their acrimonious divorce, John abruptly removed Carla from the account, inadvertently deleting years of her work files and precious photos in the process. If the divorce turned contentious, the court might have viewed that as unlawful destruction of evidence.

Special Considerations for High-Conflict Breakups

If you suspect your ex might take extraordinary measures to access your cloud data, you may need to adopt some advanced security techniques:

• Link Encryption: Tools like Boxcryptor and Cryptomator provide an extra encryption layer for sensitive files stored in the cloud. Even if your ex gained access to the account, the data would be unreadable without the encryption key.
• Endpoint Security: Your cloud accounts are only as secure as the devices you access them from. Install and keep updated anti-virus/anti-malware software on your computers and phones. Use a VPN when on public Wi-Fi networks.
• Phishing Awareness: Be on guard for suspicious emails claiming your account has been locked or accessed from a new device. Those are often attempts by an ex to trick you into revealing your login credentials. Scrutinize any links or attachments before clicking.

If your ex has a history of violence, stalking, or harassment, put a freeze on your credit reports with the three major agencies (Equifax, Experian, TransUnion). This makes it harder for them to open new accounts in your name or access existing ones. Consider signing up for an identity theft monitoring service as well.

For extremely high-stakes situations, consult a private cybersecurity firm about additional protective measures like dark web monitoring and vulnerability assessments. Elite providers like Blackcloak and Privoro offer bespoke "digital executive protection" packages starting around $15,000 per year.

The Legal Landscape of Cloud Data

Historically, the law has struggled to keep pace with technology. The statutes that govern access to digital assets during a breakup were written for an earlier era and don't always map cleanly to modern practices like cloud storage.

The Federal Stored Communications Act (SCA) of 1986, the main law covering online data privacy, contains a carve-out exception for data stored by an "electronic communication service" that is "readily accessible to the general public". Many popular cloud platforms, with their default settings allowing easy sharing, could fall under that exception. A court might find that data stored openly in the cloud does not have the same protections as, say, privileged files on a private company server.

There's still considerable gray area around the extent to which a vengeful ex could face criminal liability for improperly accessing cloud data after a breakup, outside of situations covered by specific anti-hacking laws. But a few key legal concepts have begun to emerge:

• Password Sharing: Voluntarily sharing a password can sometimes be viewed as granting ongoing consent for the other party to access an account, even after the relationship ends. But the permission is not unlimited - a shared Netflix password doesn't mean your ex can start deleting your email.
• Authorized Access: If your ex is or was an authorized user on a cloud account, they may have a legal right to continue accessing joint data stored there absent a formal agreement to revoke it. Make any access changes clear and in writing.
• Expectation of Privacy: The more sensitive the data, the more likely a court would frown on an ex snooping through it post-breakup. A shared grocery list is one thing - your medical records are another. Passwords and permissions should align with an appropriate expectation of privacy.

Some lawyers now recommend addressing cloud data access directly in prenuptial or cohabitation agreements. While not the most romantic topic, putting in writing upfront how you'll handle digital assets if the relationship sours can save a lot of heartache and confusion later.

Consult a family law attorney specializing in tech issues for guidance on your specific situation. And handle any access revocations or file deletions with an eye toward possible e-discovery needs if the breakup leads to litigation.

The Cloud Is Still Better Than the Alternative

Messy breakups long predate the rise of cloud computing. As painful as it can be to lock down accounts, unlink permissions, and untangle intertwined services, your personal data is far safer in mainstream cloud platforms than scattered across random computers and flash drives. Reputable providers like Google, Apple, Microsoft, and Dropbox have dedicated security teams constantly working to protect your information and stay ahead of evolving threats.

The key is to approach post-breakup account hygiene with the same rigor and systematic process you apply to splitting the rest of your joint assets and starting your new single life. By following the steps outlined here and staying alert for signs of suspicious activity, you can secure your sensitive cloud data and maintain your digital privacy as you chart your new path forward. Remember, your online life is an extension of your personal life - safeguard it accordingly.

References

• No references certain based on the content provided.

For more insights, read our Divorce Decoded blog.