An Analytical Study on User Trust and Data Privacy in Cloud Storage Services | IJCT Volume 12 – Issue 5 | IJCT-V12I5P64

This project digs into what makes people trust cloud storage providers. It explores which privacy features matter most, which company’s users rely on, and what can be done to make cloud storage safer and more trustworthy. The study is based on responses from a Google Form survey, backed by insights from existing academic research on cloud data privacy. The findings are clear: users feel safest when providers offer strong encryption (especially end-to-end or zero-knowledge), multi-factor authentication (MFA), and compliance with global privacy laws like GDPR and ISO 27018. This addresses the major concern that while traditional encryption offers a layer of security, it may not withstand internal attacks from cloud providers themselves. Among all providers, Google Drive, Microsoft OneDrive, and Apple iCloud are the most trusted overall. However, privacy-focused services like MEGA and Sync.com are popular with users who want total control over their encryption keys. Indian companies like Jio Cloud and CtrlS are slowly gaining trust for local data hosting and support for India’s DPDPA 2023, but users feel they need stronger international certifications to compete globally. A key theme that emerged is the need for “data control,” which includes both the ability to move data to a new provider (data mobility) and the right to have your data permanently deleted (data withdrawal). Based on our findings, we recommend that providers improve trust by offering user-controlled encryption (BYOK), publishing third-party security audits, simplifying their privacy policies, and designing systems with privacy as the default.

This study confirms that user trust in cloud storage is built on a foundation of strong encryption and authentication, reinforced by visible compliance and transparency. Users overwhelmingly trust global providers like Google Drive and OneDrive because they effectively combine powerful technical security with a proven track record of global certifications. Apple iCloud benefits from strong privacy branding, while services like MEGA and Sync.com appeal to a niche that demands zero-knowledge privacy. Indian providers such as Jio Cloud and CtrlS have a key advantage in local data hosting but must become more transparent about their security practices and gain global certifications to close the existing trust gap. Ultimately, the gap is not about geography but about assurance. Trust is earned when users feel they have genuine data control—the power to secure, move, and delete their own information. By adopting privacy-by-design principles, offering user-controlled encryption, and simplifying their policies, all providers can build a more secure and reliable cloud ecosystem for everyone.

[1]Reddy, S. M., et al. (2024). Enhanced Data Privacy and Security in Cloud Storage: A Robust Authentication Scheme for Cyber-Physical-Social Systems. Journal for Educators, Teachers and Trainers, 15(5), 383-392. [2]Syed, A., Purushotham, K., & Shidaganti, G. (2020). Cloud Storage Security Risks, Practices and Measures: A Review. Conference Paper. [3]Vurukonda, N., & Rao, B. T. (2016). A Study on Data Storage Security Issues in Cloud Computing. Procedia Computer Science, 92, 128-135. [4]Ojha, S., et al. (2024). A method to enhance privacy preservation in cloud storage through a three-layer scheme for computational intelligence in fog computing. MethodsX, 13, 103053. [5]Kesan, J. P., Hayes, C. M., & Bashir, M. N. (2013). Information Privacy and Data Control in Cloud Computing: Consumers, Privacy Preferences and Market Efficiency. Washington and Lee Law Review, 70(3). [6]Kaur, R., & Singh, J. (2020). A Review on Data Encryption Techniques in Cloud Computing. International Journal of Computer Applications, 176(9), 1–5. [7] Li, J., Chen, X., Huang, Q., Tang, S., & Xiang, Y. (2019). Secure Auditing and Deduplication of Encrypted Data in Cloud. IEEE Transactions on Computers, 68(6), 913–926. [8]Zhang, W., Chen, Y., & Lin, X. (2018). Fog-Based Distributed Data Security Architecture for Cloud Storage. Journal of Network and Computer Applications, 105, 1–9. [9] Perlman, R. (2017). File Assured Deletion (FADE): Building Secure Deletion into the Cloud. IEEE Security & Privacy, 15(2), 37–44. [10] Sabherwal, A., & Thakur, A. (2021). Trust and Reputation Management Models for Cloud Computing: A Comprehensive Review. International Journal of Cloud Applications and Computing, 11(4), 45–61. [11] Noor, T. H., & Sheng, Q. Z. (2014). Trust Management in Cloud Computing: A Critical Review. IEEE Computer, 47(4), 94–98. [12]Yan, Z., Zhang, P., & Vasilakos, A. V. (2014). A Survey on Trust Management for Internet of Things and Cloud Computing. IEEE Communications Surveys & Tutorials, 16(3), 1649–1660. [13] Alharthi, A., Krotov, V., & Bowman, M. (2017). Addressing the Cloud Computing Transparency Challenge: A Review and Recommendations. Procedia Computer Science, 109, 33–40. [14]Gai, K., Qiu, M., & Zhao, H. (2018). Security and Privacy Issues in Cloud Computing: A Survey. Future Generation Computer Systems, 88, 254–273. [15] Rani, P., & Sharma, S. (2022). Data Mobility and Withdrawal Rights under Cloud Service Agreements. International Journal of Law and Technology, 16(2), 87–101. [16]Ekwonwune, E. N., et al. (2024). Analysis of Secured Cloud Data Storage Model for Information. Journal of Software Engineering and Applications, 17, 297-320. [17]Baseer, K. K., et al. (2024). Trust based Reputation Framework for Data Security in Cloud Environment. J. Electrical Systems, 20-7s, 1102-1110. [18]Monsef M. (2018). Trust and Privacy Concern in the Cloud. ResearchGate. [19]Utomo & Yasirandi (2024). Exploring Trust, Privacy, and Security in Cloud Storage among Generation Z. ResearchGate. [20]Mahajan et al. (2011). Depot: Cloud Storage with Minimal Trust. Cornell CS. [21]Brandenburger et al. (2015). Don’t Trust the Cloud, Verify: Integrity and Consistency for Cloud Object Stores. arXiv. [22]Liu et al. (2013). Secure and Privacy-Preserving Keyword Searching for Cloud Storage. Temple University. [23]Roslin Dayana et al. (2023). Trust-Aware Cryptographic RBAC in Cloud Storage. Taylor & Francis. [24] ISO/IEC 27018: Code of practice for protection of PII in public clouds. [25] Jansen, W., & Grance, T. (2011). NIST Guidelines on Security and Privacy in Public Cloud Computing. [26] GDPR Article 20 – Data Portability. [27] Armbrust et al., A View of Cloud Computing. [28] Subashini, S., & Kavitha, V. (2011). A survey on security issues in service delivery models of cloud computing. [29] Statista, 2024 Cloud Data Breach Statistics. [30] Solove, D. J. (2013). Privacy self-management and the consent dilemma. [31] DPDPA 2023, Government of India. [32] Prior academic works on fog computing, encryption, and reputation models. ENISA Report on Cloud Security and BYOK Models, 2023.

Call for Paper (Hub) Fast Paper Publication IJCT Indexing & Databases Submit Manuscript Call for Paper: Sep–Oct 2025 Call for Paper: Publish Research