# Adobe Cloud Storage Details



## sizzlingbadger (Oct 18, 2017)

I'm having trouble finding details of Adobes Cloud Storage on the Adobe website. With the recent announcement of the new Lightroom I have some questions before diving in.

Where are the data centres that store the data ?
What DR capability do they have ?
What (country's) law can be appropriated to the files ? for example copyright and ownership etc.
What security measures are in place ? are the images encrypted at rest and during upload/download ?
What SLA's are we signing up to with regards to performance, availability and loss of data?

Anyone seen this information published anywhere ?


----------



## Linwood Ferguson (Oct 19, 2017)

I do not believe that Adobe has addressed any of that.

I would also add to it the redundancy and reliability issues -- how do you know the copies are faithful when uploaded?   How do you know they are faithful 2 years later and not suffered from bit rot?  How do you back up your images now?   Does Adobe back them up, so that you could recover an image from 2 months ago? 

What happens if someone hacks Adobe (because we already know that happened once) and decides to delete all your photos, are they gone for good if you didn't back them up? 

Note: Lightroom CC Desktop allows you (but does not require you) to keep a local copy of all images, but I am not at all clear whether it includes all edits, whether you can TELL if ALL images are still there, whether you could restore them if the cloud breaks (e.g. someone deleted your images after hacking your account) or would the cloud just replicate that change down and delete them locally?


----------



## Wernfried (Oct 19, 2017)

Have a look at Adobe General Terms of Use



> 2.3 *Storage.* When the Services provide storage, we recommend that you continue to back up your content regularly.



Rather in contradiction to the marketing statement of Add photos: 





> So, once you've imported the photos, you can consider deleting or moving the originals from their source, such as the memory card.



Read chapter 8 and 9:



> 8. Disclaimers of Warranties.
> 
> *8.1 Unless stated in the Additional Terms, the Services and Software are provided “AS-IS.” To the maximum extent permitted by law, we disclaim all warranties express or implied, including the implied warranties of non-infringement, merchantability, and fitness for a particular purpose. We make no commitments about the content within the Services. We further disclaim any warranty that (a) the Services or Software will meet your requirements or will be constantly available, uninterrupted, timely, secure, or error-free; (b) the results that may be obtained from the use of the Services or Software will be effective, accurate, or reliable; (c) the quality of the Services or Software will meet your expectations; or that (d) any errors or defects in the Services or Software will be corrected.*
> 
> ...



In my understanding it is quite clear: In case Adobe loses your photos for whatever reason then you are also lost. No SLA, no warranties, nothing.

You may accept such conditions for a service which is free of charge, however for a paid service this is really bad! Lightroom CC (New) is a "no-go" for me, I will definitely stay with (old) Lightroom Classic CC.

Best Regards


----------



## Linwood Ferguson (Oct 19, 2017)

To be fair, most services that have SLA's tend to have penalties that are just give-backs on what you paid, and only over the period you just paid.  Even for relatively large company outsourcing arrangements there are VERY rarely SLA's that have teeth in them in terms of penalties, they tend to be more meaningful (a) as an objective standard to measure compliance, and (b) provide an "out" for long term contracts for non-compliance.  The latter is often more important than trying to get refunds on fees if you signed up with a bad vendor.

Neither of these really apply for Adobe - I could care less if they give me my last $10 monthly fee if they lose my images.

I am much more concerned about the relative silence on the "what happens if things go wrong" - do they have backups, can they do point-in-time-restores, do they have corruption detection and correction in their upload/download processes, is there any form of compare/validate you can do? 

It seems almost entirely a "trust us, we know what is best".  To be fair not that different from Apple, Google, Microsoft.  My guess is the cell phone generation will not care -- my wife (a millennium at heart if not fact) hasn't the slightest clue where her photos are now and really does not want to know.  And will be disappointed if they are lost but only for a few minutes then will just happily take more selfies and move on.

But if you are a technically sophisticated user who takes great care to ensure your archive is reliable and restorable, it is disconcerting to be told "trust us, do not question us, just trust us".


----------



## Wernfried (Oct 19, 2017)

Well, when I check the conditions from my webspace hoster they announce stuff like:


Daily backups, kept for 30 days. Monthly backups kept for 180 days. 

Entire data-center infrastructure in Switzerland according PCI DSS and ISO 27001

Response time for support request: 2 hours at office hours, else 24 hours.
99.9% availability
Of course, in their "terms and conditions" they also disclaim any liability for data loss, missing availability, etc. and do not provide any SLA with penalties. I think this is common for residential customers. However, I feel much more comfortable compared to Adobe, Google, Microsoft, etc.


----------



## Linwood Ferguson (Oct 19, 2017)

Wernfried said:


> Of course, in their "terms and conditions" they also disclaim any liability for data loss, missing availability, etc. and do not provide any SLA with penalties. I think this is common for residential customers. However, I feel much more comfortable compared to Adobe, Google, Microsoft, etc.


Frankly the thing you have going for you with the big guys is big visibility.  The media loves to promote the "Amazon was down for 43 minutes yesterday, leaving millions of people unable to shop" type stories, almost implying armageddon when Facebook is offline for a while.

So there's a huge embarrassment factor for big events that is really meaningful to the companies.

Now if the event is small, like one person's account being hacked, it's going to be different.  But I agree with you Wernfried -- it bothers me they do not talk about the details.


----------

