It’s just easier for hackers to profit by stealing information linked to credit cards swiped in physical stores, he said. Such data can be used to make counterfeit cards and presents fewer obstacles for thieves than information stolen from online shoppers. Shopping Online May Actually Be Safer than Shopping In Person, Huffington Post, September 15, 2014.

I've often wondered why people who are pefectly comfortable giving their plastic to an ATM, a waitress at a restaurant, or the cashier at the grocery store are hesitant to give the same information to Amazon or other online providers. As it turns out, their fears should have been just the opposite - shopping in person at Target or HomeDepot turns out to be riskier than buying stuff over the Internet.

In a post, Under the matress or in the bank (November 30, 2009), I wrote:

I don't know about you, but I like to keep a few hundred thousand dollars worth of cash around just in case of natural disaster or if Sarah Palin or Donald Trump ever gain national office*.

The question is - where to keep it?

I have a number of options

I can keep it nice and close where I can keep my eye on it - under my bed.

I can buy a home safe and keep it locked.

I can keep it in a bank.

The first two of these options certainly offer some psychological comfort. Knowing that those Franklins are close - where I can touch them, see them and protect them - on the surface might might seems like the safest course of action. After all, I have the biggest stake in keeping my stash secure.

But on reflection, most of us quickly realize that one's valuables are safest in the bank. The bank employs professional security staff. Its safe is a lot bigger and stronger than what I can afford. And banks offer some degree of insurance against loss.

Yes, banks are sometimes robbed and one could get mugged carrying one's loot to or from the bank, but the odds of those things happening are minscule compared to have one's home burgled. Electronic fund transfers, using a bill pay service and doing automatic deducations are all safer and more reliable than writing a paper check.

So if it make sense to keep one's physical valuables in a bank, why does it not also make sense to keep one's data (like e-mail) on an ASP - an application service provider? These off-site, professional services like Gmail hire professional staff, give strong security to users, and maintain 99.9% uptime rates. It's like keeping your data in a bank instead of under your mattress (or on your harddrive or on a local school server).

Jeffrey Kaplan in CIO writes: "Although service disruptions experienced by Google ... get plenty of attention, those types of incidents don't happen very often, and they don't last as long as many enterprise outages. And there hasn't been a major compromise of a SaaS operation reported yet, even as we continue to read regular accounts of security breaches in traditional IT environments."

* I am just kidding. Please don't burgle my house. 

Let's apply this same concept to data privacy. If you keep your money at home under the matress, only you know how much you have. If you put it in the bank, the bank then also knows how much money you have (or my case, how little you have). Same goes for any financial tool you use. And if the IRS needs that information to audit your tax returns, the bank will give it to them. And if your bank is like mine, it will use the information it has about you to target market you for financial services.

So what?

Unless your activities are illegal or immoral, knowing your provider may be able to view or mine your data should not be terribly distressful and an acceptable sacrifice of personal privacy. And remember to separate Google's Terms of Service for personal accounts and their GoogleApps for Education accounts. FERPA is not an issue when using GAFE.

For my money (and data), the cloud offers as safe a place to keep those things I value (I archive my personal photos online) as anyplace you can find in this insecure world.