Am I right to be suspicious of this Cloud Storage provider's 'one time payment' deal?

In My Humble Opinion
1

I’ve been in the market for a new provider of cloud storage for my backups. The other day, someone suggested PCloud, who are apparently offering lifetime plans for cloud storage where you make a single, one-off payment, then enjoy their services for… well… your lifetime (which they define as the lifetime of the account holder or 99 years, whichever is the shorter).
They don’t appear to charge for egress and the price for a lifetime 2TB plan looks comparable to about 2 to 3 years worth of the price of that amount of storage from other providers who charge a continual ongoing rate.

So you pay them one time, then they have to maintain your data for 99 years (likely to be the most common scenario, since they’re not often going to be informed that the account holder has died). How is that sustainable?

I’ve seen businesses offer deals like this in the past and usually they were ponzi-type things where there needs to be continual growth, at an ever-increasing rate of growth (so they soon fold), or where your initial payment is invested and in theory, the interest pays for the service, but the interest on their lifetime prices is not going to be 1% of the price of ongoing storage; that’s me comparing the retail prices though, but I assume the margins on running datacentres aren’t that huge.

But they’ve been around for over 10 years now and haven’t imploded, so what gives? They do also sell regular pay-as-you-go cloud services, but if the profit from those is subsidising the pay-once plans, then surely they wouldn’t be able to compete well on price?

2

BTW I am not choosing them as my provider. BackBlaze seems to be the right fit for me.

3

I saw the you’re going elsewhere so further discussion is moot.

But this bit is interesting …

Have you considered that the price per TB today is a tiny fraction of what it was 10 years ago? Such that they are gambling that the cost of your TBs a few years from now will be pennies, then later on fractions of pennies. So they really will be able to cover their costs from the interest on your payment. Eventually.

And that 2TB sounds OK today, but some hefty fraction of their customers will decide 5 years from now that 2TB is insufficient, and then they can upsell them to a larger plan at a larger price. And probably not a lifetime plan.

A third factor is that, like gym memberships, some fraction of customers will stop using it, lose their password, change vendors, etc. The fine print may well let them discard your data after enough months or years of you not accessing it.

A fourth factor, also like gym memberships, is that most of these customers will not use the whole 2TB. So if they have 100 customers, the actual storage consumed may be more like 20 TB than 200 TB. Most gyms could never accommodate all the people who have paid memberships showing up the same week, much less at the same hour of the same day.


The first of these is just them betting on tech progress which isn’t shady practice IMO. The second is them betting on customer lock-in which is semi-shady practice. The third and 4th are them betting on behavioral statistics. There has been enough cloud storage for long enough that reliable honest statistics ought to be available within the industry. This company can be following those stats honestly. Or they might now or later get greedily over-optimistic and crash themselves.


A final point …
In one sense the risk is easy for them. Unlike say, an insurer or industrial pension plan, there is no regulator requiring that they set aside assets now to be absolutely positively able to pay for the far out-years’ services. Present day them is free to make promises that future them might, or might not, be able to fulfill. Your recourse against a bankrupt company is … bupkiss. So they can honestly intend to do well today but also sleep well tonight knowing there’s no downside for them if they fail to deliver their promise. Which is a different form of semi-shady practice.

My bottom line:
Not necessarily a scam, but probably not a panacea either. The deal only sounds extra attractive to folks who aren’t thinking about what a few TB will cost in a decade.

4

FYI, Googling, the lifetime two-terabyte plan is $399, discounted from $599. They do limit shared traffic to two terabytes as well, so this might not work for you if you’re going to be using this to share stuff with others. And the webpage notes that the company is Swiss-based, which they claim has the highest data protection requirements.

5

Yeah, certainly if you were using it to host stuff you want to share, you’d end up having to buy additional link share bandwidth, but if you just want it for cold storage of offsite backups, there doesn’t appear to be any limit or cost for the egress there.

That price (at the discounted level) would buy me 2 years and 9 months of storage for 2TB at my current provider (which is one of the lower-priced options)

6

Googling further, it appears that you need to pay extra if you want your stored files encrypted.

7

I wouldn’t count on any tech-related company being around on a semi-permanent basis.

If the odds say the person buying lifetime cloud storage isn’t likely to survive more than 5 years or so, then the gamble probably is worth it.

8

My personal experience with such lifetime offers is that the company is trying to get some quick cash to make the books look good (they also fire a lot of people) in order to get sold to another company. The new owners then don’t see the old company’s lifetime offer to be their responsibility.

There’s a lot of YouTube videos giving examples of this behavior recently. Don’t expect any help from the US govt. to make it stop.

9

This. If they were truly committed to fulfilling their promise, they’d have a bond or perpetuity fund. I’m guessing they do not and are just not worried about the future, or like @ftg says:

10

I would worry about “lifetime plans” in which the company limits their obligations by having you murdered. :angry:

11

I remember when NetZero offered free internet for life.
Apparently life was much shorter back then.

12

Or “lifetime” is just a lie. In the US “unlimited mobile data” means 50-100GB, and “lifetime price guarantee” means you can cancel if they raise the price.

13

Owner of a lifetime plan here.

I can’t remember how long I’ve had it exactly, but I think it’s been seven or eight years. As I recall, the plan was around $250 at the time. I’ve always used it as a file sync. As mentioned upthread, if you want more services it’ll cost more, but they aren’t pushy about it. I’ve never bothered.

The only issue I’ve had is partly my fault. About four years ago I let my old domain go and registered a new one. When updating everyone with my new email address, PCloud fell through the cracks. I didn’t realize it until like nine months later. I decided to change my password, and noticed they still had my old email address. Of course, the client wanted to send an email confirmation to that address if I changed my password.

I contacted PCloud and explained the situation, offering proof that it was my account. Even so, they said they couldn’t change my email because “security reasons.” But, I could create a new account, then contact them and they would migrate everything over. Uh, doing that isn’t a security issue? Whatever. I decided I wasn’t going to do it because I don’t trust them to do it properly.

So they’ve had the wrong email address for the past four years, but so far it hasn’t been an issue. If for some reason I ever get logged out of the client and can’t get back in, then I’ll contact them again and see if they’ll change my email address. I figure if it doesn’t work out, I’ve definitely gotten my money’s worth out of them.

14

This may be different…I cannot say.

I will say, anecdotally, I have NEVER EVER seen a “lifetime” purchase workout in the end. I have been burned a few times. There (for me) was always some “out” the company had that negated my lifetime promise.

Tivo was the first one. I bought their lifetime service. But, it was only good for the box I had at the time. When the box was upgraded (which you had to do) that negated the old lifetime service.

Maybe this promise is solid. Buyer beware is all I am saying. The history of lifetime promises is littered with broken promises.

IMHO

15

Quick note on this minor point: couldn’t one just encrypt their data before they upload it (removing the need to pay the storage service for encryption)? That’s what I would try to do.

16

You could but that would make sharing them difficult (which sharing seems to be a selling point), but I guess if they’re decrypting the files to serve them up when they are called for by a share, then the value of the encryption is limited anyway - because it means they have the decryption key. I suppose if someone broke into their data centre and stole all the disks, the encryption would likely hamper theft of your data in that case.

17

Sorta. The idea of “encryption at rest” is that an intruder who got access to their internal network can only steal gibberish.

For them to steal your data they need to not only gain simple read access to the provider’s data stores. They would also need to gain access to wherever / however the provider stores the keys and to the decryption engine that powers their sharing mechanism.

Which is a much taller order technologically and also means the much smaller perimeter of they keys+decryption system can be even more hardened than the outer perimeter surrounding the raw encrypted data store.

No single defensive layer is ever utterly unbreakably impervious to attack. But the more distinct layers presenting different problems to the attackers, the more likely they will either fail outright, or be discovered before they get all the way to the keys to the kingdom.

18

I think it has not been discussed here, so a direct Q.

Can (unencrypted) Cloud Storage Providers use your data to train AI (thinking of AWS for example)? … anybody read the 15 page EULAs? … I assume the huge-huge-huge amout of RL data has some commercial value now, even if you manage to aggregate/anonymize it?

any thoughts?

19

Technically, they could. Microsoft says they don’t, for stuff stored in OneDrive/Azure but corporations have been known to lie.