Mega, one of the world’s most trusted and popularly used cloud storage solutions, decided to terminate accounts that repeatedly violate copyright laws, and it recently announced it has shut down over 144,000 user accounts for this reason. The brand was established by Kim Dotcom after Megaupload went down, and its 230+ million users bespeak its popularity. However, its ample cloud storage services leave room for people to store copyright-infringing material.
Mega has been keen on distancing itself from copyright infringement, and it received over 2.3 million takedown requests in the past 12 months till September 2021. To address these requests appropriately, the company has taken a maximum four hours takedown limit, but in most cases, flagged content is taken down within minutes.
Despite the huge number of requests, the actual number of files taken down is only a small portion of all files on Mega servers. They represent only 0.0007% of the 107 billion files, and this indicates most users keep to the established policies. Mega has officially recorded 9,716 suspended users in the most recent 12-month period.
Mega has also tightened its infringement policies from “five strikes” to “three strikes” in 2015. At the same time, it also has a counternotice feature to challenge takedown claims. Nevertheless, the number of such claims is actually very small and getting even smaller.
However, copyright infringement always brings up the question of non-encrypted stored personal data. Right now, Mega says it stores "very limited" non-encrypted sensitive information (including the email addresses users introduced for their accounts and “some activity” relating to account access, file uploads, shares, and chats) on New Zealand, Canada and/or Europe servers, and this implies there are no such servers hosted from the United States.
Nevertheless, the company's privacy policy says that Mega's systems retain metadata, including IP address and port information for logins, folder creations, API usage, link exports, and file uploads. This implies the fact that copyright owners can identify the content and even link it to a Mega account and its sensitive information if a user publicly shares a file with a decryption key included.
With that said, Mega does retain a fair degree of control over all the material stored on its cloud drives. The company also holds on to data in all active accounts and might even keep the information for 12 months after the account is closed. After this, all data is anonymized entirely, except if "you are a contact of, have had a folder shared with you by, or have chatted with, another MEGA user," or the encrypted data is requested by authorities.