Skip to main content

AWS Cloud Security

Data Privacy Center

Earning trust through transparency

Overview

At AWS, earning and maintaining customer trust is the foundation of our business. We earn this trust in the privacy space by working to meet our customers’ needs and by being transparent in our privacy commitments. AWS offers services, tooling, and resources to help you control and protect your data so that you can implement privacy protections based on your specific industry requirements. We provide a wide variety of resources that you can leverage to protect your data, such as the Security Pillar of the AWS Well-Architected Framework and privacy whitepapers.

Learn more
Missing alt text value

Commitments

We earn and maintain customer trust by making ongoing commitments, which include:

You control your data. You determine who can access your data. Using AWS Regions, you control where your data is stored, based on your specific needs. We make it easier for you to encrypt your data in transit and at rest. We do not access, use, or share customer data without your agreement, except as required to prevent fraud and abuse, or to comply with law, as described in our Customer Agreement.

We support the highest privacy standards and compliance certifications to help our customers satisfy their requirements. AWS has achieved internationally recognized certifications and accreditations for compliance with privacy assurance frameworks, such as ISO 27017 for cloud security, ISO 27701 for privacy information management, and ISO 27018 for cloud privacy.

We continuously raise the bar on privacy safeguards with services and features that let you to implement your own privacy controls, including advanced access, encryption, and logging features. At AWS, we implement consistent and scalable processes to manage privacy considerations, including how data is collected, used, accessed, stored, and deleted.

Our contracts are written in plain, straightforward language to be transparent and help you understand the data privacy protections that we offer. We also provide ongoing data transparency reporting describing the frequency of government information requests.

Privacy Controls and Certifications

Customers around the world—from startups and governments to highly regulated industries—trust AWS with their most sensitive content and applications, including the personal data they need to run their operations. We implement privacy controls and processes that benefit every AWS customer.

We have developed a security assurance program that uses best practices for global privacy and data protection to help you operate securely within AWS, and to make the best use of our control environment. AWS is compliant with a range of global standards and certifications most important to our customers, including validations from trusted third-party auditors. This compliance provides customers with additional assurance that they can use AWS to meet their privacy needs and the requirements of their auditors.

Learn more about Compliance Programs
Missing alt text value

Privacy at Work

Cryptographic Computing

Cryptographic computing enables computation on cryptographically protected data, providing you a broad range of privacy preserving techniques including secure multi-party computation, homomorphic encryption, privacy preserving federated learning, and searchable encryption. AWS cryptography tools and services utilize a wide range of encryption and storage technologies that can help you protect your data at rest and in transit. At AWS, customers can use Cryptographic Computing for Clean Rooms (C3R), a library that enables customers to collaborate with data in AWS Clean Rooms using a technique that allows multiple parties to jointly compute a function over their inputs while keeping those inputs private.

Cryptographic Computing for Clean Rooms (C3R)AWS Clean RoomsLearn more

Differential Privacy

Differential privacy helps protect data at the individual level by adding a controlled amount of randomness to obscure the presence or absence of any single individual in a dataset that is being analyzed. AWS Clean Rooms Differential Privacy is a capability that helps customers protect the privacy of their users with mathematically-backed and intuitive controls using just a few clicks. As a fully managed capability, no prior differential privacy experience is needed to help you prevent the re-identification of your users. AWS Clean Rooms Differential Privacy obfuscates the contribution of any individual’s data in generating aggregate insights in collaboration outputs and enables you to run a broad range of SQL queries to generate insights about advertising campaigns, investment decisions, clinical research, and more.

AWS Clean Rooms Differential PrivacyView customer stories