Re: No cloud is still the best option
This post is, perhaps, correct in some sense but there are a few questions worth considering.
First, is there a reason to care whether an NSA (or CSEC, GCHQ, ASD, GCSB or, indeed, any other signals intelligence agency) would care about your business or would be in position to harm you or a business you operate? While that might seem too much like "if you have nothing to hide you have nothing to fear", it is part of the task of evaluating risk. In the US, illegally obtained evidence is likely to be excluded by a judge, and that would, possibly with additional legal arguments probably extend to information obtained using warrants issued based on illegally obtained communication intelligence. The other Five Eyes nations, and most others we generally think of as democratic probably are similar.
Second, is data you hold a target for criminals wishing to exploit it (Target, for instance), or competitors? For both questions, what is the probable cost in recovery efforts or lost business? Are there other risks to evaluate?
Third, will changing to a different provider or doing the work in house reduce exposure overall, and at what cost? What are the appropriate mitigations, such as link or disk encryption?
The answers will vary, depending on numerous details, but for most people, and most businesses, most of the time, action by one's own government is unlikely to be the most important risk. My own preference is to store all of my data on my equipment, on my premises, under my direct control; and except for google backup of my cell phone, which contains no data I think important, I do that. But II do it more to try to protect the personal credit and other personal financial information than to guard against the government (in my case, the FBI or NSA).