1Password also lets you pick where your data lives - US, Canada or EU. https://support.1password.com/regions/

So do lots of providers. But the US law says if an American has access they can snoop as much as they like wherever the data physically is.

https://en.wikipedia.org/wiki/CLOUD_Act

Since 1Password is Canadian, does that apply?

It’s not if an American has access, it’s US based companies, no?

It's probably if an American employee can be subpoenaed to do it. So whether they have a US office probably.

Canadian counts as reliable for me ;)

Canadian here. It pains me to say that my country will not keep your data safe from prying eyes, nor safe from sharing and cooperating with USA authorities.

Our legislative trajectory includes mandatory encryption back doors, warrantless access to data, and data retention even when you think you have deleted your data from a provider. Our federal government is only slightly behind the pace of the USA and is cooperating and sharing with them.

https://ccla.org/privacy/coalition-to-mps-scrap-unprecedente...

Recent HN thread on this. (There have been several.)

https://news.ycombinator.com/item?id=48111531

If you're Canadian, write your MP. There are EFF and CCLA templates to help you do that.

Well thanks but it’s the worst of both worlds, neither the European regulations nor US laws, many bills passed recently where law enforcement can tap into any data, so I would not trust that either. Also, highly likely they use US infra like clouds/etc so back to square one.

Canadian is basically the worst option possible they bend over backward to the USA and you don't even get the USA own internal protection. All the downsides of hosting in the USA without any benefits.

Canada's Bill C-22 (the Lawful Access Act) would, if passed, allow the government to secretly order 1Password to build access capabilities for authorities and bar them from disclosing it.