Filen vs Internxt: Privacy Comparison 2026

If you stored anything sensitive in a US-based cloud during 2025, there is a non-trivial chance it was scanned, flagged, or quietly handed to a third party. Last year alone, Google, Microsoft, and Apple acknowledged more than 2.4 million government data requests across their cloud services, and the EU's Chat Control debate has pushed European users toward providers that simply cannot read their files. Two of the most discussed alternatives are Filen, a German zero-knowledge storage service, and Internxt, a Spanish post-quantum-ready competitor. Both claim end-to-end encryption, both run client-side cryptography, and both accept anonymous sign-ups — but the privacy guarantees diverge sharply once you look past the marketing pages.

This comparison digs into the architecture, jurisdiction, threat model, and real-world trade-offs of Filen and Internxt as they stand in 2026. We will look at the cipher suites, the way each handles metadata, what happens when a court order arrives, how anonymously you can pay, and where each one fits if you already pair encrypted storage with privacy-preserving money like Monero through services such as MoneroSwapper. The goal is not to crown a winner for everyone, but to give you the information you need to match the right tool to your actual threat model.

Why encrypted cloud storage matters more in 2026

The pressure on conventional cloud providers has not eased — it has intensified. Three forces have changed the calculus for anyone storing personal documents, business records, source code, or wallet backups online.

• Mandatory client-side scanning proposals: The EU's "CSA Regulation" (commonly called Chat Control) and parallel UK Online Safety Act enforcement push providers toward scanning content before encryption. Zero-knowledge services break that obligation by design, because the operator literally cannot inspect the plaintext.
• AI training pipelines: Major US clouds updated their terms in 2024 and 2025 to allow "service improvement" use of customer data, a phrase that often covers model training. End-to-end encrypted providers eliminate that risk at the source.
• Quantum harvest-now-decrypt-later: Adversaries are already archiving encrypted traffic with the expectation that quantum computers will eventually break RSA and elliptic-curve keys. Post-quantum-ready services are no longer a gimmick; they are insurance against a slow leak that has already started.

Filen and Internxt approach these pressures differently. Filen, headquartered in Steinfurt, Germany, has prioritized speed, sync reliability, and a clean cryptographic story with audited symmetric encryption. Internxt, based in Valencia, Spain, has invested heavily in marketing the post-quantum angle and ships hybrid Kyber-protected key exchange. Both fall under EU GDPR, but each country has its own surveillance footprint, which we will unpack below.

Architecture and encryption: under the hood

Marketing pages from both providers use the phrase "zero-knowledge," but the technical implementations differ in ways that matter if you are evaluating them for sensitive workloads.

Filen's cryptographic stack

Filen encrypts files client-side using XChaCha20-Poly1305 with 256-bit keys derived from your master password through PBKDF2 with 200,000 iterations. File metadata — names, sizes, paths — is encrypted with a separate symmetric key, and folder structures are obfuscated so server-side indexing reveals only opaque blob identifiers. The desktop, mobile, and web clients are open source under the AGPL-3.0 license, and the cryptographic core was audited by Cure53 in 2023, with public report PDFs still on Filen's website.

The notable absence in Filen's stack is post-quantum protection. The provider's roadmap mentions hybrid key exchange for a future release, but as of the 2026 client version, all sharing operations rely on traditional Curve25519 ECDH. For a threat model that includes a state-level adversary willing to wait fifteen years, that gap is real.

Internxt's cryptographic stack

Internxt also encrypts files client-side, but uses AES-256 in counter mode with HMAC-SHA-512 authentication rather than an AEAD construction like ChaCha20-Poly1305. Key derivation uses Argon2id with parameters that are stronger than Filen's PBKDF2 setup on paper, though both exceed any realistic offline attack threshold for a high-entropy passphrase. The headline feature is Kyber-768 hybrid key encapsulation for sharing operations and account recovery flows, layered on top of standard X25519 — a sound design that protects shared data even if Curve25519 is later broken.

Internxt also splits files using a Reed-Solomon erasure-coded approach derived from the Storj whitepaper, distributing shards across multiple nodes. The provider claims this prevents any single node operator from reconstructing files. In practice, the metadata layer still flows through Internxt's central servers, so the decentralization story is partial — closer to "geographically distributed object storage" than to truly trustless networks like Sia or Storj's mainnet.

Key differences at a glance

Property	Filen	Internxt
Jurisdiction	Germany (EU, no Five Eyes)	Spain (EU, no Five Eyes)
File cipher	XChaCha20-Poly1305	AES-256-CTR + HMAC-SHA512
Key derivation	PBKDF2-SHA512, 200k iterations	Argon2id (memory-hard)
Post-quantum sharing	Not yet (roadmap item)	Kyber-768 hybrid (shipped)
Client source code	AGPL-3.0, fully public	AGPL-3.0, fully public
Independent audit	Cure53 (2023)	Securitum (2022, 2024)
File-name encryption	Yes	Yes
Path/folder obfuscation	Full	Partial (folder count visible)
Anonymous email signup	Allowed	Allowed
Crypto payments	BTC, XMR, LTC via NowPayments	BTC, ETH (no native XMR yet)
Free tier	10 GB	10 GB (with tasks for more)

Jurisdiction, legal exposure, and metadata leakage

Encryption is only half the privacy story. The other half is what your provider can be compelled to disclose, and what information they collect even when they cannot read your files. Here, the comparison gets nuanced.

Germany has stricter data protection enforcement than most EU members. The Federal Data Protection Act (BDSG) layers on top of GDPR, and German courts have repeatedly sided with users against intelligence agencies seeking bulk access. Telecommunications providers must comply with the G10 law for targeted surveillance, but mass retention of cloud storage metadata was struck down by the Federal Constitutional Court in 2022. Filen, as a German company, is bound by these rules, which means a court order is required for targeted disclosure and that disclosure can only cover metadata the provider actually holds — not encrypted file contents they cannot decrypt.

Spain's framework is broadly comparable but has weaker case law on bulk surveillance. The Centro Nacional de Inteligencia (CNI) operates under the 2002 CNI Law, which permits judicially supervised access to electronic communications. Internxt is subject to GDPR like any EU provider, and Spanish data retention rules were partially struck down following the CJEU's La Quadrature du Net ruling. In practice, both providers can resist bulk requests and must comply with narrow, judicially approved targeted requests.

Where the providers differ more clearly is in operational metadata. Filen publishes a transparency report and explicitly documents that it logs IP addresses for thirty days, hashed, for abuse detection. Internxt logs sign-in IP addresses but redacts the last octet in transparency disclosures, with retention varying by tier. Neither provider publishes a warrant canary in the strict sense, though Filen's annual transparency report is the closest equivalent in the German-speaking market.

If your threat model includes a domestic adversary in the country where the provider is headquartered, choose the other one — diversifying jurisdictions is more important than picking the "best" single country.

Anonymous signup and payment: where Monero changes the game

Zero-knowledge encryption protects the contents of your files, but signup data and payment trails can still link an account to a real-world identity. This is where the comparison shifts from "which has stronger crypto" to "which lets you stay genuinely unlinked."

Filen accepts signups with any email — including aliased addresses from SimpleLogin, AnonAddy, or single-use Tuta accounts — and does not require phone verification at any tier. For payment, Filen accepts Bitcoin, Litecoin, and Monero through NowPayments, plus standard cards and SEPA. The Monero option means you can fund a Filen plan with no link to your bank account: buy XMR with cash, with another coin, or via a privacy-preserving swap, and pay directly. There is no KYC at any point because Filen is a service vendor, not a financial intermediary.

Internxt also allows aliased email signups and accepts Bitcoin and Ethereum, but as of mid-2026 it does not yet accept Monero directly on its checkout page. Users who want Monero-grade privacy typically convert XMR to BTC or USDC through a no-KYC swap before paying. Services like MoneroSwapper provide a quick, no-account way to do that conversion, letting you keep the privacy benefits of holding Monero up until the moment you fund a subscription. The same approach works for any service that accepts BTC but not XMR.

Step-by-step: signing up anonymously to either service

1. Create an alias email. Use SimpleLogin, AnonAddy, or a fresh Tuta or Proton Mail account that has never been linked to your real identity. Avoid Gmail or any provider tied to a phone number.
2. Connect over Tor or a trusted VPN. Both providers function over Tor, though uploads are slower. A reputable no-logs VPN that accepts Monero is a reasonable compromise for large transfers.
3. Generate a strong passphrase offline. Use a diceware list of at least six words, or a 20-character random string from a local password manager. This is the only key protecting your data.
4. Acquire Monero with no KYC. Use a peer-to-peer market, a swap from another coin, or a service like MoneroSwapper to convert from BTC, ETH, or LTC without registering an account.
5. Pay the subscription. For Filen, pay XMR directly. For Internxt, swap XMR to BTC first, then pay. Either way, generate a fresh receiving subaddress in your wallet to avoid linking transactions.
6. Verify backup access. Both providers offer a recovery key or mnemonic — write it on paper, store it physically separate from your primary device, and test recovery before you actually need it.

Performance, ecosystem, and the daily-use trade-offs

Privacy guarantees mean little if you stop using the tool because it is too slow or too limited. Here the two providers diverge in practical ways that matter for everyday workflows.

Filen has historically had the faster sync engine. Its desktop client uses a multi-threaded upload pipeline with chunked deduplication, and benchmarks from late 2025 show it consistently beating Internxt by 20 to 40 percent on bulk uploads over residential broadband. The mobile clients on iOS and Android are equally polished, with native photo backup that runs in the background and respects battery-saver modes.

Internxt has a wider feature surface. Beyond Drive, it offers Mail, VPN, Send, Photos, and Webmail under one bundle in its higher tiers — comparable to Proton's ecosystem play. If you want a single provider for several privacy-sensitive workflows, Internxt is more convenient. Filen is more focused: it does storage and storage-adjacent file sharing extremely well, and leaves email, VPN, and other tools to dedicated specialists.

For collaboration, Filen offers folder sharing with optional passwords and expiration dates, plus a dedicated business tier with subaccounts. Internxt's sharing is slightly more polished for non-technical recipients, with a built-in document preview that does not require the recipient to install anything. Neither service supports real-time collaborative editing on the level of Google Docs — that gap remains the largest practical disadvantage of zero-knowledge cloud storage in general.

A practical example: backing up wallet seeds and tax records

Imagine a freelance developer in Lisbon who earns part of their income in Monero, files Portuguese tax returns, and wants offsite backups of their wallet seed phrases, client invoices, and source code. Their threat model: a stolen laptop, a house fire, and a casual scrape of cloud metadata by an aggregator selling lifestyle insights to advertisers. State-level adversaries are not in the picture, but they would rather not bet against the future.

For this profile, either provider works well. Filen's faster sync and Monero-native payment make it slightly more convenient — the developer can buy XMR from a peer, fund the subscription, and never have a card statement tied to a "cloud storage" line item. Internxt's Kyber post-quantum sharing matters if they plan to share encrypted folders with an accountant for fifteen-year tax retention windows, where the harvest-now-decrypt-later concern is real. The decision depends on which trade-off feels more pressing.

For a journalist working with leaked documents, or a dissident inside a hostile jurisdiction, the calculus shifts. Diversification matters more than features. Many high-risk users keep an archive in Filen (Germany), a mirror in Internxt (Spain), and a third encrypted copy on a self-hosted Tahoe-LAFS or Storj setup. Splitting trust across providers and jurisdictions is the closest you can get to surveillance-resistant cloud storage without running your own infrastructure.

FAQ

Is Filen or Internxt better for storing Monero wallet seeds?

Both can store encrypted seed backups safely, but the operational details matter. Filen's faster sync and direct Monero payment let you create and maintain a backup without leaving a payment trail. Internxt's Kyber hybrid sharing is the better choice if you also need to share recovery materials with a trusted party years from now. Either way, encrypt the seed in a second layer locally — for example with GPG or a passphrase-protected archive — before uploading. Treating any cloud as a primary key store is a mistake regardless of the provider.

Can either provider see my files if compelled by a court?

No. Both Filen and Internxt run client-side encryption with keys derived from your password, which the provider never receives. A valid court order can compel them to disclose what they actually hold — metadata, IP logs, payment records — but not the plaintext of your files. The cryptographic design makes mass decryption infeasible; the legal design ensures targeted requests still go through judicial review. Forget your password, and even you cannot recover the data, which is the trade-off you accept for zero-knowledge.

Which is more "anonymous" at signup?

Both accept aliased emails, neither requires phone verification, and both work over Tor. The differentiator is payment. Filen accepts Monero directly through NowPayments, which means you can fund the account with no on-chain link to your identity. Internxt accepts Bitcoin and Ethereum but not Monero as of mid-2026, so users who want Monero-level unlinkability typically swap XMR to BTC through a no-KYC service like MoneroSwapper first. Both approaches work; the Filen flow has one fewer step.

Are the client-side audits actually trustworthy?

Filen was audited by Cure53 in 2023 and the report is publicly downloadable. Internxt has published Securitum audits from 2022 and 2024 covering the encryption library and the desktop client. Both audits found the cryptographic primitives sound and flagged minor implementation issues that were subsequently fixed. As with any audit, the value lies in what was actually scoped — read the public reports and check whether they covered the version you are about to install, not a prior release. Open-source clients let you or third parties re-verify independently.

What happens if Filen or Internxt shuts down?

Both providers publish their client source code under the AGPL-3.0 license, so the desktop and mobile applications would continue to work for local decryption even if the company disappeared overnight. The risk is that the server-side storage would become unreachable, which is why a serious privacy workflow does not depend on a single cloud. Keep one or two encrypted copies elsewhere — another zero-knowledge provider, a physical drive in a different location, or a self-hosted backup — and treat the cloud as the most convenient layer rather than the only layer.

Conclusion

Filen and Internxt are both genuine zero-knowledge providers, both open source, both audited, both based in EU jurisdictions outside the Five Eyes alliance. The choice between them is rarely about who has the "stronger" privacy — both clear the bar most users will ever need. It is about whether you value Filen's faster sync, German jurisdiction, and direct Monero payment, or Internxt's broader ecosystem, post-quantum sharing, and Spanish jurisdiction. For high-risk users, the answer is often both, with one provider mirroring the other across jurisdictions. For everyone else, pick the one whose trade-offs match your threat model and move on to the next decision.

If you are funding a privacy-preserving subscription and want to keep the payment off any KYC-linked exchange, swapping into Monero first is the cleanest path. MoneroSwapper offers no-account conversions between major coins and XMR, so you can move from a chain you bought on a regulated exchange into Monero, then pay Filen directly or swap onward to BTC for Internxt — without an account, without ID, and without leaving a paper trail that links the subscription to your real identity. Pair encrypted storage with private money, and you take back two of the most leaky surfaces of modern digital life at once.