interesting side note, and reminder about housing your own data instead of letting a corporation read it and share it with other countries:
The nethserver appliance seems to now have first boot security policy installation options that comply with federal rules for controlled unclassified information as well as complying with the USGCB-STIG and CJIS security policies..
So divesting from CorpData is as hard as setting up an appliance.. There's several out there, but I was testing out this particular one and saw that in the policy list :)