Google is not getting any data when you connect to a GCP VM through TLS. Or did I miss another huge PRISM-level scandal? Same for Azure and AWS. But if you block those no wonder a huge part of the internet is gone.
They know who owns the VM, and now they know that you connected, sent & received a certain amount of data at a certain time.
[Edit: apparently this is more encrypted than I was thinking, so the next bit is probably wrong.] They could potentially look inside the VM to look at the specific data on the other side of TLS.
eSNI (or similar) still hasn't been rolled out at large scale. If your ISP wants to, it can know what domain the application is trying to connect to. Domain fronting may confuse them, but most services don't use that at all.
Google Cloud would be negligent if they didn't collect information about ingress and egress traffic mapped to each of their tenants. Since they own the servers and network, it's on them to be able to investigate and track abuse.
Perhaps I phrased it poorly. The inference seems to be Google using this data for their gain (beyond operational needs). Is there any proof of that? Or is my inference incorrect?
