If for example I'm fully on amazon AWS for everything, DNS/DB/Web then no matter how encrypted your data is Amazon still has a very good idea of the effectiveness of your campaign. You can't hide the number of DNS queries. You can't hide the number of TCP SYNs. Hell, there is just a huge amount of things that encryption does not cover up, especially involving time for particular transactions to occur.
Don’t be obtuse. Observing some encrypted traffic going in and out gives away some info, but it’s nothing like the email addresses, addresses, names, and order history of all of your customers.
Amazon, if they wanted, could read stats from Netflix’s database about which movies drive the most engagement and use that to determine what to license for Prime video.
It’s the difference between root on the server and capturing encrypted packets on a network.
