"Canonical may disclose any or all personal data and contents you have sent, posted or published if required to comply with applicable law or the order or requirement of a court, administrative agency or other governmental body." (https://one.ubuntu.com/terms/)
So if the local village chief somewhere in East Timor wants ("requires") to see your private documents, he is welcome to. Or do we use eiusdem generis rule? Well, I would still say any administrative agency is not very narrow. I think we can at the very least expect not only secret services or police, but any part of the US federal and local government to have access to any of your saved data at any time they require it and without any court orders. The link also lists as administrative agencies: the labor relations board or the Farm Credit Administration, the Maritime Administration, Environmental Protection Agency, Food and Drug Administration, Immigration and Naturalization Service or FCC and IRS. So quite a lot of people with potential access to all of your private information.
We don’t share your personal information with anyone except to provide you with services, comply with the law, or protect our rights. (https://one.ubuntu.com/privacy/)
Canonical's rights could be a lot of things I think. Maybe it could include the right to get payed by you? If you didn't pay in time, it looks to me that by the contract terms they might share your personal information with "anyone" to protect their right to be payed.
The quotes are from the UK version of Ubuntu One, but probably apply similar everywhere. I think they actually really tried to make it privacy friendly. But at the same time, they really wanted to make sure they couldn't possible get in trouble through protecting your privacy.
DISCLAIMER: I am not a lawyer - this is not legal advise. This is just a discussion view and a try to inform the general public about something that may or may not be interpreted by professionals as here stated. You are invited to share your views in the comments.