My personal opinion (and lots of people will disagree with this): You don't put anything on "the cloud" that you think is important. You should always replace the word "the cloud" with "oh well, maybe someone else will take care of it." If it's not under your own control, you don't know what will be done -- and not just hacked, but lost without even an apology.
I've got no problems digitizing things, but I'd keep a copy locally and put another in a safe deposit box.
If you do decide to put it on the cloud... don't black out things. Just use good encryption. And I mean really good encryption. Lots of folks seem to be gathering data that is encrypted with the idea that "some day we'll have enough horse power to decrypt this."
Do you consider a safe deposit box any safer than "the cloud" (whatever that means)? If so why? The bank can also loose your stuff, burn down or get robbed.
Dropbox, crashplan, spideroak etc keep multiple encrypted copies in several locations. I'd consider that at least as safe as a flimsy metal box in some building. And worse: how often will you actually take that failure prone HDD there..?
edit: for backup I'd recommend something like Crashplan. $50/year for unlimited storage that runs automatically in the background so nothing to remember to do. There are tons of ads for Carbonite but I used them and did not like it, I don't recommend them.
I do.
Here's a quick handful of reasons... I think I could come up with more if I thought about it:
* I've been there. I've seen the setup. It is specifically set up such that only key holders have access. It is specifically set up for fire. It is not a flimsy metal box. (Well, it is, but it is a flimsy metal box inside another box inside a big ass vault.)
* It is a pay service. (This applies also to things like crashplan, but DOES NOT apply to things like google/dropbox/etc.). Why this is important is: if you don't know how they're making money, then you are the product. They're either mining your stuff to toss ads at you or they're working on a flimsy business plan. EVEN IF IT IS A PAY SERVICE -- you need your own third party encryption on it. If the service provide provides encryption and has the encryption key (or has it in key escrow) -- it shouldn't be considered secure.
* Historically lots of cloud services have just evaporated. Off the top of my head I can think of xdrive, ubuntu-one, ghost-cc, nirvanix, verizon and symantec's clouds that just went poof. Google also has the reputation for just suddenly deciding they don't like a service and turning it off. Dropbox has been accused of having their daemon browse through files on your computer that were outside of the dropbox folders. I'm not sure this was ever proven -- but there was a bit of a scuttlebut about it. They certainly do poke through your files once you upload them.
* It's not just will the data go away when you do not want it to... It is also how do you make the data go away when you do want it to? Cloud services are likely to keep many multiple copies of your data. Deleting your data is likely not to delete it elsewhere. Items that are in your control can be physically wiped/deleted/destroyed in a manner that even a properly executed search warrant cannot get. If there is an encrypted copy still in existence after you delete it, you can still be compelled to supply the encryption key (or held in contempt if you don't).
* You don't know (particularly with free services) how the data is shared. More than a handful of large data companies seem to be sharing data both with business partners and governments. You don't generally know what sort of Patriot Act type data seizures occur. There is a much more established warrant procedure (or at least I think there is) with physical safe deposit boxes.
* Yes, safe deposit boxes get robbed. Historically it is pretty rare. And usually it is for specific valuable items (jewelry, gold, guns, etc.) Data is not usually a target (though that could change). Online robberies target data specifically and are more likely to take everything (and sort out what is valuable later). I've watched a few online hacks happen in real time -- and this was long enough ago that personal bandwidth was a fraction of today. Even then, TONS of data was taken.
Some of these things can be mitigated by very strong encryption. But ... most people don't have an idea what strong encryption is. And it is hard to know what key length is going to be good 10 years from now. Storing things that are encrypted now for attack later is a real thing now.
How often do I take things? Once a quarter. I actually have onsite backups that run every other day (with about 30 copies onsite) with a once-a quarter offsite copy. This isn't good enough for business use, but I think it's fine for personal use.