While viewing the matter from a Dutch perspective, this paper, titled “Cloud Computing in Higher Education and Research Institutions and the USA Patriot Act“, and written by legal experts at the University of Amsterdam’s Institute for Information Law, outlines the privacy implications of Cloud based storage in this ‘post 9/11 world’.
I found the following lines particularly striking: “The transition to cloud computing will, in principle, result in a lower degree of autonomy for higher education and research institutions in terms of requests for information of the type discussed above. In this light, the specific risks run in the case of certain categories of data need to be carefully examined. This should include the question whether there are data for which a lack of autonomy would be unacceptable.”
In essence, the situation boils down to this: US law enforcement services can gain access to your Cloud data, even on a server outside of United States, if the data is hosted by a provider that conducts business with United States. Read more