For me (as european) it is now unacceptable to use american webservices and remote apps.
As someone running businesses in Europe, I am genuinely concerned about whether the Safe Harbor scheme still protects us legally if we allow US-based services to use personal data about our customers.
As I understand it, the point of Safe Harbor is to recognise that some US-based companies have data protection measures sufficient to meet the stronger European standards, and therefore to permit the export of such personal data outside the EEA to those trusted partners where this would otherwise be against the law.
Given that the protection that any US-based partner can offer is now known to be limited, and that no-one running a business here could credibly claim not to be aware of that, I don't know where we'd stand legally if a politically active customer decided to make a point. Even if we openly disclose which US-based partners are involved as part of the relevant privacy policy, it still leaves a bad taste in the mouth.
Give it a little while. This is the very first time this issue has come up for a vote post-Snowden, it's also in the summer when plenty of people are not paying all that much attention to this sort of thing (vacations and such).
This vote has demonstrated a really serious intent to change things, and there's a good chance they will be in due course.
Given the tepid reaction (or tacit endorsement) of Europe to the spying revelations, I'm not sure what country to put trust in for cloud services or hosting.
There's actually a strong cooperation going on between the BND (German foreign intelligence service) and the NSA, with the NSA praising the BND as key partners and other fancy things. [1]
So sadly, there isn't truly any "safe" country out there for hosting your data... Sweden's military tends to track all border-crossing network connections, the BND seems to be listening at DE-CIX...
Also, I'm sure that Switzerland routes their data through some internet exchange node that some NSA-friendly intelligence agency listens at.
In terms of data protection laws & how much access to your actual servers the authorities get, I believe that German & Swiss laws are quite good though.
For me (as a European) I think it shows that there's life left in the democratic process in the US. I am heartened by that. It shows, though the effort failed, that there is a strong bi-partisan backlash against mass surveillance. I think it also shows up badly how silent European countries have been; where are similar parliamentary revolts in the UK, France, Germany, Italy, ...?
I am very glad the vote was close, it would have been utterly terrible if it was not close. The executive branch is well out of step with the House. One really wonders if the president's pre-election rhetoric was naivety or lies. I suspect a bit of both. I believe that it points to the fact that the executive branch has been partly captured by the military, let's not forget that a general heads what should be essentially a civilian organ.
The issue still remains though that even if miraculously provisions are put into place for US citizens we still have the mass surveillance of every other nation's citizens by numerous nations just because net traffic is routed through their geographic location. Never mind tapping into trans-oceanic cables - if that's true, I can't believe that could be true, how horrific. We need a Geneva convention on mass surveillance / privacy. It's going to take years and years. Also, what do all the spooks do with all that hardware?
