I don’t think I’m the only one surprised by this possibility, am I?
Microsoft admitted to a ZDNet reporter that they would turn over data from European companies, in European based servers, if the data was the subject of a U.S. Patriot Act investigation or request.Now, everyone has always known that data held in U.S. based server locations could be the subject of a Patriot Act request and that the businesses and persons that were the subject of the request might not ever know if their data had been turned over. But I think a lot of companies, especially overseas, were surprised to find that the U.S. government could request their non-U.S. based data simply if the company running the service was U.S. based.
The article from Jim Rapoza No Data Privacy In The Cloud, ends with a sound advice: If you are using the cloud, use strong encryption, and keep safe the key!
If the cloud provider can’t decrypt your data, they can’t turn it over.