You’re from America… so things like Patriot Act seem normal to you. But when you are from outside of the USA, and you store your data on American owned infrastructure (say, Google Apps) then you must accept the fact that US government might elect to access that data in case of supposed terrorism.

Now this can lead to interesting situations… first because it means US government has a path to hosters to request for data… and second that they might decide to abuse it in case of economical interest, like when US government intercepted private commercial offers from Airbus Industries to an airline wanting to buy planes and gave the information to Boeing so that they could make more competitive offers. This was pre-1998… In 1998 France liberalized crypto to ensure that this would not happen again.

When you store your data on an American cloud provider, you are opening the door so that it may happen again.

Hence the recommendation for legal advice. Don’t do cloud if your data SHOULD NOT FALL into American (or OTHER, for that matter, third party) hands.