[saiya-jin]

That might be true if you are US person. If you're not, like 95% of the mankind, using non-US hosted services lowers the threat. Nobody knows how much since the answer lies in NSA capabilities.

But as a smart approach, for folks ie in Europe, US is a big no-no if security is a concern.

[tptacek]

I don't see how it does; if you're a non-US person using a non-US service, you have essentially no formal legal protections whatsoever from NSA surveillance. A non-US person using a US service at least inherits whatever procedural protections US companies have. I'm not saying it's a meaningful barrier, just that going overseas logically can't gain you protection (unless you're more worried about the Swiss or EU's sigint agencies than you are the NSA).

[Barrin92]

As a non-US person I'm not concerned about the NSA, it doesn't have a material impact on me, it's not like the NSA orders a black helicopter to snatch me from Germany. I'm worried about corporate use of my data because that stuff can actually realistically leak or be used for ads or whatever else and in this case I have probably better default protections with a Swiss company than with a US based one. (with some exceptions of course, Signal and so on seem trustworthy).

[tptacek]

Sure, this makes sense to me.