[mqus]

oh I know. And considering the CLOUD act that's how it should be. Maybe I shouldn't have written "easy to follow" since stuff like backups can get tricky and DSARs can be a pain on the receiving side, but it is certainly easy to understand. I do hope that GDPR does add a wedge for getting less dependent on US companies that obviously do not care about privacy at all.

But please also share the more nuanced take on the GDPR of your lawyer. You can't go around making claims like that without substantiating them ;).