Sanctuary, not Safe Harbor
Google employs all the 'rogue engineers', Apple has all the 'holding it' experts. The rest of us don't need Safe Harbor, we need Sanctuary. Data security is not weather driven. The rules for The Cloud are no different than for taking a thumb drive out of the office. Sooner or later, the data **should have been** redacted, before you stored it on the external media.
If you weren't smart enough to figure out, a priori, what would get you into trouble, this may be of some help ...
http://www.rustprivacy.org/2011/pii/cnpii.xml
The key point is that if parties unknown are picking through your data, you need not have any guilt sending them off to chase their tails.
http://purl.org/pii/terms/