Re: The threat to commerce is overblown
" technically it is a piece of piss to ensure personal data stays in Europe"
that depends on the exact specification. Yes it's very easy to make sure that EU citizens' data is in a data center that is physically on EU territory.... but in a world of VPNs and transnational private intranets, how do you then ensure that data center is not connected to anywhere outside the EU? How do you ensure that no-one outside the EU can query the data remotely? (because conceptually what's the difference between making a copy of the data and retrieving a result set?). What about EU based professionals who have access to the data and are on a business trip outside of the EU?
For this to work, it would need a spoof-free way of determining whether an incoming connection request is from the EU or not, and we all know how well that works for, say, iPlayer only being available in UK