And to add to any European companies additional woes
...EU law is changing to make companies responsible for the Public's personal data that it holds. Most people will say so what until they realise that the risk of holding that data where they have been asked to delete it will result in a fine of 5% of global turnover or €100m, whichever is greater.
So picture yourself in about 2 years sitting at your desk when an email comes through to the CDO (or Data Officer is in charge of the data to the company) from Joe Public asking for the company to verify what data is held on them whilst CCing in the Information Commissioners Office for the UK (or whatever European company). Every data source will have to be checked by the company and deleted, and a response to Joe Public attesting to that the company holds no personal data on said Joe Public. 3 months later marketing send out an email to Joe Public with a "Congratulations, its your birthday/work anniversary/ retirement day/ whatever day and they're doing a special in the are where your live for 30% discount on some irrelevant product that will make your life better, more desirable and better job! (TM)."
Joe Public complains to ICO about data violation and the next thing you know you have the CEO/CFO/CIO/CSO/CDO/ whatever CxO(s) you happen to report to running into your department screaming about this and its your fault... not that they would spend any money getting you the tools that would have helped you clear up the mess in the first instance automatically.
One P60 later and a boot print on your arse as your kicked out the door (hey, someone has to be the fall guy and your at the bottom of the ladder) the company apologises profusely and takes a slap on the wrist and gets their shit together. You on the other hand need to find a new job with a "dismissed" notification on your CV, nice and the new employee/manager/whatever position you were in gets the tools you asked for in the first place!
May sound a bit pessimistic but remember 2 things, the law of gravity means shit always flows down so never be on the bottom and the EU Directive 95/46/EC (http://searchsecurity.techtarget.co.uk/definition/EU-Data-Protection-Directive) looks like it will be active by the end of 2015, with 18 months for companies to get their data in order.
Add this to the fact that the US wants the company's data and your in charge of the infrastructure means that your job is about become really interesting!
Gimp Mask Icon as you about to be that for your company, now where's the lube...