Couldn't they get around it?
Let's say Apple (for instance) creates a subsidiary named iCloud International Storage, based overseas in some place with more privacy friendly laws (say some country in the EU, hopefully one that doesn't jump just because the US says so, or at least not as high as the others) and it owns and operates the cloud servers that hold data on non-US customers, with a contract that specifies that Apple can access the data to provide service to its customers but has no control over it otherwise.
Even if US law was supposed to make Apple hand over the data, Apple would be unable to do so, and iCloud International Storage would not be subject to US law. They could create multiple layers of subsidiary, all based in different countries, to make it even more difficult.
Seems that would at least slow them down. If the US tries to argue that a solely owned subsidiary is the same thing as the parent company, they could give partial ownership of it to some pro-privacy group, which would also act as a canary in the coalmine for any future government arm-twisting that presumably occurred to get all those tech companies, and eventually Apple on board with cooperating with the NSA as revealed by Snowden.
If they did all that then Apple might find me filing a "change of address" on icloud.com using a non-US address :)