How is this any different from other extra-territorial "rights" that the US has asserted for decades other than it affects corporations?
In the past, US national security laws were used to justify covert spying. And a National Security Letter (NSL) was employed to keep service providers from informing their customers that their data had been given to the US government. For example,
from ZDNet:
The U.S. government's law enforcement and intelligence agencies can access cloud stored files in Europe—such as medical and financial records, business secrets and dealings, and even government documents—in spite of seemingly strong EU data protection laws...
Former Microsoft privacy chief Caspar Bowden, speaking at a panel discussion in Brussels this week, warned that U.S. law allows the government to spy on non-U.S. citizens files and documents, and that new Europe-wide data protection law proposals specifically allow such surveillance...
anyone outside the U.S. who uses cloud products—such as Amazon, Apple, Microsoft, Google products, including businesses that outsource their infrastructures to keep costs down—are at risk of being spied on by the U.S. government...
the new EU Data Protection Regulation, which will be voted on by members of the European Parliament later this year, introduces "loopholes" that permit foreign state spying. He warned that U.S.-based Internet giants—such as the aforementioned, are forced into handing over data on European citizens when required, or they could face sanctions or prosecution.
But, it's actually not that much of a secret anymore.
The Justice Department is evolving their legal position from the current covert taking of other people's data to the public taking other people's data in a manner that overtly ignores national boundaries.
You can think of the old way as we are going to take your data under the guise that it is important to our national security. And we are going to use a NSL, so you will never know.
You can think of the new way as we are going to send you a summons in public. We don't care about national boundaries and when we get your data it is going to become part of the court record that will be publicly available.
Old way, covertly take your data to help with the war on terror.
New way, overtly take your data to help with the war on drugs, fraud, whatever...
Now, ask yourself, if you lived in Asia, South America, Africa, or Europe, why would you give up your privacy by choosing a US cloud provider (Google, Apple, Microsoft, et al)?
Why wouldn't you retain your privacy and choose a non-US provider?
Uno