Well, it is true. And the reason is more insidious than any of the responders imagined.
There is a law in Europe, the EU Privacy Directive. This is a pan-Union statute, and it appears that even though only one country (UK) has adopted an implementing statute, the courts of France, Germany and Italy have granted relief to claimants anyway.
What the directive says is that if your business receives or uses "personal identification infotmation," your business must adopt and publish a privacy policy that meets certain standards, and you must comply with that policy.
Back in 1999, when the Directive became effective, Al Gore negotiated a gentlemen's agreement with the EU. It said that as long as the FTC had authority to punish a United States company that violated its own privacy policy, the EU would deem the USA to be a "complying state" and would not prohibit the transfer of "personal identifying information" to the United States. The Clinton Administration saw the commencement of several enforcement actions against companies that transferred personal information in a way contrary to the policy, and the EU was happy. Reasonably. Kind of. Cynical as all get-out, considering that the whole area of "Privacy Law" was something that the EU thought the USA had created. See, e.g., Griswold v. Connecticut and Roe v. Wade.
Under the Bush Administration, several things happened.
First, the FTC was required to withdraw its amicus brief in the EToys Bankruptcy case. In EToys, one of the more spectacular "Internet Bubble" bankruptcies that were triggered in the months after Bush took office and Greenspan decided the time was ripe for a major recession, the Trustee in Bankruptcy argued--successfully--that the customer information base was an asset of the company. In fact, it was the company's only real asset. And other retailers were prepared to pay $1.00 per record if certain criteria (including the disclosure of social security numbers and other personal information) were satisfied. The Electronic Frontier Foundation was especially up in arms, because the economics of the deal suggested that the information vendors intended to market the data to the dark side, to organizations that supply data for identity theft attackers. The EToys Trustee said he did not disagree, but he had a duty to maximize the payout to creditors.
The Bankruptcy Court blew its stack and ruled that because of the FTC Regulations regarding the EU privacy directive, the personal identifying information was not "owned" by EToys and could not be disclosed. The Trustee appealed.
The District Court affirmed the Bankruptcy Court decision. The Trustee appealed again.
The Circuit Court of Appeals reversed, on the grounds that (a) the argument was nonsense because the EU Privacy Directive was not legally binding and (b) the FTC no longer enforced the Information Handling Regulations. Of course, it could not, because Bush wiped out that section of the FTC as "stifling to good business competition" within his first 100 days in office. All of the enforcement actions that had been brought by the Clinton Administration were discontinued by the Bush Administration, which dismissed complaints that the US was imperiling international internet commerce. The complaints were ignored.
The US Supreme Court refused to hear the appeal. It also refused to allow the EU Commissioner for Trade & Remote Contracting to file an amicus brief. This was in 2004.
It took a while for the information to reach the Council of the Union. It took even longer for the Councillors to realize the Bush administration's contempt for the EU was so great that it would stop at nothing to block the application of the Directive to US companies. It's not surprising, then, that by the end of 2005, there were regulations in place in all the major countries of the EU that prohibit the transfer of information to US companies. It has taken a while for European companies to get into compliance. A British company that sells sex toys on the internet had a warehouse in the USA that it used to fulfill order in the US. It printed labels with the purchaser's address and order number, put the labels on boxes packed with toys, and gave the boxes and waybills to UPS, whose privacy policy did not address this kind of information transfer. The British Courts fined the company £250000.
The net result is that companies in the EU have a strong disincentive to do business with anyone in the USA, because we are information pirates. Yes, the EU built the wall, but they did it to protect their own citizens from the rogue regime that calls itself the United States of America. It's not "apparent tension," that's a euphemism. It's a trade war, and the US is certain to lose it, because the EU is a bigger market than the US, and it now has a high-sounding basis for excluding US companies from the market.
Just another example of how Das Bushleiter's policies produce an outcome that is diametrically opposed to what he says he's trying to accomplish. I don't think he's really all that stupid; I just do not understand why anyone's agenda would include reducing the volume of international commerce.
Oh, right. Bush & Co. are isolationists who would have the US ignore the rest of the world if possible. A policy as foolish as it is impossible.