MS is right in that the physical location doesn't necessary make the data safer, though... especially for the same reasons you mention yourself.
There's three things to consider:
1) national laws where the servers are hosted
2) registered nationality of company hosting your data (Amerikan companies have to hand out data to NSA/FBI/whateverTLA on request, regardless of where their servers are hosted, because of TPA).
3) encryption, encryption, encryption, encryption.
With all that in mind, I'd still wish all government would do the fscking only sensible thing: build their own clouds, using open source technology, and not having it hosted by a third party.