You can put every company which sends your personal data outside EU to court (Safe Harbour rules were kicked in the butt some time ago). Some people are even trying that with Facebook (and may be successful with that).
>Safe Harbour rules were kicked in the butt some time ago
Yes I know that. Yet I don't know of any company being shut down who violates this. There are some minor fines which afaik are disputed. In my opinion this decision has been pretty toothless so far.
I think nobody is interested in shutting down companies in general. Fines can be hurtful in general and if you are a serious company you reduce your risks and do not do anything against the law. I would not say it is toothless... there is a big market now (even Microsoft is in there) which promotes cloud services in your own country.
