If you look to the EU - they do have something like the Patriot Act too.
They do have: The "Policy Planning and Early Warning Unit" ("Policy Unit") in the High Representative for CFSP, the "Political and Security Committee" at the "Council for General Affairs and External Relations", the "EU Common Position and Analysis Center" (EU Joint Situation Centre / SitCen), EU Military Committee (EUMC) and the EU Satellite Centre (EUSC).
And in relation to internal security: Europol, the "Schengen" structure, "Terrorism Working Party" (TWP), "Police Working Group on Terrorism" (PWGT), "Counter Terrorism Group" (CTG), the EU anti-fraud authority OLAF.
In the EU there is currently a huge discussion how this could happen. Some newspapers wrote that all intelligence services in the EU are reporting back to the intelligence services of France, Germany and Great Britain. They had to admit that every intelligence was working with the US to ensure smooth
information exchange.
So please don't count on any EU based provider. And even if a provider is too small to have a some intelligence payed employees gues which companies are owning the datacenters? And even if you find a datacenter which is owned by a local company - guess what uplink providers are used.
And yes even Sweden does have some dirty linen. I just say "extraordinary renditions":
Sweden, 18th December 2001 a serious violation of human rights. In the evening, Muhammed Al Zary and Ahmed Agiza were
deported to Egypt. The two men were arrested in the afternoon in Karlstad near Stockholm on the street and were
then passed - without bringing them before a judge and without any reasonable suspicion - to American agents at
Stockholm-Bromma Airport. They were then brought out by a special aircraft from Sweden. In Egypt the abductees
were tortured.
Anyone believing they care about data privacy?