I know a little bit about Safe Harbor from a previous life.
What it is – allows U.S. corporations to hold privacy data about their customers and employees who reside in an EU member state (such as Spain, France, Italy, Germany, UK, etc.). It requires that the U.S. corporations who do this hold the data in the same manner (and with the same restrictions) as are required for corporations operating in the EU (under the EU Privacy Directive, which has been incorporated into the general laws of individual EU member states). There are some significant requirements that apply under Safe Harbor that many US companies may not be accustomed to – such as consent and notification.
What it is not – any sort of data privacy protection or guarantee for any person who does not reside in an EU member state.
I HIGHLY recommend that DH consult with an attorney knowledgeable in Safe Harbor and EU Privacy Directive laws. Of particular concern would be how Safe Harbor would ensure that companies based in EU member states and that use DH as a data host will be adequately compliant with the Privacy Directive.