That the Data is Secure?
Way too often we find out about problems after they are exploited even in the best regulated systems.
For instance how do the German Regulations address Side Channels?
I'm betting they simply do not and will not till there is a Data Breach through this attack vector and then they will come out with some Regulations after the event.
Keep Up with TechRepublic