Re: but...
surely you are still stuffed in the UK even if the data is in Switzerland? Can they not compel you to turn over the keys,login etc....?
You're correct. The issue that is being addressed is the risk of outsourcing. If you're a bank or a law firm in the UK, your core competency is probably not in running an IT shop or keeping security up to date, so you buy in that service from somewhere else (also has a neat side effect that you can blame someone else if you get hacked).
The problem is that the combination of the Regulation of Investigative Powers Act and enhanced powers when you bandy the word "terrorist" around allow a bypass of due process when it comes to intercept, so your provider could be ordered to hand over your data without you ever finding out .. or so you'd think.
The second problem is that the rules surrounding such an investigation do not really do much for your privacy either, so even the most junior policeman fresh out of school could see really confidential data - once that data has been obtained, it's a big question if it remains protected as well as you would need it to be. This is why I said "or so you'd think" - when some of that data leaks you may not have an idea how this has happened, and with all the secrecy it will be hard to discover, less prove it was actually law enforcement who caused this to happen. Either way, you will end up shouldering the blame and liability as the "National security" meme will get very much in your way.
Last but not least, the UK also has a problem with the disposal process after an investigation has been closed down. For example, until recently, DNA taken during an arrest would remain on file in contradiction with EU law and it took a court case to change that. It is now slowly being addressed.
Your next question will be "what if the UK simply asks Switzerland for the data?" and the answer to that is the next reason why you'd want your data in Switzerland: a cross-judicial request for assistance has to fulfil the conditions of the target country. In other words, if the request does not satisfy Swiss law, it will be rejected.
BTW, it's not enough to just decamp to Switzerland and then declare yourself the defender of privacy (as I see with many Swiss email providers). There is a lot more work to do before you have closed all the backdoors. I've been through that exercise and it's hard work, but you may recall I saw this trend well before Snowden came onto the scene.
The above also indicates how I knew that not all was well with US "secure email" providers even before they started up. Having your HQ in the US makes it pretty much irrelevant where you host your data as the decision power (and thus the leverage for law enforcement) is subject to US law. The latter should also give you a hint as to (a) what a massive problem Silicon Valley is presently trying to hide from you and (b) just how little value the Safe Harbour scheme has, even if you ignore the inherent conflict of interest in a self certification scheme in the first place.
The US is now in a situation where all chickens come to roost at once, and -pardon me for butchering the expression- many feathers are flying. There was a reason why we have due process: handing powers to the state is perfectly OK if it can be checked they are used for the purpose for they were given (pretty much in the same way you don't give everyone in your company the right to sign corporate cheques). Take transparency and supervision away and it becomes a mess. The bad guys have a party, and the good guys (because they exist too) no longer have a way to prove they still follow the rules. If you do this in law it takes a LONG time to sort it out. I reckon it'll be close to a decade, and that's IMHO a conservative estimate.
Some final remarks: this is not just a UK issue. A number of EU countries have implemented anti-terror measures in ways that do not exactly inspire trust, the Swedish FRA is but one example. Also, the fact that the Swiss are careful about intercept does not mean they don't have the capability, it's just that they go about it a bit more carefully.