US Cloud Giants Face Scrutiny Over Sovereign Cloud Offerings in Europe
Brussels, Monday, 30 June 2025.
Concerns mount over ‘sovereign clouds’ from US providers like AWS and Google, as European sovereignty doubts arise due to US data laws potentially undermining local privacy regulations.
The Rise of Sovereign Cloud Solutions
In recent years, leading American cloud service providers such as AWS, Microsoft, and Google have rolled out ‘sovereign cloud’ initiatives targeted at European markets. These solutions are marketed as meeting the EU’s data protection standards and providing European customers with control over their data [1].
Legal and Regulatory Hurdles
Despite their promise, these ‘sovereign clouds’ are under scrutiny due to the application of US laws such as the CLOUD Act and FISA 702, which grant US authorities rights to access data stored by American companies, regardless of where it is physically located [1]. This raises serious implications for European data sovereignty and privacy [1][2].
Industry Reactions and Criticism
Critics argue that the sovereign cloud offerings are a form of ‘sovereign washing’, promoting an illusion of autonomy while still being subject to US legal stipulations. This critique is not just philosophical but also impacts business competitiveness and data security within the EU [1][3].
Strategic Developments by AWS
To counter such scrutiny, AWS has announced an investment of €7.8 billion in an independent European Sovereign Cloud based in Germany with local leadership and governance [4]. The project is designed to meet stringent EU requirements on data residency, security, and sovereign controls [4][5].
Implications for Europe’s Digital Sovereignty
The persistence of data access laws from the US on European soil challenges the notion of digital sovereignty. It emphasizes the need for Europe to build its own infrastructure with full legal and technical control to achieve true independence and sovereignty in digital operations [1].