Sovereign Cloud–AI Conundrum

Rising geopolitical competition and the power of artificial intelligence (AI) are driving governments around the world to establish greater control over cloud computing. The growth of cloud has made it the backbone of modern economies, integral to the provision of public services, and the foundation of advanced technologies such as AI. U.S. cloud providers—led by Amazon, Google, Microsoft, and Oracle—provide 75 percent of global cloud services. Countries are reassessing their dependencies on the United States and hence on U.S. cloud providers, and pursuing independent “sovereign clouds” and “sovereign AI” supported by local providers. This is part of a broader push for digital sovereignty by other countries to more fully control their economies and security.

More and more, countries around the world are requiring restrictive sovereign cloud controls that go well beyond strong security, data sovereignty, and building local datacenter infrastructure that have been the focus of the past five-plus years. Some governments are now insisting on full operational control by their citizens and full governance control, with local source code repositories and, in some cases, majority local (non-U.S.) ownership. Governments want to ensure they can assume full control of cloud infrastructure in case disruption halts cloud operations in their country or denies them access to cloud infrastructure. Recent sanctions on Russia and China and the rise of the Trump administration’s “America First” policy are also fueling international concerns about how potential U.S. sanctions could disrupt their access to U.S. cloud provider services. This is leading countries to embrace sovereign cloud initiatives that establish not only data sovereignty but sovereignty over the whole IT stack, including datacenters, networks, storage, AI models, operations, and governance. Further, the potential transformative capability of AI is heightening government desires to capture its benefits and avoid being harmed or relegated to dependent players. This is driving governments’ push for more restrictive sovereign cloud controls and sovereign AI initiatives. Calls for a “EuroStack”—a full IT cloud and AI infrastructure owned and fully controlled by European entities that is independent of the United States—is the most recent example.

Governments have legitimate political, economic, and security interests in regulating cloud computing. Yet how do they achieve their goals? Do they pursue them with allies and partners who hold shared values and interests in ways that increase prosperity and security, or by building walls and excluding others with restrictive policies that reduce prosperity and security. If nationalistic sovereign clouds become isolated “splinter clouds,” it accelerates fragmentation, brings huge economic costs, and works against the open, rules-based global technology system. Fractures in the global cloud are already visible. China, Russia, Iran, and North Korea have formed an authoritarian axis; Europe has its own vision and is charting an independent course; Brazil and India champion the “Global South.” Further, the allure of sovereign AI is boosting interest in sovereign cloud. Yet, sovereign cloud is not required for sovereign AI. National AI models and datasets can be built, deployed, and secured using most modern IT infrastructure.

Sovereign clouds may offer greater control, but they do not provide greater technical security. Yet sovereign controls bring higher costs, slower growth, and less innovation—making the economies of countries that use them less competitive. Governments can achieve most of their security goals in traditional commercial cloud regions via technology, operational controls, and legal/compliance regimes. Sovereign cloud brings additional visibility, access, and political control—and thus, trust—even though the underlying technical security is the same. (See the definition of sovereign cloud in the next section.) But at what cost? A European think tank study showed discriminatory sovereign cloud rules in the draft European security certification scheme (EUCS) would lead to annual losses of €29 to €610 billion within two years, depending on how broadly they are applied. Proponents of a Euro-IT stack have proposed an initial €300 billion investment. Given the huge costs, have governments explicitly defined their risks, the likelihood of such risks, and how they can be mitigated before jumping to restrictive sovereign clouds? What additional steps can cloud providers take to enhance trust by demonstrating security, transparency, and sovereign control? How can governments provide strong legal protections for access to user data, minimizing the need for sovereign restrictions? Further, how broadly will sovereign clouds reach: to sensitive government functions only, or broad public services? Or will they extend to even privately-owned public services in communications, healthcare, banking, and energy? Government expenditures are large (e.g., 40–60 percent of GDP in Europe), so sovereign clouds risk splintering the cloud market. Decades of experience show that sovereign infrastructure has a poor track record of success and often becomes stranded investment, burdening economies. This has already happened with an early version of Cloud Deutschland and Europe’s Gaia-X cloud project. Even if well-intentioned, restrictive sovereign clouds may simply not achieve their goals, are likely unsustainable, and will require continued investments.

These are not hypothetical risks. Cloud providers are listening to their government customers and providing a continuum of sovereign cloud solutions. Amazon, Google, IBM, Microsoft, and Oracle all have sovereign cloud solutions, ranging from local private clouds that can be installed in government datacenters to software-controlled sovereign clouds running on top of public cloud infrastructure to physically and logically isolated sovereign regions. These are not small initiatives; for example, Amazon’s European Sovereign Cloud is planned to cost €7.8 billion. Nvidia is also urging countries to build their own sovereign AI infrastructure, which is on track to provide it $20 billion in revenue this fiscal year. IDC estimates the sovereign cloud market will exceed $250 billion in 2027.

Rising geopolitical competition, digital sovereignty, and the allure of AI suggest that sovereign cloud and sovereign AI will gain greater adoption. This paper proposes ten recommendations to focus sovereign cloud on achieving government priorities, minimizing costs, and building greater prosperity and security among democratic, rule-of-law nations. The following are brief summaries of the recommendations, and the conclusion of this report provides more specifics.

1. Avoid burdening purely commercial activities with the cost and innovation penalty of sovereign cloud.

2. Use sovereign clouds for government services where they are appropriate to the threat and where the political and economic benefits outweigh the costs. Governments should fully use security tools before jumping to sovereign clouds.

3. Take a risk-based approach that classifies government applications and data into risk-based tiers, quantifies the likelihood of risks, and identifies priority risks to mitigate.

4. Build trust by enhancing cloud transparency and joint industry-government confidence-building measures that test security controls and resiliency commitments. Convene a G7 and Organisation for Economic Co-operation and Development (OECD) group with industry to develop trustworthy cloud criteria. Create a sovereign cloud training academy and skill certification.

5. Mitigate risk of disruption of the cloud by sanctions or “kill switch” risks by strengthening resiliency and workload portability via architectural requirements, tools, and open-source software. Avoid restrictive national clouds except where absolutely necessary and as part of an overall risk management strategy.

6. Partner with cloud providers to achieve sovereign goals, so governments can avoid spending billions of dollars replicating largely undifferentiated IT infrastructure. Focus national economic development initiatives on higher-level services and workforce training that better drive growth and promote national priorities.

7. Focus sovereign AI on building national AI models and datasets that reflect a nation’s distinct heritage rather than lower-level IT that does not. Sovereign cloud infrastructure is not required for sovereign AI.

8. Avoid country-ownership-based cloud requirements that erect trade, investment, and political barriers to partners and splinter the cloud. Use transparent, functional requirements instead.

9. The U.S. government and U.S. cloud providers need to show other countries that their economic development goals are better achieved in partnership with the United States, rather than by exclusion.

10. Accelerate government-to-government negotiations to address underlying political and policy concerns that give rise to sovereign clouds, especially data sovereignty and economic sanctions.

What Is Sovereign Cloud?

There is no common definition of sovereign cloud, and different countries and government departments define it differently. However, the core idea of sovereign cloud is to achieve greater transparency, control, and trust of cloud computing, so that governments are assured of security, availability of services, resiliency in cases of disruption, geographic residency and control of data at all times, and confidence that bad actors or the cloud operator does not have access to their data. There is a spectrum of approaches, as each country has different goals and requires different controls for different uses.

▲ Table 1: Defining a “Sovereign Cloud”

The controls in Table 1 (right column) represent the array of sovereign goals (left column) countries seek when they build sovereign clouds. Nearly all of the controls are offered by U.S. hyperscale sovereign cloud solutions and are custom designed to meet sovereign requirements while preserving the innovation of commercial clouds. However, requiring majority local (non-U.S.) ownership and separate national or regional clouds provided by national champions that are immune from the laws of others are what the author calls “restrictive” or “autarkic” clouds that break the backbone of the global public cloud and its many benefits.

Sovereign clouds have essentially the same technical security as commercial cloud regions. Other work has shown that cloud computing gives governments the tools they need to achieve technical security. However, for sensitive workloads, some governments want enhanced transparency, access, and controls that provide additional confidence and trust (e.g., more granular controls to enforce data and metadata residency, operations and customer support by local citizens, separate identity and access controls, and extra monitoring to prove compliance). France goes even further, requiring majority local ownership of clouds handling sensitive data as a precondition of service. Cloud regions for classified data and defense and intelligence purposes are also a type of sovereign cloud for the most sensitive uses, but this paper does not explicitly address them since they are often “air-gapped” and present separate issues. These “classified clouds” are best pursued with allies that have close relations or security treaties that establish a broader political alignment and baseline level of trust.

Government concerns are growing about disruption of the cloud—and even being cut-off from it—leading to expanding sovereign cloud requirements. Initial focus on data sovereignty led cloud providers to build hundreds of local datacenter regions around the world. This expanded to networking, software, security, and the logical end-to-end systems to provide greater transparency and control. In turn, countries focused on operational sovereignty and the people and processes that run the cloud. In 2025, rising geopolitical competition is leading to new rules for full operational and governance control, in case access to U.S.-controlled cloud infrastructure is potentially cut off or disrupted. In Europe, many are calling for an independent sovereign EU cloud—such as the EuroStack proposal put forth in January and March 2025—to reduce dependencies on the United States.

• Shortly after the EuroStack proposal, on April 30, 2025, Microsoft President Brad Smith launched new “European digital commitments,” including an EU corporate entity for Microsoft’s EU datacenter operations, with an all-European board of directors, under EU law, on top of its many decade-long EU cloud commitments. Microsoft will implement “digital resilience” plans that include saving the source code in Switzerland, setting up continuity agreements with local EU cloud providers, and implementing binding contracts. Microsoft explicitly commits: “In the unlikely event we are ever ordered by any government anywhere in the world to suspend or cease cloud operations in Europe, we are committing that Microsoft will promptly and vigorously contest such a measure using all legal avenues available . . . (and) by including a new European Digital Resilience Commitment in all of our contracts.”

• On May 21, 2025, Google updated its sovereign cloud solutions, including an air-gapped distributed cloud solution (without connectivity to an external network) with open-source software that can be operated by local partners in the event that there is no access to the global public cloud.

• On June 3, 2025, Amazon announced a new EU governance structure and controls for its €7.8 billion AWS European Sovereign Cloud. It “will have no critical dependencies on non-EU infrastructure” and there will be “zero operational control outside of EU” borders. Amazon is creating a new corporation in Germany, led by EU citizens, that is bound by EU rules. The new corporation has an independent governance structure, a dedicated EU security operations center, and a local EU replica of the source code.

These latest actions on governance and control—even after years of expanding commitments and tens of billions of dollars in investment—suggest that U.S. cloud providers see a risk that governments could create their own restrictive sovereign clouds that exclude the United States and U.S. companies.

The Forces Driving Sovereign Cloud

The issues of sovereignty and political control are governments’ core concerns. At first, governments around the world were pushing back on U.S. Big Tech companies’ business practices. Many believe that these companies set most of the tech policy rules in the Internet 1.0 period. Though many of these issues (e.g., social media) concern individual consumers and are substantively different than the issues surrounding enterprise cloud computing, they fed government desires for greater political control to align IT with their goals, avoid dependency, and independently set the rules that govern technology in their countries. These high-level goals are appropriate in a world of sovereign states. Yet, the devil is in the details, and digital sovereignty can be a double-edged sword. It can be used to unfairly block foreign market access, surveil and suppress political opponents, and censor information.

The U.S. shift to an America First policy has added to growing sovereign cloud momentum by increasing the perceived risk of countries being cut off from U.S. cloud providers’ infrastructure around the world. Recent national security sanctions against Russia and China have illustrated how countries can be cut off from the global economy and infrastructure. This is leading governments to go beyond jurisdictional control to achieve full operational control of the cloud to ensure that they are not denied access to cloud services, either by hostile actors or by sanctions. In 2018, insurer Lloyd’s of London found that a hypothetical cyber incident in which a top cloud provider was taken offline in the United States for three to six days would create losses of $6.9–$14.7 billion. The potential loss has since grown much larger, showing the unacceptable costs of losing access to the cloud.

Countries are reassessing their dependencies on the United States, though they are still reliant on U.S. clouds. Northern European countries (Denmark, Germany, and the Netherlands) that are more free-market oriented have traditionally supported the United States and have limited restrictive EU cloud rules, yet even they have now become more favorable to restrictive EU sovereign approaches. The suspension of a Microsoft email account in Brussels in response to a U.S. executive order sanctioning the prosecutor of the International Criminal Court in May 2025 was a political shock in Europe. Though the issues are not new, this incident illustrated fears that the United States could shut off the cloud in Europe. Bitkom, Germany’s “digital economy” association of 2,200 companies, has issued a formal call for a German cloud, showing “62 percent of companies in Germany would stagnate without cloud services . . . 78 percent believe Germany is too dependent on US cloud providers, and 82 percent want . . . hyperscalers from Germany or Europe . . . . Furthermore, [the] 50 percent that use cloud computing feel compelled to rethink [their] own cloud strategy due to the policies of the new US administration.” The Dutch parliament has passed motions to build the Netherlands its own national cloud and is pushing the European Union to move from U.S. clouds to European providers.

Many governments are responding to the risk of losing access to cloud services by building more controls around sovereign clouds inside their borders. Yet the best example of a response to a loss of cloud services is Ukraine ending its data localization rules and moving the bulk of its government IT outside its borders in the wake of Russia’s invasion. In 2022, ten petabytes (PB) of data from 42 Ukraine government authorities, 24 universities, and dozens of private companies were migrated to the cloud outside of Ukraine. Ukraine’s PrivatBank, which serves 40 percent of the country’s population, moved all of its operations to the cloud, including 270 applications and 4 PB of client data. Similarly, Estonia and Monaco have built a “data embassy” backup in Luxembourg. Luxembourg and Bahrain have created legal and physical infrastructure to host data embassies. These cases represent the opposite of data localization, as countries move data outside their borders but retain full legal control.

The earlier push for data sovereignty is expanding to sovereign control over the entire IT stack—in the form of the sovereign cloud. Data sovereignty, data privacy, and the free flow of data are long-standing issues that have been addressed in multilateral government fora such as the OECD, the World Trade Organization, the G7, the Asia-Pacific Economic Cooperation (APEC), and others. In particular, the United States and Europe have been challenged to achieve predictable rules for data flows in the wake of the EU General Data Protection Regulation (GDPR) and the Schrems lawsuits. The European Union (and other countries) are concerned about potential U.S. government access to EU data held outside the United States via the cloud. The US Clarifying Lawful Overseas Use of Data (CLOUD) Act of 2018 was in part intended to provide more clarity, protect data, and resolve conflicts of law related to requests for electronic data for public safety. Further, the U.S. Department of Justice formally stated that its policy is to first make data requests directly to the affected parties or customer, not to the cloud provider. The cloud providers disclose government data requests; for example, Amazon says there are no “requests [that] resulted in the disclosure to the U.S. government of enterprise or government content data located outside the United States.” However, this has proven insufficient, and U.S.-EU efforts to negotiate a separate bilateral agreement have not yet materialized. Other experts have delved into these complex data sovereignty issues, and this paper will not replicate that work. Yet it should be emphasized that sovereign cloud expands the focus from just data sovereignty to sovereignty over the full IT stack, including the AI stack.

Economic development and economic nationalism are also driving sovereign cloud. States set the rules to distribute wealth to their companies and treasuries and to generate local jobs and income. A strong economy and technical leadership are sources of national power. Cloud computing is rightly seen as a foundational technology. Cloud is integral to a country’s growth and economic competitiveness. Yet given the huge economies of scale and the billions of dollars needed to build and maintain a full cloud region, it is not economically viable to have national cloud computing champions. Nonetheless, countries are seeking to build their own cloud industries. The U.S. Trade Representative (USTR) identifies discriminatory trade concerns against U.S. cloud providers in 15 countries, plus the European Union—amounting to roughly 45 percent of global GDP (nearly 60 percent with the European Union included)—in its 2025 National Trade Estimate (NTE) of trade barriers. China has blocked foreign cloud providers and requires them to license their technology to Chinese-owned joint ventures. Europe has several cloud providers (e.g., Deutsche Telecom, Hetzner, Orange, Outscale, OVHcloud, and Scaleway) that are much smaller, with more limited services. The European Union created its Gaia-X project to build a European cloud industry and is spending over €1.2 billion on its next generation cloud, boosted by additional member-state spending.

French policies that prevent foreign cloud providers from managing sensitive data as a precondition for providing service are likely a discriminatory violation of French trade agreements. The 2025 NTE and the prior Biden administration NTE called this out, stating that French “government agencies and commercial entities considered ‘critical’ must select only cloud services vendors with a SecNumCloud certification to handle their highly sensitive data.” This certification “requires that any cloud provider . . . must be at least 61 percent EU-owned and ‘immune’ from non-EU laws.” Google (S3ns with Thales) and Microsoft (Bleu with Cap Gemini and Orange) have been forced to license their technologies to French-owned joint ventures to meet these rules. Efforts to make the rules apply across Europe via the EUCS cybersecurity certification scheme have been stopped, but these provisions may resurface in areas such as government procurement. In the new era of tariffs, these practices are unlikely to be challenged, but they show how even advanced market economies and democratic allies are pursuing restrictive policies that block foreign providers.

The EuroStack project seeks to go well beyond these efforts and create a sovereign EU IT stack that is fully independent from the United States and that encompasses semiconductors, software, cloud computing, quantum, networking, and even applications. The German Bertelsmann Foundation describes the EuroStack project goals: “Beyond reducing technological dependence, the initiative seeks to boost industry competitiveness, drive innovation, [and] build resilient sovereign infrastructures.” Over 250 companies in Europe have signed a letter to the president of the European Union calling for deployment of the EuroStack by 2030. While likely not a realistic alternative to U.S. clouds, the initiative shows how many leading actors in Europe are aggressively pursuing sovereign IT.

Sovereign cloud has political appeal; yet it may not end up achieving its goals. It imposes costs on growth and innovation to achieve goals that may be better achieved in other ways. The goal of immunity from the laws of others directly contradicts and is incompatible with the basic economics of trade. Sovereign cloud may help insulate countries from risk, but there is no way for states to be fully independent.

AI Is Leading to More Regulation of the Cloud

The power and potential transformative capability of AI—especially generative AI—is heightening governments’ push for more control over the cloud. AI has increased governments’ concerns about being left out of its benefits, exposed to its potential harms, or relegated to dependent players. Most generative AI systems physically reside in the cloud, so AI regulation often means more cloud regulation. AI’s large potential impact is raising the stakes and increasing interest in sovereign cloud.

Governments want to benefit from AI-driven economic growth and productivity. Much has been written about the potential transformative benefits of AI in content creation, workforce productivity, new drug discovery, software development, and many other areas. Governments rightly see AI as central to their economic vitality and future. AI is a general-purpose technology, and governments are seeking broad public access and diffusion across the economy to drive productivity. How much economic benefit AI will create is an active debate. A recent McKinsey study found that “Generative AI could add the equivalent of $2.6 trillion to $4.4 trillion annually” in value and “enable labor productivity growth of 0.1 to 0.6 percent annually through 2040.” However, others including Massachusetts Institute of Technology economist and Nobel laureate Daron Acemoglu are more cautious.

Governments are rightly concerned about national security and the risks of harm from AI. Nearly all countries are debating the benefits and risks of AI in economics (e.g., employment disruption, innovation, growth, antitrust, and copyright), social and culture issues (e.g., biases and inaccuracy of AI models; privacy; and discrimination in housing, finance, and insurance), energy (e.g., availability, sustainability and cost), politics (e.g., elections, disinformation, and surveillance), and security issues (e.g., cybersecurity and autonomous weapons). These risks, potentially including existential risk to humanity, give governments a strong interest in regulating AI.

Governments want their sovereign voice in AI development and governance. Technology drives national power, and AI will likely change the balance of power among countries. Governments do not want to be relegated to being dependent players. AI has big potential impacts across economics, politics, culture, and security, and countries want a say in how it is developed. AI expertise is concentrated in the United States and China. Countries that lack AI expertise and infrastructure do not want to be forced to accept what others decide, or left out of AI governance discussions. AI is especially dependent on big volumes of data, so countries do not want to only provide data to models that are controlled by others. Saudi Arabia and Abu Dhabi, for instance, are using their wealth to acquire AI capabilities and get a seat at the table. Abu Dhabi’s state-backed G42 AI company struck a deal with Microsoft, and then came under pressure from the United States to limit flows of AI to China if it wanted access to cutting-edge U.S. AI.

Regulation of AI often leads to regulation of the cloud in which AI is trained and deployed. For example, the U.S. 2023 AI executive order (now repealed) “require[s] United States IaaS [cloud] Providers to submit a report to the Secretary of Commerce when a foreign person transacts with that United States IaaS Provider to train a large AI model with potential capabilities that could be used in malicious cyber-enabled activity.” AI models make big demands on IT infrastructure, and especially on AI accelerator chips, or graphics processing units (GPUs). AI is driving a “re-architecture” of over $1 trillion of cloud datacenters, including storage, networking, and power and cooling. In 2024, the big five U.S. cloud providers invested $265 billion to achieve this with another $435 billion underway in 2025. Few beyond the cloud providers have the expertise and resources to build AI infrastructure at scale. And the scale and shared capacity of the cloud mean that it has higher (more profitable) economic utilization. Further, many organizations’ data and IT are already in the cloud, and AI applications will need to integrate with these core systems. As a result, the majority of modern AI systems will likely live in the cloud. The large potential impact of AI is driving regulation that will also apply to the cloud, and it is boosting interest in a sovereign cloud with strict controls.

The Allure of Sovereign AI Is Accelerating the Rise of Sovereign Cloud

The surge of excitement about AI has given rise to the idea that countries should have their own sovereign AI. There is no common definition of this term, but in general, sovereign AI is the broad notion that countries should have their own AI capabilities that they control. Sovereign AI initiatives often aim to reduce dependency on foreign cloud providers, promote domestic champions, expand domestic AI infrastructure, and ensure the availability of AI models that reflect local values. Sovereign AI is also motivated by national pride. These are similar to the reasons governments are pushing for sovereign clouds. Sovereign AI is also being promoted by leading AI semiconductor company Nvidia. Nvidia defines sovereign AI broadly as “a nation’s capabilities to produce artificial intelligence using its own infrastructure, data, workforce and business networks.” Yet AI systems dedicated to sovereign AI are expensive and difficult to sustain. Nvidia is helping countries build their own AI datacenters. The company expects more than $20 billion in sovereign AI revenue this fiscal year, and has announced deals with Denmark, Japan, Singapore, India, and Switzerland, among others.

▲ Figure 1: Choose Sovereign AI at the Right Layers of the Stack

Sovereign AI is a top priority, but it does not need to be tied to or require a sovereign cloud. Some governments that want sovereign AI also want to build their own sovereign clouds to train and deploy AI. However, governments can build their own national AI models, data sets, and AI expertise without spending billions of dollars to build their own sovereign cloud infrastructure. Model training and model data are the heart of sovereign AI, and they represent separate parts, or layers, of the cloud (see Figure 1). In slightly more technical terms, countries have a choice as to what layer of the tech stack they want to implement sovereign AI, as well as what layers are affordable and feasible. Countries can create their own national AI models and datasets in a commercial cloud and still control them. From a technical view, they can use strong cloud security and governance to protect their AI assets. National AI models can be trained and deployed in any location, in the cloud or on premises, without creating a sovereign cloud. For countries with the economic and technical resources to sustain AI investments, dedicated sovereign AI infrastructure may be helpful. Similarly, for those countries that lack access to AI infrastructure, sovereign AI may be appropriate. Yet, for most countries, so long as modern IT infrastructure is available, governments can focus on building their unique AI, rather than spending on costly infrastructure which is similar around the world. Simply put, sovereign AI may be built in the cloud, but it does not require a sovereign cloud.

Perhaps the strongest argument for sovereign AI is that AI models, and especially large language models, reflect the cultural and social views of their builders. Today, leading models are mostly built in the United States, China, and a few other countries including Canada, France, Germany, and the United Kingdom. AI models are heavily dependent on the data used to train them and the architectural choices made by their builders. U.S. and Western cultural and social views are often embedded in large models, especially via data from the public internet on which models are trained. Those values do not always fit easily with the culture and social values of other countries. Countries may want their own national AI, but this does not require them to build and own their own sovereign cloud infrastructure. There are widely available tools to steer model outputs, fine-tune them using a nation’s own data, and provide instructions that align models to local concerns about safety, gender, racism, politics, and other goals. This is not perfect, but it is a much less expensive way to build sovereign AI than spending billions of dollars on rapidly depreciating IT infrastructure.

Countries are building national models that reflect their culture, language, and identity. Sovereign models can (and have) been trained and deployed in the cloud and do not require a sovereign cloud. Many of these are open source and are alternatives to models developed in the United States and China. A few examples are as follows:

• Singapore’s SEA-LION model states that its “open-source Large Language Models . . . better understand Southeast Asia’s diverse contexts, languages, and cultures.” This model was launched with just a $52 million budget.

• The Falcon models are created by the United Arab Emirates’ government-supervised Technology Innovation Institute in Abu Dhabi. The Jais model focuses on Arabic languages.

• Saudi Arabia’s Data and AI Authority Arabic large language model (ALLaM) claims that most “frontier-class models are primarily trained on English and often lack a connection to localized regional cultures and norms.”

• Taiwan’s Trusted AI Dialogue Engine (TAIDE) model is backed by the country’s National Science and Technology Council. TAIDE “aims to ground itself in Taiwanese culture, incorporating unique linguistic elements, values, and customs.”

Some governments want their own national AI to surveil their population, control political dissent, enable disinformation campaigns, and enforce their approved version of the truth. For example, Chinese government policy says generative AI models must “uphold the core socialist values” and be approved by the government in advance. Companies must answer 20,000–70,000 set questions to test whether the models produce answers the Chinese government deems safe. AI models, including Chinese company DeepSeek AI’s model or Baidu’s Ernie, will not answer questions that threaten Chinese Communist Party interests, acknowledge the Tiananmen Square uprising, or address the independence of Taiwan. Some authoritarian states have interests in using generative AI to influence elections and create disinformation campaigns with their approved truths. If societies increasingly get their information through AI assistants, these then become powerful levers for censorship and control. Reportedly, one reason Taiwan created its TAIDE model was to build an alternative to bots controlled by the People’s Republic of China (PRC) and prevent dependence on PRC AI–generated information.

The Challenges of Sovereign Cloud:

Higher Costs, Fewer Services, and Less Innovation

Sovereign cloud requires governments to make policy choices. Governments are moving ahead with sovereign cloud deployments, and cloud companies are already providing sovereign cloud solutions. According to IDC, half of global organizations are either using or planning to use sovereign cloud solutions. All the major U.S. cloud providers and Nvidia have announced large sovereign cloud deals. Yet sovereign clouds may not be the preferred choice for many cloud providers. They are often smaller, semi-custom infrastructure that is more costly to build and operate. This breaks cloud providers’ scale and operational rhythm across hundreds of datacenters around the globe. Nonetheless, providers are hearing their government customers and are providing a range of sovereign options. Each of these variants have different architectural choices (and policy implications) with their own pros and cons.

Sovereign cloud requires policy choices prioritizing control, cost, complexity, number of services, and ease of innovation. This author’s previous work has shown that cloud computing is central to a nation’s economic competitiveness. Sovereign clouds come with difficult trade-offs, often favoring greater control at the expense of other national goals.

• Sovereign clouds have higher cost. Sovereign cloud infrastructure is usually smaller than major commercial cloud infrastructure and has smaller economies of scale. Sovereign clouds are also more costly and complicated to operate. The Singapore government has a smaller sovereign cloud (dedicated local zone) that it says is two-and-a-half times more expensive than its commercial cloud. Even Amazon Web Service’s large U.S. “Gov Cloud” (two regions, roughly six availability zones, many datacenters), which has operated since 2011, is typically at least 20 percent more expensive than commercial cloud regions.

• Sovereign clouds provide fewer services, less choice, delayed access to new services. Most cloud providers deploy new services to their largest markets first. Leading clouds have 200-plus service groupings. The core services are deployed everywhere, but specialized or newer services may initially (or only) be deployed in regions that have the scale to economically justify them. The much smaller Singapore sovereign cloud initially launched with only about 20 major services, though more are being added. Even in commercial clouds it can take years for smaller regions to receive new services. Missing the latest services limits what developers can build and undercuts innovation. One cloud provider advises that “while most . . . services are available in [a sovereign region], there are often limitations, missing features, and restrictions.” Politics may lead to faster deployment for sovereign clouds, but smaller sovereign regions are fighting economics.

• Hard operational boundaries between commercial and sovereign regions make sovereign clouds more complex. Workloads that span sovereign clouds and commercial regions are more complicated to operate. Sovereign clouds can have over 250 additional separate controls to manage. As one cloud provider advises: “We recommend deploying workloads that require multiple Regions to be kept within a single partition [commercial or sovereign] to reduce compliance, operational, and technical challenges.” This is a burden on government users. Sovereign clouds may also be less resilient because they are geographically concentrated and more vulnerable to disruption.

• Sovereign clouds mean less innovation and less growth. Most importantly, many sovereign clouds lack the deep, liquid pools of computational resources that support innovation and scalability. This is especially true for advanced services. The GPU chip shortage for AI workloads, for instance, is a bigger problem for smaller cloud regions.

  Additionally, sovereign clouds undercut the democratizing access of cutting-edge capabilities from startups to enterprise. Anyone can spin up a lawful cloud compute cluster. It makes the messy trial-and-error of innovation quicker and less expensive. OpenAI had only about 500 employees when ChatGPT 3.5 surprised the world, but it had access to Microsoft’s Azure AI cloud. Boom, another startup, used the cloud to design a supersonic commercial airliner from scratch. Aerospace is a challenge for startups due to barriers of scale and regulation, yet Boom tested hundreds of designs with thousands of flight simulations, using 53 million core hours in the cloud.

  Finally, sovereign clouds fragment the robust ecosystems that drive innovation. There are 100,000 partners in the cloud that can easily share data and apps from cloud marketplaces that have 2.5 million subscribers. Cloud users need their many partner companies to be in their cloud to provide full solutions. A separate, sovereign cloud optimized for control and compliance is more expensive for partners, especially smaller ones, and is unlikely to be a nexus of innovation.

Some European commercial organizations have openly opposed restrictive EU sovereign cloud requirements because of these limitations of higher cost, fewer services, and less innovation. In just one example, the German automotive industry association VDA has publicly stated that the “stringent sovereignty requirements imposed on cloud operators [via EUCS] could potentially restrict the use of leading solutions from major US hyperscalers. Since European alternatives currently do not meet the requirements of the German automotive industry, this would lead to a massive limitation in both the range and the availability of cloud services. . . . Differences in implementation by member states would result in significant efficiency losses in typically cross-border business processes.” VDA added: “Today’s highly competitive market would be artificially restricted, which would be hugely detrimental to the range of services offered and represent a retrograde step in digitization.” Requiring private companies to use a sovereign cloud typically puts them at a competitive disadvantage relative to their global peers.

The government of Singapore’s approach to sovereign cloud offers a promising example. They explicitly evaluated the trade-offs of different cloud infrastructure solutions in terms of cost, scalability, agility, resiliency, security, innovation, and transparency. They also defined the risk and sensitivity of their workloads and data. This enabled the government to assign workloads to different levels of sovereign control to achieve security goals while limiting the costs to economic growth and innovation. Public-facing, lower-risk government workloads run in the commercial cloud, and their share of total government workloads is growing. A minority share of sensitive applications run in a hyperscale cloud provider’s “local zone” that geographically resides in Singapore and is dedicated solely to the government of Singapore’s use.

Policy Recommendations to Achieve Both Prosperity and Security

Digital sovereignty centers on maximizing national control and standalone independence. It seeks to reduce potential vulnerabilities through limiting interdependence with others, often by creating barriers to outside forces. In contrast, the public cloud offers an open, rules-based technology ecosystem for democratic nations and like-minded partners. The global public cloud can increase security and prosperity well beyond self-sufficient sovereign approaches. It is also more resilient and flexible than building stand-alone national barriers. U.S. allies and partners are deciding how closely they want to participate in U.S. clouds and, more broadly, align with U.S. economic and technical systems. They are weighing access to leading-edge U.S. technology, innovation, and growth against the greater independence and control that comes with strict sovereign approaches. White House Office of Science and Technology Policy (OSTP) Director Michael Kratsios stated at the August 2025 APEC ministerial that the United States wants its allies and partners to “have the AI sovereignty, data privacy, and technical customization that you so rightly demand on behalf of your peoples. We are committed to finding a way to enable America’s private companies to meet your national technological needs.”

The more global-partner-focused Biden administration warned in its May 2024 International Cyberspace and Digital Policy Strategy that “there is an increasing willingness by some countries to embrace narratives of digital sovereignty and protectionism by blocking access to their markets, unduly preventing cross-border data flows, and preferencing domestic manufacturers and service providers.” The report continued that this has the “potential to undermine key digital economy and cybersecurity objectives,” recognizing that “cloud services and datacenters are also a source of tension with close trade partners.”

Sovereign cloud can be implemented in ways that either increase shared prosperity and security or cut against it. These are policy choices. For example, policies like SecNumCloud that block foreign cloud providers from allied countries for ill-defined sensitive workloads, including at commercial entities, risk being more counterproductive than helpful. This creates barriers, rather than pooling resources and promoting stronger common solutions. Alternatively, the U.S. Federal Risk and Authorization Management Program (FedRAMP) for sensitive unclassified government workloads enables non-U.S. companies—such as Germany’s SAP and Siemens, France’s Ipsos, and many others—to provide cloud services to the U.S. government through their wholly owned U.S. subsidiaries. FedRAMP is based on open technical rules, not on country of ownership, and is for federal government use instead of commercial uses.

This paper proposes 10 recommendations to help governments achieve their security and economic goals and buttress an open, democratic, rules-based technology system.

1. Avoid burdening purely commercial activities with the costs and innovation penalty of sovereign cloud. Limit the spread of sovereign requirements to quasi-public commercial activities (for example, airlines, postal services, and banks). Sovereign cloud burdens a country’s economy with costs and complexity, and limits innovation and job growth. Though often intended to strengthen a domestic cloud industry, broad sovereign controls undercut a nation’s economic competitiveness. Broad public use of services does not by itself require a government sovereign cloud. Sovereign cloud is already impacting commercial markets. For example, an Accenture study found that “50% of European CXOs see data sovereignty as a top issue when selecting cloud vendors.” Private sector entities should be free to assess the benefits and trade-offs of sovereign cloud and permitted to take a risk-based approach to adoption.

2. Use sovereign clouds for government services, where they appropriately match the severity and likelihood of risk, and where the political and economic benefits outweigh the costs. Sovereign requirements should be clearly defined and transparent. Many government workloads providing basic citizen services and public information can be run securely in commercial regions. For example, the government of Singapore initially ran 30 percent of government workloads in commercial regions and plans to increase workloads in commercial cloud regions. There are multiple technical and operations tools in commercial clouds that provide essentially the same security that exists in sovereign clouds, and in some cases, more resiliency. Governments should fully explore and use these security tools first, potentially obviating the need for restrictive sovereign solutions.

3. Classify government workloads and data into risk-based tiers to identify priority risks to mitigate. Establishing a rigorous, data-driven process to transparently define risks, their likelihood of occurrence, and how they can be mitigated is crucial to helping governments decide whether a workload needs to run in a sovereign cloud. It is also helpful for governments to determine which risks require priority action and how much they are willing to pay for sovereign controls. For example, the UK government moved “from approximately seven data classification levels to only three. The result of this simplification was that 96% of the government’s [data] load was classified as being [the least restrictive] ‘Official’ level.” This also improves security by allowing governments to focus resources on the most critical data and systems.

4. Build trust rather than walls—enhance cloud transparency, run cloud confidence building measures, and convene a joint G7/OECD-industry group to develop trustworthy cloud criteria. At their root, sovereign clouds are about greater trust. Governments and cloud providers should jointly set up production environments to test and verify security, operational controls, governance, and resiliency. Cloud providers understand that transparency builds trust; they should provide enhanced transparency (e.g., logs, API requests, and information on how key services handle data) to governments in ways that do not diminish security or reveal proprietary information. Governments already have dozens of national standards (e.g., FedRAMP in the United States, G5 in Germany, and G-Cloud in the United Kingdom) as well as international standards (e.g., ISO 27001, 27017, and 27018, and System and Organizational Controls (SOC reports) to audit and enforce cloud compliance, including third party validation. The G7/OECD should convene a government-industry group to jointly develop trustworthy cloud criteria, similar to the Prague Principles for telecom. Further, governments can increase trust in cloud by improving expertise through a sovereign cloud academy and sovereign cloud skill certification. Technical controls are only part of security. People and organizational processes are also critical and feature in many sovereign cloud controls. Cloud providers should tailor their training programs to meet sovereign objectives, similar to how “partner competencies” have been tailored for sovereign cloud. Training also helps government operators learn best practices and improve security.

5. Mitigate risk of disruption of the cloud by sanctions or “kill switch” risks by improving workload portability and resiliency across countries and cloud providers. Governments may decide that autarkic sovereign clouds may be necessary in limited, well-defined cases, but they are a complement to public cloud solutions rather than a viable replacement and should be part of a broader risk management approach. Furthermore, it is not clear if autarkic national clouds are even achievable. How is software updated? When do replacement parts for IT hardware run out, and is the supply chain (including semiconductors) sovereign too? How long will autarkic clouds be competitively viable with global hyperscalers? Governments can achieve nearly all their goals through hyperscaler sovereign cloud solutions. Going the last mile to protect against kill switch risk via ownership restrictions and autarkic full immunity from the laws of others imposes huge costs. Governments must decide the likelihood of potential kill switch sanctions and how much they are willing to pay for redress with slower growth, less innovation, and less competitiveness.

   Governments should start by improving portability of key workloads through architectural requirements as alternatives or complements to restrictive sovereign controls. Architectural practices, standard technologies such as Kubernetes, and open-source software enable workloads to move to other clouds or to move on-premises. Operational techniques including standard configuration templates (infrastructure as code) also enable portability. Low-cost services that back up data stores in other geographies are widely available too. Cloud providers are also offering disconnected cloud operations, which have limits but could be part of a broader approach. Further, cloud workloads can operate across multiple regions (active-active), not just moved between regions. Yet portability, resiliency, and multi-region workloads require careful planning, service selection, and architectural consistency. This requires substantial skills to execute. Cloud providers should provide tools, architectural blueprints, and other support to help government users achieve this. The EU Data Act requires cloud providers to facilitate switching among clouds; a multi-stakeholder group facilitated by the European Commission has developed data portability codes of conduct. This does not eliminate all risk of foreign dependency (which is impossible), but it is better than separate autarkic clouds for most uses.

6. Partner with cloud providers on sovereign goals so that governments do not spend tens of billions of dollars replicating largely undifferentiated IT infrastructure. Focus national economic development initiatives on higher-value services and workforce training that does a better job of driving growth, encouraging innovation, and promoting distinct cultural heritages. The five largest U.S. clouds will invest roughly $860 billion from 2023–2025, a budget that governments cannot afford. Lower-level IT does not add unique national value or promote culture. Governments can focus on higher-value efforts and national priorities (e.g., healthcare); cloud providers can build IT infrastructure. Only 25 percent of cloud spending is used on infrastructure; another 25 percent is used for platform services like databases. Half of user spending is on applications that customers actually use, rather than on the IT “plumbing.” Governments will achieve greater economic development by encouraging a robust software, AI, and digital economy that exploits a low-cost cloud with few barriers and encourages innovation and entrepreneurship. Harnessing U.S. cloud provider technology, capital, and sovereign solutions to enhance economic growth is more effective than building restrictive national or regional clouds.

7. Focus sovereign AI on building national datasets and AI models that are unique to individual countries rather than basic IT that does not reflect a nation’s heritage. Sovereign AI requires modern IT infrastructure, but it does not require a sovereign cloud. AI infrastructure for sovereign AI is typically available via access to commercial clouds. As with other sensitive workloads, there are many layers of security tools available in the cloud (encryption, identity and access controls) to protect AI datasets and model weights. There is little about IT infrastructure that is specific to national heritage, culture, or language. While there has been a shortage of AI chips in AI’s early days (a situation which is improving), spending billions of dollars on largely undifferentiated IT infrastructure is often not sustainable. Purchasing AI infrastructure locks a country into hardware and software that rapidly becomes obsolete, which can hinder a country’s AI competitiveness. Scarce public funds are better focused on nationally important data, AI models, and applications, so long as IT infrastructure is available. Achieving the benefits of AI also requires diffusing it broadly and building skills in application domains—not just buying cutting-edge IT systems.

8. Avoid country-ownership-based requirements that erect trade, investment, and political barriers to partners and splinter the cloud. France’s SecNumCloud discriminates against treaty allies and forces technology transfer to local joint ventures as a condition of market entry. Governments should focus on the ability to meet transparent technical and operational requirements. National-ownership-based rules likely violate trade agreements (such as government procurement and trade in services) and feed distrust. They erect barriers to foreign partners and allies rather than enable joint efforts. They are also counterproductive to achieving their own goals, and they reduce security in practice by limiting access to global cybersecurity resources (e.g., threat data), hindering incident response (e.g., testing and patching), and creating obstacles to information sharing. Further, these measures often leave government users saddled with second-class services or stranded “white elephant” investments that hinder their economic goals and economic competitiveness.

9. The U.S. government and U.S. cloud providers need to show other countries that their economic development goals are better achieved in partnership with the United States rather than by exclusion. U.S. industry has a strong record of creating research and development, investment, and jobs around the world, localizing technology to national markets, and building local tech economies. This stands in contrast to China’s record. One recent example of the United States supporting other’s economies is France’s leading AI company, Mistral, which is led by French ex-employees of Google and Facebook. AWS, for its part, says, “We’ve driven economic development through our investment in infrastructure, jobs, and skills . . . across Europe.” Since 2010, Amazon has invested more than €320 billion in the European Union and currently employs more than 150,000 people in permanent roles there. Google, IBM, Microsoft, Oracle, and others have similar sustained commitments. These efforts stand in contrast to Europe’s more bureaucratic Gaia-X cloud promotion effort. More extreme proposals, such as EuroStack, that seek to create a fully independent tech stack and supply chain are widely seen as unworkable. The European Union (and many countries) has set ambitious technology goals in its “digital decade.” The EU Draghi report calls out many of the challenges of regulatory-driven approaches. EU countries are more likely to achieve their goals by partnering with U.S. cloud providers and tapping into their capital, technology, and skills. The U.S. government would be well served by continuing its technical cooperation programs (e.g., the National Science Foundation and Department of Energy), as well as U.S. university research exchanges and U.S. economic development programs (e.g., the Development Finance Corporation and the Export-Import Bank) with partners and allies. For example, these can be inputs into the “AI export packages” the Trump administration is developing, including what OSTP Director Kratsios identifies as “direct loans, loan guarantees, equity investments, co-financing, political risk insurance, credit guarantees, technical assistance, and feasibility studies.”

10. Accelerate government-to-government negotiations to address underlying policy concerns that give rise to sovereign clouds, especially concerns about data sovereignty and economic sanctions. Ultimately, political negotiations are needed to address political concerns. A new U.S.-EU Technology Initiative should prioritize and accelerate agreements. In Asia, APEC can provide similar mechanisms. For example, discriminatory actions against U.S. cloud providers could be dropped in exchange for U.S. agreement to safeguard ally and partner access to U.S. technology from sanctions. This could be coupled with recent hyperscaler commitments to sovereign controls, local source code repositories, pre-positioned continuity agreements with local cloud providers, binding contracts, and local governance.

A U.S.-EU electronic evidence agreement (begun in the first Trump administration) would also help address EU data sovereignty concerns. The devil is in the details, but mutual defense treaty allies and rule of law democracies should be able to address each other’s data requirements. The 2022 OECD Declaration on Government Access to Personal Data held by Private Sector Entities is a good starting point for building common data approaches that address necessity, proportionality, transparency, oversight, and redress. A shared agreement on “what is a trusted cloud” criteria (in recommendation four above) would also help guide policy. The United States and other governments should pursue enhanced cybersecurity exchanges that can build trust in the cloud and in government data access. These mechanisms would generate confidence in foreign-owned clouds and minimize the need for costly and divisive sovereign controls. More broadly, government pursuit of sovereign clouds occurs within a given country’s political, economic, and security relationships. Governments need to prioritize building shared security and prosperity with their allies and partners. Letting differences divide and weaken democracies only serves to strengthen their adversaries.

Sovereign clouds can be implemented in ways that increase prosperity and security, not reduce it. They can support mutually beneficial relationships in trade, investment, and security. The actions above can help nations enjoy the benefits of cloud computing and the AI revolution.

This is a choice and countries must act.

Bill Whyman is a leading expert on the technology sector and is the Founder of Tech Dynamics LLC. He is known for market-tested expertise on the changing technology industry, competition, technology policy, and business model change. He brings a distinctive perspective combining industry experience (Amazon Web Services, McKinsey), financial markets (Evercore ISI, Legg Mason), and government policy (White House). Whyman was director for international economics at the White House National Security Council and National Economic Council. He also served at the State Department, including assignments at the White House Office of Science and Technology Policy and the Office of the U.S. Trade Representative.