General

Sovereignty Washing – When ‘Sovereign Cloud’ Isn’t Really Sovereign

10. Nov 2025

In recent months, the word sovereignty has appeared everywhere in the tech world. From ‘sovereign clouds’ to ‘sovereign AI’, every vendor seems to offer something that sounds compliant, secure, and independent. But as with greenwashing or AI washing, we’re starting to see a new phenomenon emerge – sovereignty washing.

What is Sovereignty Washing?

Sovereignty washing happens when companies market their products as sovereign without truly giving users control, autonomy, or independence.
Often, this means a provider hosts data in a local data center, adds a ‘.eu’ to their cloud name, and declares victory. But real digital sovereignty is much more than a ZIP code.

Sovereignty Is Not Just About Data Location

Yes, where your data resides matters. But even more important is who controls the infrastructure, software stack, and decision-making.

If the control plane, billing systems, or support teams still depend on a non-European parent company, then even a ‘local’ cloud can be forced to comply with foreign jurisdiction – whether through the CLOUD Act, extraterritorial export rules, or simply commercial lock-in.

In other words – sovereignty means the ability to make your own decisions, not just store your data in your preferred country or location.

Lessons from Industry – The Nexperia and Microsoft Cases

The recent story around Nexperia, a Dutch chipmaker owned by a Chinese company, and the German automotive industry’s current dependency on critical semiconductor supply already leading to short-time work and production stoppages, shows how strategic autonomy isn’t just a political slogan – it’s a business necessity.

When an entire sector relies on a single supplier, it loses bargaining power, flexibility, and resilience. The same applies to software and cloud platforms:
If your critical systems only run on one hyperscaler, you are not sovereign – no matter how many ‘sovereign’ labels appear on your dashboard.

A recent case involving Microsoft underlines this risk on a global scale. The company blocked access to Outlook email accounts of employees at the International Criminal Court in The Hague, following U.S. sanctions compliance rules. The decision, reported by Heise Online, serves as a wake-up call for digital sovereignty in Europe – showing that control over essential communication infrastructure can be limited by non-European legal frameworks.

How to Spot Sovereignty Washing

So how can you tell if a vendor’s sovereignty claim holds up? Here are some questions worth asking:

  • Control: Who operates the platform and has access to the control plane?
  • Legal independence: Is the provider fully governed under EU or Swiss law, or are there foreign parent companies involved?
  • Open standards: Can I move my workloads to another provider without rewriting everything?
  • Transparency: Is the software stack open source or verifiable, or locked behind proprietary APIs?
  • Interoperability: Does the solution integrate with other vendors and clouds, or create another walled garden?

If the answer to most of these questions is ‘no’, chances are you’re looking at sovereignty washing.

Recent analyses like DNIP Briefing #48 – Dokumentierte Überwachung describe this problem vividly. The section “Cloud ohne Souveränität” points out how cloud providers without full jurisdictional control expose users to surveillance and dependency risks – demonstrating that technical sovereignty is meaningless without legal and operational sovereignty to match.

Why True Sovereignty Matters

For governments, public institutions, and regulated industries, true digital sovereignty is about long-term independence, not short-term convenience.
It ensures continuity, resilience, and the freedom to innovate without being tied to one vendor’s roadmap.

At VSHN, we see sovereignty not as isolation, but as collaboration across open ecosystems – where European cloud providers, software vendors, and enterprises work together on open standards and interoperable solutions.

That’s the vision behind Servala – the Sovereign App Store, connecting vendors and providers and ensuring services can run on any cloud or on-premise, without lock-in.

Because real sovereignty means – choice, transparency, and trust.

📬 Curious to see how sovereignty works in practice?
Join us at the Servala Ecosystem Day on December 1st in Zurich and help shape the future of open, sovereign cloud services.

📖 Want to dive deeper?
Check out the Sovereignty Washing White Paper by ZenDis for deeper insights into what makes true sovereignty.

Markus Speth

Marketing, Communications, People

Latest news

  • General

Sovereignty Washing – When ‘Sovereign Cloud’ Isn’t Really Sovereign

Read more
  • General

Crossplane is now a Graduated CNCF project

Read more
  • Events
  • General

VSHN @ Smart Country Convention 2025 – Recap from Berlin

Read more
  • OpenShift
  • Press

Security Update: Red Hat Consulting GitLab Incident

Read more
  • General
  • Tech

How we used Crossplane for the things we should not have

Read more
  • VSHN.timer

VSHN.timer #262: Helm, Hacks, and Quantum Kubernetes: 5 reads you shouldn’t miss

Read more
  • Events
  • General

VSHN @ Smart Country Convention 2025 in Berlin

Read more
  • Events
  • General
  • Servala

Swiss Cloud Native Day 2025 – A New Peak of Innovation & Community on Mount Gurten

Read more
  • General
  • Internal

Hi Mike!

Read more

Contact us

Our team of experts is available for you. In case of emergency also 24/7.

Contact us