Data sovereignty: why European companies keep AI in-house

For most of the last decade, the question of where corporate data physically resided was considered an IT concern, settled by whichever cloud tier offered the best price-performance ratio. That framing is changing rapidly. A wave of regulatory pressure, geopolitical friction, and high-profile enforcement actions has moved data residency — and the related concept of data sovereignty — to the agenda of risk committees and, increasingly, boards of directors. Nowhere is this shift more pronounced than in Europe, and nowhere is it more consequential than in decisions about artificial intelligence infrastructure.

What data sovereignty actually means

Data sovereignty is the principle that data is subject to the laws and governance frameworks of the nation or jurisdiction where it is collected or processed. It is distinct from — though related to — data residency, which simply describes where data is stored. A dataset can reside on servers in Frankfurt while remaining legally accessible to a foreign government under extraterritorial legislation. True sovereignty requires both physical location and legal control: the organisation holding the data must be the only entity capable of granting access to it.

Extraterritorial laws and the transatlantic fault line

The tension that concentrates European minds most sharply is the conflict between EU data protection law and US extraterritorial statutes. The CLOUD Act, enacted in 2018, allows US law enforcement to compel US-headquartered providers — including their foreign subsidiaries and cloud regions — to produce data regardless of where it is stored. Similar provisions exist in the legal frameworks of several other major jurisdictions. The consequence is stark: a European company that processes sensitive data on infrastructure operated by a US-parent cloud provider may have no legal guarantee that its data cannot be accessed by a foreign authority without its knowledge or consent.

Storing data in a European region of a US hyperscaler does not make that data sovereign. It makes it geographically close but legally exposed.

Sector pressure: finance, health, and the public sector

While the issue affects all industries, three sectors face particularly acute pressure. Financial institutions operating under DORA (the Digital Operational Resilience Act) must demonstrate that third-party ICT providers, including cloud platforms, meet stringent concentration and access-risk standards — an obligation that is difficult to satisfy when the provider is subject to foreign law. Healthcare organisations handling patient records under national implementations of eHealth directives face similar constraints, compounded by sector-specific sensitivity. Public-sector bodies and defence-adjacent contractors in several member states are now explicitly prohibited from processing certain categories of data on non-EU-controlled infrastructure.

• Finance: DORA concentration risk and ICT third-party oversight requirements.
• Healthcare: patient data localisation obligations under national eHealth and GDPR provisions.
• Public sector: national security classifications that prohibit foreign-controlled cloud for sensitive workloads.
• Legal and professional services: attorney-client privilege and professional secrecy rules that vary by jurisdiction.
• Critical infrastructure: NIS2 Directive obligations for operators of essential services.

How on-premise and EU-hosted private AI delivers sovereignty

The cleanest architectural response to sovereignty concerns is to run AI inference and training on infrastructure that is both physically located in the EU and operated by an entity that is not subject to extraterritorial foreign law. On-premise deployment — where the model runs on servers inside the organisation’s own data centre or colocation facility — eliminates the third-party access vector entirely. No API call leaves the building. No query is logged by an external provider. No model update requires sending data upstream. Privonis deploys open-weight models on client hardware and configures the full inference stack — from GPU drivers to the application API — so that the client operates a sovereign AI system, not a subscription to one.

A practical sovereignty checklist

Before signing off on any AI deployment, European organisations should be able to answer yes to each of the following questions. If any answer is uncertain, the architecture deserves a second look.

• Is every component of the AI stack — model, inference engine, data pipeline — running on hardware you control or that is operated exclusively by an EU-incorporated, EU-law-subject entity?
• Can you provide your data protection authority with a complete record of where each data category is processed and by whom?
• Is the model vendor subject to any foreign legislation that could compel disclosure of your queries or outputs?
• Do you hold a local copy of the model weights, or are you dependent on a provider API that could be discontinued or repriced?
• Has your legal team reviewed the terms of service of every component in the stack for data-use and training clauses?
• Can you demonstrate, through technical controls rather than contractual promises, that no query data is transmitted outside your jurisdiction?

Data sovereignty is not a compliance checkbox to be ticked once. It is an ongoing architectural discipline. As AI becomes embedded in core business processes — document analysis, customer interaction, decision support — the sovereignty of the AI layer becomes inseparable from the sovereignty of the underlying data. Privonis exists to make that discipline practical for European organisations: the right open models, running on the right infrastructure, under full client control.