While in 2022 we still had hope that the global jungle of laws would somehow clear up, today we must acknowledge: The geopolitical weather has become significantly stormier. Sovereignty is no longer a luxury, but the lifeline for your data. In a world where intergovernmental agreements waver faster than a house of cards, the question arises: Who can you actually trust anymore?

You probably remember our previous parts (especially Part 1 and Part 2), in which we talked about the pitfalls of local data centers and the extraterritorial hunger of laws such as the Cloud Act. Today, we need to have this discussion under a new, sharper buzzword: Sovereignty.

Why is the post-war order history?

As Canadian Prime Minister Mark Carney made emphatically clear at the WEF in Davos in January 2026, we are currently experiencing the end of a «pleasant fiction». The rules-based international order is increasingly being exposed as a «sham» in which major powers only abide by the rules as long as it suits them.

Today, economic policy instruments, supply chains and financial infrastructures are increasingly being used as weapons of blackmail and coercion.

The topics of AI, Microsoft and the hyperscalers are still firmly in US hands. As was made emphatically clear at the WEF, the old reliability of intergovernmental deals has become fragile. Hand on heart: do you really believe that a contract will protect you when everything is at stake in the fierce competition for supremacy in artificial intelligence?

Self-protection or blackmail: Where is your pain threshold?

For government agencies, the topic of sovereignty has become almost absolute. It's a choice between genuine self-control and potential blackmail and political suicide in the face of outraged citizens at home. But for you as an internationally active company, the air is also getting thinner. Market-conforming conditions? Often wishful thinking. Nevertheless, one or another market will attract you with its appeal. However, a residual risk of legal uncertainty, costs, and reputational damage remains, which you cannot simply «laugh off.» Contracts with US cloud giants have always been a bit like buildings built on sand, offering little reliable foundation against cybercriminals or geopolitical power plays.

The path to more sovereignty

In order to avoid being crushed between the fronts of the major powers, you have four main options - whether state or private sector:

1. Narrow down data: Only store information in internal locations. Pay attention to files in cloud storage, mail in M365 and data in applications on Microsoft, Google, AWS or other providers. This is consistent, but often puts the brakes on agility.
2. Superior solutions: Only store information on systems that are subject to local law.
3. Encrypt data The «discipline of kings.» Information is stored encrypted only. You keep the keys – and thus the power – firmly in your hand and manage them yourself.
4. Trust the situation: Congratulations on your unshakeable optimism! But be careful: the air in this comfort zone is getting thinner by the day.

The unpleasant reality of capacities

We have to be honest: when we look at the current offering, a broad sovereign solution in Europe is not yet available with the necessary capacity or functionality. While European providers are growing, they still only hold around 13–15 % of the market together, while US hyperscalers continue to dominate about 70–80 %. Analysts predict for 2026 that no European company will be able to completely turn away from these giants. A new trust zone is possibly forming in Europe, together with Canada. Until this can provide significant capacity, it requires political unity, a determined market, and time.

So what to do? In the current situation, a hybrid setup is the only insurance policy that enables a rapid response to future changes in direction.

How are you building your digital future?

At e3, we rely on precise technical instruments to close this sovereignty gap:

• Narrow down data:
  • DLP (Data Loss Prevention): To fence off your data, you need your own or regulatory local solution / storage
  • DSPM (Data Security Posture Management): So that you always know where your data is currently located.
• Encryption: So that your data remains worthless noise for unauthorized persons, both as a file and in the data record. IRM (Information Rights Management) for the encryption of unstructured data and CDPG (Cloud Data Protection Gateways) for the encryption of structured data.
• Sovereign solution: Use LOC (Local Cloud Provider) and RCS (Regional Cloud Services), which are only subject to local laws.
• Trust in the situation: International treaties that take both jurisdictions into account. This is currently inconceivable between Europe, the USA and China

e3 has been building containment solutions since 2010 and encryption systems since 2015 that deliver what they promise. As a profound expert in the challenges, approaches and various manufacturers, we can build holistic and sustainable solutions for our customers.

Do you have the feeling that your current cloud strategy is still based too much on the principle of hope? Talk to us!