Enterprises are being sold a version of cloud that is allegedly independent, but the deeper you look, the more you find layers of dependency that never went away. Some are technical. Some are contractual. Some are geopolitical. All of them matter.
The full-stack problem
The central issue is brutally simple: Very few nations can produce and sustain the entire cloud stack. To build a genuinely sovereign cloud, a country or provider needs far more than data center space and a security certification. It needs processors, systems software, networking, orchestration, management tools, developer ecosystems, and operational maturity to run it all at scale. That’s the bare minimum. In practical terms, only two countries sit anywhere close to that level of end-to-end independence: the United States and China.
This is uncomfortable yet true, especially in Europe, where digital sovereignty has become a policy objective. Most regional providers rely on imported hardware, imported software, or foreign-owned cloud control planes. Even when the branding is local, the technical DNA often is not. What is presented as sovereign is often a bundle of mitigations around someone else’s platform.
This is why simply rebadging hyperscaler infrastructure does not solve the problem. If an American cloud company offers a specialized local region, a dedicated instance, or an on-premises variant, the sovereignty question merely becomes less visible. The ownership structure, legal exposure, and operational dependency remain what they are. Some of these offerings still rely on external management connections and centralized control functions, meaning they effectively “phone home.” That may be acceptable from a service-management perspective, but it weakens the claim that the environment is fully independent.
