Executive Summary

Germany and Europe are investing billions in sovereign cloud infrastructures to gain independence from US American hyperscalers. AWS announced 7.8 billion euros for the European Sovereign Cloud; Google opened a Sovereign Cloud Hub in Munich; Oracle employs over 1,500 EU citizens for its EU Sovereign Cloud. The public sector is driving this transformation – particularly through the digitalization of German administration via Delos Cloud, Microsoft, and Arvato Systems. Domestic providers such as IONOS and StackIT are profiting massively from the market trend. By 2032, the global sovereign cloud market is estimated to exceed 480 billion dollars.

People

  • Delos Cloud (SAP subsidiary; cloud provider)
  • Oracle (tech corporation; EU Sovereign Cloud)
  • AWS (Amazon Web Services; European Sovereign Cloud)

Topics

  • Data sovereignty and digital independence
  • Public-private partnership models
  • Sovereign-by-design architectures
  • EU regulation (EU Data Act, EU AI Act)
  • Artificial intelligence in sovereign clouds

Clarus Lead

The shift toward data sovereignty is not merely a security issue, but a geopolitical power relationship: The US Cloud Act permits US authorities data access regardless of storage location – this legal uncertainty forces 50 percent of German companies to realign their cloud strategies. With the EU Data Act (September 2025) and the EU AI Act (August 2024), sovereignty becomes a binding compliance requirement, not an optional differentiator. This creates a structural competitive advantage for European providers – and forces global corporations to fundamentally adapt their business models.

Detailed Summary

The investment wave rests on three strategic pillars. First: Global hyperscalers are adapting their infrastructure. AWS secures an investment volume of 7.8 billion euros through 2040 for the Brandenburg-based European Sovereign Cloud with projected 17.2 billion euros GDP contribution and 2,800 full-time positions. Google moved into its first Sovereign Cloud Hub in Munich in November 2025 and signed a strategic partnership with the Federal Office for Information Security (BSI) in August 2025 for an air-gapped version of Distributed Cloud for use by the German Armed Forces. Oracle has operated the EU Sovereign Cloud from Frankfurt and Madrid since mid-2023 with over 1,500 EU employees; in November 2024, the corporation expanded its offering to SaaS applications for regulated industries such as financial services and healthcare.

Second: The public sector as transformation driver. In September 2024, Delos Cloud (SAP subsidiary), Microsoft, and Arvato Systems signed final contracts for the digitalization of German administration. The model provides that Delos Cloud serves as the legal provider, while Arvato Systems operates the platform using Microsoft technology. All data processing takes place in Germany; personnel undergo national security clearance checks. SAP announced additionally in September 2025 "SAP Sovereign Cloud On-Site" – customers can operate infrastructure in their own data centers while simultaneously gaining access to the global SAP innovation cycle. The company is allocating over 20 billion euros for European digital resilience.

Third: Demand dynamics and technical complexity. The Bitkom Cloud Report 2025 shows that 82 percent of German firms demand domestic or European cloud alternatives to hyperscalers; 50 percent are reconsidering their entire cloud strategy due to US laws. IONOS reported 29 percent revenue growth in the public cloud sector in March 2025 driven by sovereignty demand. The segment of technical sovereignty (hardware and software control) is growing faster than pure data sovereignty, as companies wish to avoid vendor lock-in. AI integration further intensifies requirements: Oracle expanded its GPU capacities and integrated large language models into the Sovereign Cloud; German providers are deploying multimodal AI platforms in legally protected jurisdictions.

Core Statements

  • Geopolitical Shift: The US Cloud Act creates structural demand for European data sovereignty – not as a niche, but as a compliance imperative.
  • Global Hyperscalers Adapt: AWS, Google, Oracle are investing billions in European sovereign cloud infrastructures; vendor diversification becomes a standard requirement.
  • Public Sector as Catalyst: The digitalization of German administration via Delos Cloud/Arvato/Microsoft will become the reference model for the private sector.
  • Technical Sovereignty Gains Weight: Hardware and software control become more important than pure data sovereignty; AI integration complicates requirements.
  • Market Forecast: 480+ billion dollar sovereign cloud market by 2032; sovereignty becomes standard by 2030, not a differentiator.

Critical Questions

  1. Evidence/Data Quality: The Bitkom Cloud Report 2025 cites 82 percent desire for European providers – is this statement based on representative survey, and how was "desire" operationalized (willingness to pay vs. mere preference statement)?

  2. Conflicts of Interest: SAP, IONOS, and StackIT directly benefit from sovereignty requirements – to what extent does this economic dependence shape public debate over necessary security standards?

  3. Causality: Is demand for sovereignty primarily driven by legitimate security risks (US Cloud Act) or regulatory requirements (EU Data Act, EU AI Act), and can these two factors be causally separated?

  4. Feasibility/Vendor Lock-In: While companies avoid vendor lock-in to US hyperscalers, new lock-in risks emerge with European providers (e.g., SAP, Oracle EU Cloud) – what interoperability mechanisms prevent this cycle?

  5. Security Assumptions: "Air-gapped" systems for the German Armed Forces isolate AI platforms from the public network – does this also reduce functionality and innovation capability, or do new security gaps emerge through offline training?

  6. Cost Comparison: AWS invests 7.8 billion euros through 2040; how does this infrastructure compete on price and functionality with decentralized, smaller EU providers that cannot make comparable investments?

  7. Regulatory Coherence: EU Data Act (September 2025) and EU AI Act (August 2024) mandate data portability and interoperability – do these objectives not contradict the sovereignty concept of isolated, non-portable infrastructure?

  8. Scaling Hurdles: 50 percent of companies are reconsidering their cloud strategy – how many have already switched to European providers, and where do implementation barriers lie (costs, functionality gaps, migration risk)?

References

Primary Source: Deutsche Cloud-Revolution: Milliarden für digitale Souveränität – Börse Express

Verification Status: ✓ 2025

This text was created with the support of an AI model. Editorial Responsibility: clarus.news | Fact-Check: 2025