Mid-Market Companies Seek Independence from US Cloud Providers

Executive Summary

The Iran conflict and geopolitical tensions are intensifying the debate about data security in US-American cloud services. German mid-market companies are seeking alternatives to major tech corporations to maintain their digital sovereignty. The 2018 Cloud Act and current US trade policy are raising awareness of risks associated with outsourcing sensitive business data abroad.

People

• Martin Kaloudis (Board Member, Bechtle)

Topics

• Cloud Computing & Data Security
• Digital Sovereignty
• Geopolitical Risks in IT
• US Trade Policy

Clarus Lead

German mid-market companies are increasingly reviewing their dependence on US cloud providers such as AWS. The triggers are military conflicts in the Middle East and fears of political misuse of data access. The 2018 Cloud Act legally enables US authorities to access corporate data in American data centers – even if companies are headquartered in Europe. Under Trump's second term, fears are growing that the US could use tech dominance as a weapon in the trade war.

Detailed Summary

The geopolitical situation is exacerbating a persistent problem: approximately 1,800 German companies are active in the Iran conflict zone while simultaneously using cloud services from American corporations. A drone attack on an AWS data center in the United Arab Emirates has revealed the vulnerability of this infrastructure. Martin Kaloudis from Bechtle, one of the leading IT service providers in the German-speaking region, observes that companies are reassessing the security question.

The roots of this mistrust run deep: The Cloud Act (2018) created a legal framework for US government access to data in US data centers, independent of the location of the data or the affected companies. With Trump's return to the White House, concerns are growing that American tech corporations could be instrumentalized as tools of US trade policy – potentially through data blockades against German or European firms.

Key Findings

• Geopolitical Catalysts: Armed conflicts in strategically important regions highlight the physical risks of cloud-based infrastructure.
• Legal Uncertainty: The US Cloud Act allows government access to corporate data stored in American data centers.
• Political Instrumentalization: Growing fear that cloud access could be misused as leverage in geopolitical conflicts.
• Limited Alternatives: German and European cloud alternatives exist but are less powerful or more expensive than US providers.

Critical Questions

1. Evidence: What documented cases exist where US authorities have actually accessed European corporate data, and how frequently does this occur?

2. Data Quality: How reliable are the figures regarding 1,800 German companies operating in the Iran conflict zone – are these based on surveys, registry data, or estimates?

3. Conflicts of Interest: Does Bechtle, as an IT service provider, have financial incentives to promote European cloud alternatives, and have these conflicts been disclosed?

4. Causality: How direct is the connection between the attack on the AWS data center and the security of customer data – was it actually compromised or merely damaged?

5. Alternatives: What European or German cloud solutions are actually available, and why are these not mentioned in the article?

6. Implementation Risks: What costs and migration risks arise for mid-market companies when switching from established US providers to alternatives?

7. Regulatory Framework: Are there current EU regulations (e.g., Gaia-X, Digital Sovereignty Act) that address or could reduce this dependence?

Sources

Primary Source: Mid-Market: How Mid-Market Companies Are Becoming More Independent from US Clouds – Handelsblatt, 18.03.2026

Verification Status: ✓ 18.03.2026

This text was created with the support of an AI model. Editorial Responsibility: clarus.news | Fact-Check: 18.03.2026