SovereigntyJune 20268 min read
Sovereign AI: what it actually means, and when it matters
Sovereign AI sells well and is defined badly. Let me put something concrete behind the word: where your data lives, under which jurisdiction, who can access it, and when it actually starts to matter.
Sovereign AI has become a sales argument. It gets stamped on offers that are not sovereign in any real sense, and withheld from projects that genuinely need it. My goal here is not to sell you sovereignty, nor to talk you out of it. It is to put something concrete behind the word, so you know when it matters, at what price, and when you are paying a tax for a risk you do not have.
A word that sells, a substance you can check
The word promises a feeling: control, ownership, the sense that your data does not travel anywhere. A feeling sells well. The problem is that a feeling cannot be verified. Sovereignty can. It is not a label you buy, it is a set of properties you can point to on an architecture. Until the word is translated into technical questions, you are talking about marketing, not sovereignty.
The three concrete questions
- Where? In which country, physically, does the model that processes your data run, and the storage that holds it. Not the provider's headquarters: the servers.
- Under which jurisdiction? Which law applies to the company operating those servers. Data stored in Europe can still fall under a foreign law if the operator itself is subject to it.
- Who can access it? Who, technically and legally, can read your data: the provider for support, a subcontractor, a foreign authority under a legal order. And what the contract says about retention and training.
EU cloud, on-premise, private open-source model: the spectrum
- A closed provider's API (the top models on the market): the highest quality, but your data transits through the provider, under its jurisdiction.
- A European-region cloud: your data is stored in the EU, which settles the where. You still have to check which law the operator falls under, because a host can be European by its servers and foreign by its parent company.
- On-premise or a private open-source model (Llama, Mistral and the like) running on your own infrastructure or a sovereign cloud: the strongest sovereignty, at the cost of model quality that is often a step behind, and an operational burden that comes back to you.
What a closed provider's API implies
When you call a closed provider's API, your data leaves your walls, full stop. The good options exist and I always turn them on: no training on your data, zero retention, a contractual processing commitment. For the large majority of use cases, that is enough and reasonable. But it has to be said plainly: 'hosted in Europe' only answers the where. If the operator falls under a foreign jurisdiction, some laws can compel it to hand over data even when that data is stored in the EU. This is not a fantasy, it is law. So the question is not 'is it in Europe' but 'who can be compelled to access it'. The choice between cloud and hosting in-house is decided exactly there.
When sovereignty is a real constraint, when it is comfort
- Real constraint: health data (certified hosting, HDS in France), the public sector and classified data, the professional secrecy of lawyers and notaries, strategic trade secrets. There, location and jurisdiction are not a comfort, they are obligations or major risks.
- Comfort: internal document search over non-sensitive content, marketing copy generation, analysis of already public data. Useful, but nothing that justifies cutting yourself off from the best model.
The trap is to treat sovereignty as a value to maximise everywhere. It is expensive, and it often deprives you of the best tools, to cover a risk that on many of your use cases simply does not exist. The regulatory frame helps you decide: the EU AI Act and GDPR define categories of risk and data that tell you where the constraint is real. Start by classifying, not by locking everything down.
Sovereignty is not a virtue to maximise. It is a constraint to calibrate against the real sensitivity of your data.
The cost and trade-offs of on-premise
- Infrastructure: GPUs, bought or reserved, that are expensive and have to be sized.
- Skills: someone has to maintain the model, update it, handle incidents. It does not run itself.
- The quality ceiling: the best open models are improving fast, but they are often still below the leading closed models on complex tasks.
- Availability: by bringing it in-house, you become responsible again for the service staying up under load. Reliability in production is no longer the provider's problem, it is yours.
I am not saying it is a bad choice. I am saying that 'sovereign' does not mean 'free'. The quality gap between open and closed models has narrowed a lot, and for a large number of tasks a private model does the job comfortably. But before re-hosting everything, you have to put numbers on it: what it costs, what it buys you in reduced risk, and on which use cases it is justified. That is exactly what an audit is for.
The role of the sovereign MCP server
Sovereignty is not decided at the model level alone. It is also decided at the connection between the AI and your tools. That is where the MCP server comes in, the standard that plugs AI into your CRM, your support desk or your ERP. MCP is now a neutral standard, adopted by Anthropic, OpenAI, Google and Microsoft, and handed to the Linux Foundation in late 2025: it is stable and usable. By hosting that MCP server yourself, you keep the access layer to your tools entirely inside your walls. You can then pair a private or European model with a sovereign MCP server, and nothing leaks through the integrations door.
A realistic path without re-hosting everything
- Map your data by sensitivity: most companies discover that the sensitive part is a small fraction of the whole.
- Route by sensitivity: the sensitive workloads to a private or European model paired with a self-hosted MCP server, the rest to the best available model.
- Fence off what goes through a closed API: zero retention, no training, a contractual commitment. That covers the vast majority of cases.
- Measure before you switch, and talk it through with me if you want to frame where sovereignty is a real constraint for you, and where it is comfort that is costing you.