The global cloud infrastructure market hit $270 billion in annual spend in 2025, with AWS, Microsoft Azure, and Google Cloud Platform controlling roughly 67% of that market between them. The remaining third is fragmented across regional providers, sovereign initiatives, and specialized platforms – each claiming some version of “data protection” that, on closer inspection, protects the provider’s business model more than it protects the user’s data.
Sovereign cloud emerged as a direct political response to American hyperscaler dominance. The European Union’s Gaia-X initiative, France’s push behind OVHcloud and Scaleway, Germany’s Bundescloud, and similar efforts in India, Brazil, and the Middle East all share a thesis: jurisdiction determines privacy. If data stays within national borders, processed by nationally regulated entities, sovereignty is achieved.
This thesis is wrong. Or rather, it is incomplete in a way that renders it functionally irrelevant for individuals and organizations whose threat model extends beyond regulatory compliance theater.
The debate between public cloud and sovereign cloud is a debate between two flavors of institutional trust. Neither eliminates the fundamental problem: your data, in plaintext, exists on someone else’s machine. The three paradigms of cloud computing framework exposes this gap. Both public and sovereign clouds belong to the same paradigm – provider-trusted infrastructure. The third paradigm, Stealth Cloud, eliminates the trust requirement entirely.
Feature Comparison
| Criteria | Public Cloud (AWS/Azure/GCP) | Sovereign Cloud (Gaia-X/OVH/National) | Stealth Cloud |
|---|---|---|---|
| Data Residency | Multi-region, provider-controlled | Single jurisdiction, legally enforced | Irrelevant – data encrypted client-side; location is moot |
| Encryption at Rest | Provider-managed keys (default) | Provider-managed keys, local jurisdiction | Client-managed keys only; provider has zero access |
| Encryption in Transit | TLS 1.2/1.3 (provider terminates) | TLS 1.2/1.3 (provider terminates) | End-to-end; provider never sees plaintext |
| Encryption in Use | Limited (Nitro Enclaves, Confidential VMs) | Rare, early-stage | Default – ephemeral infrastructure processes encrypted payloads |
| Compliance Model | SOC 2, ISO 27001, HIPAA, FedRAMP | GDPR-centric, national certifications | Compliance through architecture, not certification |
| Vendor Lock-in | High (proprietary services, egress fees) | Moderate (open standards goal, local alternatives) | Minimal – edge-native, protocol-based, no proprietary dependencies |
| Scalability | Virtually unlimited | Constrained by national infrastructure | Edge-distributed, scales at CDN layer |
| Cost Model | Pay-per-use, complex pricing, egress penalties | Premium over public cloud (15-40% typical) | Usage-based, no egress fees, no hidden costs |
| Privacy Guarantee | Contractual (DPA, BAA) | Legal (national law + contract) | Mathematical (cryptographic shredding, zero-knowledge proofs) |
| Metadata Protection | None – full telemetry collected | Minimal – reduced but present | Full – metadata stripped at edge before processing |
| Government Access | Subject to CLOUD Act, FISA 702, national security letters | Subject to national law (varies by jurisdiction) | Architecturally impossible – nothing to subpoena |
| Open Source Status | Proprietary core, some OSS tooling | Gaia-X specs open; implementations vary | Open protocol specification, auditable components |
Deep Analysis
The Public Cloud Trust Model
AWS alone operates 33 availability zones across 13 regions, with infrastructure spanning every inhabited continent. The scale is staggering, and the economic advantages are real: Amazon’s capital expenditure on data centers exceeded $50 billion in 2024, a number no sovereign initiative can approach. This investment translates into genuine technical capabilities – sub-millisecond inter-service latency, five-nines availability SLAs, and a breadth of managed services that compress years of engineering effort into API calls.
But the trust model is binary. You trust Amazon with your plaintext data, or you do not use AWS. Yes, AWS KMS exists. Yes, you can bring your own keys. But AWS still manages the key management infrastructure, and the encryption/decryption happens on AWS hardware, in AWS memory space, governed by AWS access controls. The envelope encryption model means AWS holds the master key to your master key. This is not a conspiracy theory – it is documented architecture.
The CLOUD Act of 2018 formalized what was already practice: US-based cloud providers must produce data in response to lawful government requests regardless of where that data is physically stored. A European company storing data in AWS eu-west-1 (Ireland) is still subject to US government access through the provider. Microsoft challenged this in United States v. Microsoft Corp., but the CLOUD Act mooted the case before SCOTUS could rule, replacing judicial protection with legislative authority.
For most enterprises, this is an acceptable trade-off. The probability of a government data request affecting any specific customer is low, and the operational benefits of hyperscale cloud are enormous. But “low probability” is not “zero probability,” and for users whose threat model includes state-level adversaries, public cloud is architecturally incompatible with privacy.
The Sovereign Cloud Counter-Thesis
Sovereign cloud proponents argue that jurisdiction is the missing variable. If the provider is a French company, operating French data centers, subject to French law, then French legal protections apply and US extraterritorial reach is severed. The Gaia-X initiative, launched in 2019 by France and Germany, attempted to codify this into a federated European cloud framework.
The theory is sound. The execution has been troubled.
Gaia-X has struggled with scope creep, governance disputes, and the fundamental tension between interoperability and sovereignty. By 2024, the initiative had produced specifications but limited production infrastructure. OVHcloud, the largest European cloud provider, offers genuine European-jurisdictional hosting but at a 20-35% cost premium over equivalent AWS configurations, with a fraction of the managed service catalog.
Sovereign cloud also introduces a subtler problem: jurisdiction is not immutable. Laws change. Governments change. The EU’s own track record on privacy includes the Data Retention Directive (later invalidated by the CJEU), multiple iterations of Safe Harbor and Privacy Shield frameworks (both invalidated), and ongoing negotiations around the EU-US Data Privacy Framework whose durability remains uncertain.
Anchoring privacy to jurisdiction means anchoring privacy to political stability. For a Swiss entity, this may be acceptable – Switzerland’s data protection regime has been remarkably consistent. For entities subject to less stable legal environments, jurisdiction-based privacy is jurisdiction-based risk.
More fundamentally, sovereign cloud does not change the encryption model. OVHcloud still terminates TLS at their load balancers. Your data still exists in plaintext on their servers during processing. A French court order compelling data production from a French sovereign cloud provider will succeed just as readily as a US court order against AWS – the only difference is which flag flies over the courthouse.
The Performance Question
Public cloud’s global edge network is genuinely difficult to replicate. CloudFront, Azure CDN, and Google’s global load balancing deliver content from points of presence within 50ms of 95% of internet users. Sovereign clouds, by definition constrained to national or regional infrastructure, cannot match this geographic distribution.
This creates a real trade-off for latency-sensitive applications. A sovereign cloud user in Singapore accessing infrastructure in Frankfurt will experience 150-200ms of baseline network latency that no amount of optimization can eliminate. Public cloud users can deploy to ap-southeast-1 and eliminate that penalty.
The Stealth Cloud architecture resolves this through edge-native deployment. By running workloads on distributed edge infrastructure (Cloudflare operates in over 310 cities across 120+ countries), Stealth Cloud achieves public-cloud-class latency without centralized data processing. The computation moves to the user, rather than the user’s data moving to the computation.
The Cost Calculus
Public cloud pricing is deliberately opaque. AWS’s pricing page for EC2 alone contains over 750 instance types across multiple pricing models (on-demand, reserved, spot, savings plans). Egress fees – charges for data leaving the cloud – represent a particularly insidious form of lock-in: it is cheap to move data into AWS but expensive to move it out. In 2024, AWS egress fees ranged from $0.09/GB to $0.02/GB depending on volume, creating a financial moat around stored data.
Sovereign cloud typically carries a premium. OVHcloud’s dedicated server pricing runs 15-40% above equivalent AWS configurations, though without egress fees. The total cost of ownership (TCO) comparison depends heavily on workload profile, data transfer patterns, and compliance costs. For regulated industries where GDPR compliance failures carry fines up to 4% of global revenue, sovereign cloud’s compliance simplicity may offset raw infrastructure cost differences.
Stealth Cloud’s cost model is fundamentally different because the architecture is fundamentally different. Edge compute pricing (Cloudflare Workers: $0.50 per million requests, first million free) eliminates the server-provisioning cost model entirely. There are no idle instances, no reserved capacity commitments, and no egress fees. The economic model aligns with the privacy model: you pay for computation, not for the privilege of having your data sit on someone else’s disk.
Verdict
Public cloud wins on capability breadth, raw scale, and the sheer gravitational pull of ecosystem maturity. If your threat model is “compliance with existing regulation” and your optimization function is “minimize engineering overhead,” AWS or Azure is the rational choice. Hundreds of thousands of enterprises have made this calculation correctly.
Sovereign cloud wins on jurisdictional clarity for organizations where regulatory alignment is the primary constraint. European healthcare providers, financial institutions subject to national data localization requirements, and government agencies have legitimate reasons to prefer sovereign infrastructure. The cost premium is real but defensible within regulated industries.
Neither wins on privacy. Both require you to trust the provider with plaintext access to your data. Both are subject to legal compulsion within their respective jurisdictions. Both collect operational metadata that reveals patterns about your usage even when the payload is encrypted.
The Stealth Cloud Perspective
The public-vs-sovereign debate is a false binary. It asks: “Which institution should you trust with your data?” The correct question is: “Why are you trusting any institution with your data?”
Stealth Cloud is the architectural answer to that question. By implementing client-side encryption with user-held keys, ephemeral infrastructure that retains nothing after processing, and cryptographic shredding that makes data destruction mathematically provable, Stealth Cloud eliminates the variable that both public and sovereign clouds treat as irreducible: plaintext access by the provider.
This is not a regulatory strategy. It is not a contractual promise. It is a mathematical guarantee enforced by the laws of cryptography rather than the laws of any nation-state. Data residency becomes irrelevant when the data is encrypted with keys the infrastructure never possesses. Government access becomes architecturally impossible when there is nothing to access – no logs, no stored plaintext, no metadata trail, no session history.
The Stealth Cloud Manifesto articulates this as a first principle: privacy should be a property of architecture, not a promise of policy. Public cloud and sovereign cloud both break this principle. They differ only in whose policy you are asked to trust.
The missing third paradigm is not a compromise between the first two. It is a rejection of their shared assumption. Your data should be yours – not because a contract says so, not because a law requires it, but because the system is built so that no other outcome is possible.
Read the full framework: The Three Paradigms of Cloud Computing.