The cloud provider you choose is not a hosting decision. It is a jurisdictional, cryptographic, and architectural decision that determines who can access your data, under what legal authority, and whether you have any meaningful ability to prevent it.
Most organizations select cloud providers based on feature sets, pricing tiers, and developer ecosystem maturity. These are valid engineering considerations. They are also secondary to a question that rarely appears in procurement checklists: when a government issues a legally binding order for your data, what happens next?
The answer depends on the provider’s incorporation jurisdiction, the physical location of the servers processing your data, the encryption architecture, key management model, and the legal frameworks that govern cross-border data disclosure. None of this information appears on a pricing page. Most of it does not appear anywhere in the provider’s documentation.
This guide provides a structured framework for evaluating cloud providers through the lens of data privacy. It is written for technical leaders making infrastructure decisions where privacy is not a compliance checkbox but an architectural requirement.
The Jurisdiction Problem
Jurisdiction is the single most consequential factor in cloud provider selection, and it is the one most frequently ignored.
When your data resides on a server, it is subject to the laws of the jurisdiction where that server is physically located. It is also subject to the laws of the jurisdiction where the provider is incorporated. And depending on international agreements, it may be subject to the laws of the jurisdiction where the requesting government is located.
The CLOUD Act
The United States Clarifying Lawful Overseas Use of Data (CLOUD) Act, enacted in 2018, grants U.S. law enforcement the authority to compel U.S.-incorporated companies to produce data stored anywhere in the world. This means that data stored on a Microsoft Azure server in Frankfurt, Germany, is subject to U.S. legal process because Microsoft is a U.S. corporation.
The CLOUD Act does not require the U.S. government to work through German courts, notify German authorities, or comply with German data protection law. It creates a direct legal channel that bypasses the sovereignty of the data’s physical location.
This has a concrete implication for privacy-sensitive infrastructure: any data stored with AWS, Azure, GCP, Oracle Cloud, or IBM Cloud is subject to U.S. jurisdiction regardless of the data center’s physical location. Selecting a European data center from a U.S.-incorporated provider does not provide jurisdictional protection.
European Jurisdictions
The European Union’s General Data Protection Regulation (GDPR) establishes a comprehensive data protection framework, but its strength varies by member state. The GDPR prohibits data transfers to countries without “adequate” data protection (as determined by the European Commission), but enforcement mechanisms differ.
Switzerland, while not an EU member, maintains an adequacy decision from the European Commission and operates under the Federal Act on Data Protection (FADP), which was substantially revised in September 2023. Swiss law provides strong protections against foreign data requests. Swiss courts do not enforce foreign surveillance orders, and mutual legal assistance treaties require that the requesting government meet Swiss evidentiary standards — which are significantly more restrictive than U.S. standards.
Iceland, Norway, and Liechtenstein participate in the EEA and apply GDPR-equivalent protections with their own enforcement bodies. Each offers jurisdictional characteristics worth evaluating for specific use cases.
The Evaluation Criteria
When assessing jurisdiction, answer these questions:
- Where is the provider incorporated? This determines which government can issue legally binding data production orders directly to the provider.
- Where are the data centers physically located? This determines which government has physical access jurisdiction.
- Does the provider’s incorporation jurisdiction have mutual legal assistance treaties (MLATs) with your adversary’s jurisdiction? MLATs can create indirect access channels.
- Has the provider ever received and complied with foreign government data requests? Transparency reports reveal this, though they often lack specificity.
- Does the provider’s jurisdiction recognize data protection as a fundamental right? Article 8 of the EU Charter of Fundamental Rights does. The U.S. Constitution does not explicitly.
Encryption Architecture
Jurisdiction determines who can legally demand your data. Encryption determines whether that demand produces anything useful.
There are three encryption models in cloud infrastructure, and the differences between them are not incremental. They are categorical.
Provider-Managed Encryption
The provider generates, stores, and manages the encryption keys. Data is encrypted at rest and in transit, but the provider holds the keys. This means the provider can decrypt your data at any time — for operational purposes, for compliance with legal orders, or (in the worst case) due to insider threat or compromise.
This is the default model for AWS S3, Azure Blob Storage, and Google Cloud Storage. It protects against physical theft of hard drives. It does not protect against the provider itself.
Customer-Managed Keys (BYOK / HYOK)
You generate the encryption keys and provide them to the provider’s key management service (AWS KMS, Azure Key Vault, Google Cloud KMS). The provider’s infrastructure uses your keys for encryption and decryption operations, but the keys reside in a hardware security module (HSM) that the provider’s staff cannot extract them from.
This is a meaningful improvement over provider-managed encryption, but it has a critical limitation: the provider’s infrastructure still performs the decryption operation. During processing, your data exists in plaintext in the provider’s memory. A sufficiently privileged insider, a compromised hypervisor, or a cold boot attack on the physical server can access the plaintext.
Additionally, BYOK models typically still allow the provider to comply with legal orders by performing the decryption on your behalf — using the keys you provided.
Client-Side Encryption
You encrypt data before it reaches the provider’s infrastructure. The provider stores and transmits opaque ciphertext. It never has access to plaintext or encryption keys. Legal orders directed at the provider produce only encrypted blobs that are computationally infeasible to decrypt without the key.
This is the only encryption model that provides genuine protection against the provider and against legal orders directed at the provider. It is also the most operationally complex, requiring you to manage key generation, distribution, rotation, and backup independently.
Stealth Cloud’s architecture implements client-side encryption by default. Encryption keys exist only on the client device. The server processes encrypted data in ephemeral memory and never writes plaintext to persistent storage. This is not a configuration option — it is an architectural invariant.
Confidential Computing
A fourth category is emerging: confidential computing environments where data is encrypted even during processing, inside hardware-enforced trusted execution environments (TEEs). AMD SEV, Intel TDX, and ARM CCA provide varying levels of this protection.
Confidential computing does not eliminate the jurisdiction problem — the hardware still sits in a data center subject to local law — but it significantly constrains what a compromised provider can extract. Data in a properly configured TEE is encrypted in memory, and the encryption keys are managed by the CPU, not by the provider’s software stack.
Evaluate whether your workloads can run in confidential computing environments. The performance overhead has decreased substantially, and for privacy-critical workloads, the trade-off is increasingly favorable.
Compliance and Certifications
Compliance certifications tell you that a provider has implemented specific controls and had them verified by an auditor. They do not tell you that your data is private. Understanding what certifications actually certify — and what they do not — is essential for informed provider selection.
What Certifications Mean
SOC 2 Type II certifies that a provider has operational controls for security, availability, processing integrity, confidentiality, and privacy, and that those controls operated effectively over a defined period. It does not certify that the provider cannot access your data. It certifies that the provider has documented processes for managing access.
ISO 27001 certifies that the provider has an information security management system (ISMS) that follows a recognized framework. It does not specify what security controls must be implemented — only that a management system exists and is maintained.
ISO 27701 extends ISO 27001 with privacy-specific controls aligned with GDPR requirements. This is more relevant for privacy evaluation, but it still certifies process, not architecture.
GDPR compliance is not a certification. It is a legal obligation. Providers that claim “GDPR compliance” mean they have implemented the technical and organizational measures required by the regulation. What those measures are, and whether they are architecturally sufficient for your use case, requires independent evaluation.
HIPAA compliance (for healthcare data in U.S. contexts) requires a Business Associate Agreement (BAA) with the provider. The BAA contractually obligates the provider to protect health information. It does not prevent the provider from accessing it.
What to Actually Look For
Beyond certifications, evaluate:
- Transparency reports: How many government data requests did the provider receive? How many did they comply with? What types of data were produced? Providers that do not publish transparency reports should be treated with suspicion.
- Warrant canary: Some providers publish a periodic statement confirming they have not received secret government orders. The absence of this statement after a period of publication implies they have.
- Independent security audits: Has the provider’s infrastructure been audited by independent security firms? Are the results published? Providers that commission audits but refuse to publish results are optimizing for marketing, not for trust.
- Open-source infrastructure: Can you inspect the code that processes your data? Providers that run proprietary, closed-source infrastructure require you to trust their claims without verification.
Data Residency and Sovereignty
Data residency refers to the physical location where data is stored. Data sovereignty refers to the legal jurisdiction that governs that data. These are related but distinct concepts, and conflating them is a common and costly mistake.
Residency Without Sovereignty
Storing data in an AWS data center in Frankfurt provides data residency in Germany. It does not provide data sovereignty under German law because AWS is a U.S. corporation subject to the CLOUD Act. The data physically resides in Germany, but the legal authority over it extends to the United States.
This distinction matters enormously for organizations subject to European data protection requirements. GDPR Article 48 states that foreign court orders requiring data transfers are not enforceable without an international agreement. But the CLOUD Act does not route through GDPR mechanisms — it creates a parallel legal channel.
True Sovereignty
True data sovereignty requires both physical residency and legal incorporation in the same jurisdiction. A Swiss-incorporated provider operating servers in Swiss data centers provides data sovereignty under Swiss law. A foreign government seeking access must go through Swiss mutual legal assistance channels, which impose Swiss evidentiary standards.
Evaluate providers on this basis:
| Criterion | True Sovereignty | Residency Only |
|---|---|---|
| Physical data location | Target jurisdiction | Target jurisdiction |
| Provider incorporation | Target jurisdiction | Foreign jurisdiction |
| Legal authority | Local courts only | Local + foreign courts |
| CLOUD Act exposure | None (if non-U.S.) | Full (if U.S. provider) |
| GDPR Article 48 protection | Full | Contested |
| Government access channel | MLAT only | Direct legal process |
Provider Evaluation Matrix
Use the following framework to score potential providers across privacy-relevant dimensions. Score each criterion from 0 (worst) to 3 (best).
Scoring Criteria
Jurisdiction (0-3)
- 0: U.S.-incorporated, Five Eyes jurisdiction
- 1: EU-incorporated, subject to EU-U.S. data agreements
- 2: EU-incorporated, strong national data protection enforcement
- 3: Swiss, Icelandic, or equivalent jurisdiction with constitutional privacy protections
Encryption Default (0-3)
- 0: Provider-managed keys, no client-side option
- 1: Provider-managed keys with BYOK option
- 2: BYOK default with client-side encryption option
- 3: Client-side encryption by default, provider has zero access to plaintext
Transparency (0-3)
- 0: No transparency report, no audit results published
- 1: Annual transparency report, no audit publication
- 2: Detailed transparency report, selective audit publication
- 3: Continuous transparency, full audit publication, warrant canary, open-source infrastructure
Data Residency Control (0-3)
- 0: No control over data location
- 1: Region selection with caveats (metadata may replicate globally)
- 2: Strict region pinning with contractual guarantees
- 3: Single-jurisdiction operation, no cross-border data movement
Egress and Portability (0-3)
- 0: Proprietary formats, high egress costs, vendor lock-in
- 1: Standard formats, significant egress costs
- 2: Standard formats, reasonable egress costs, migration tooling
- 3: Open formats, free or minimal egress, no lock-in mechanisms
Data Retention and Shredding (0-3)
- 0: Indefinite retention, no deletion guarantees
- 1: Deletion on request, no timeline guarantee
- 2: Contractual deletion timeline, no cryptographic verification
- 3: Cryptographic shredding, verifiable deletion, zero-persistence option
Applying the Matrix
Sum the scores across all six dimensions. Maximum score is 18. Interpret as follows:
- 15-18: Privacy-first architecture. Suitable for high-sensitivity workloads.
- 10-14: Privacy-aware with gaps. Evaluate whether the gaps are acceptable for your threat model.
- 5-9: Privacy as an afterthought. Acceptable only for low-sensitivity workloads.
- 0-4: Privacy-hostile architecture. Avoid for any workload where data protection matters.
The hyperscale providers (AWS, Azure, GCP) typically score between 5 and 9. They offer robust encryption options and compliance certifications, but their U.S. incorporation, opacity around government data requests, and default provider-managed encryption architectures limit their privacy ceiling.
European sovereign cloud providers (OVHcloud, Scaleway, Hetzner, Exoscale) typically score between 10 and 14. Better jurisdiction, improving transparency, but varying encryption defaults and limited confidential computing options.
Swiss-based providers (Exoscale, Infomaniak, Stealth Cloud) can score 15 and above when client-side encryption, zero-persistence architecture, and Swiss jurisdictional protections are combined.
Operational Considerations
Privacy-first provider selection is not purely a legal and cryptographic exercise. Operational realities constrain what is achievable.
Performance and Latency
Privacy-first providers tend to operate smaller infrastructure footprints. A Swiss-only provider cannot match the global edge network of a hyperscaler. If your application serves users globally with sub-100ms latency requirements, you may need a multi-cloud strategy: edge delivery through a CDN that processes only encrypted payloads, with decryption and business logic handled by a privacy-first provider in a sovereign jurisdiction.
Ecosystem and Developer Experience
Hyperscalers offer hundreds of managed services. Privacy-first providers typically offer compute, storage, networking, and a curated set of managed services. If your architecture depends on proprietary managed services (AWS Lambda@Edge, Azure Cognitive Services, Google BigQuery), migrating to a privacy-first provider requires re-architecting those dependencies.
This is not necessarily a disadvantage. Proprietary managed services create vendor lock-in, which is itself a privacy risk: if you cannot leave the provider, you cannot respond to changes in their privacy practices or legal environment.
Cost Structure
Privacy-first providers may cost more per unit of compute than hyperscalers, particularly at scale. However, the total cost comparison should include:
- Compliance costs: Legal fees for evaluating and mitigating CLOUD Act exposure, GDPR cross-border transfer impact assessments, and Data Protection Impact Assessments (DPIAs).
- Breach costs: The expected cost of a data exposure event, weighted by the probability difference between privacy-first and conventional architectures.
- Migration costs: The future cost of migrating away from a provider whose privacy posture changes.
When these factors are included, the apparent cost premium of privacy-first infrastructure often narrows or reverses.
A Decision Process
For teams evaluating providers, follow this process:
Step 1: Classify your data. Not all data requires the same privacy posture. Public marketing content does not need Swiss jurisdictional protection. Customer PII, health data, legal communications, and trade secrets do. Classify your data into sensitivity tiers and match each tier to the minimum acceptable provider score from the evaluation matrix.
Step 2: Eliminate on jurisdiction. If your threat model includes U.S. government access as a risk, eliminate all U.S.-incorporated providers from consideration for sensitive tiers. This is a binary filter, not a scored criterion.
Step 3: Evaluate encryption architecture. For your most sensitive data tier, require client-side encryption as a minimum. If the provider cannot support client-side encryption for your workload, evaluate whether confidential computing provides equivalent protection.
Step 4: Verify claims independently. Do not accept provider marketing claims about privacy. Read their Data Processing Agreements (DPAs) and subprocessor lists. Review transparency reports. Read independent audit results. If audit results are not published, request them. If the provider refuses, treat their privacy claims as unverifiable.
Step 5: Plan for exit. Before committing to any provider, verify that you can extract your data in open formats without prohibitive egress costs. Vendor lock-in is a privacy risk because it eliminates your ability to respond to changing circumstances.
The cloud provider you choose becomes the custodian of your data — or, in the case of a zero-knowledge architecture, the custodian of your encrypted blobs. Either way, that choice is a jurisdictional commitment, an encryption commitment, and an operational commitment that persists for as long as your data does. Make it deliberately.