…
While Brussels champions policy initiatives and American tech giants market their own ‘sovereign’ solutions, a handful of public authorities in Austria, Germany, and France, alongside the International Criminal Court in The Hague, are taking concrete steps to regain control over their IT.
These cases provide a potential blueprint for a continent grappling with its technological autonomy, while simultaneously revealing the deep-seated legal and commercial challenges that make true independence so difficult to achieve.
The core of the problem lies in a direct and irreconcilable legal conflict. The US CLOUD Act of 2018 allows American authorities to compel US-based technology companies to provide requested data, regardless of where that data is stored globally. This places European organizations in a precarious position, as it directly clashes with Europe’s own stringent privacy regulation, the General Data Protection Regulation (GDPR).
…
The Five Eyes surveillance sharing system makes it unlikely that the UK, Canada, Australia or New Zealand will have the same national security drive to opt out. They can just ask the US to share info on their own citizens in a way that isn’t open to mainland Europe.