For a business, data is the foundation of its activity, the trust of its customers, and the digital sovereignty of its nation. Yet, this same data can slip from its control, not because of a breach or human error, but simply because the company agreed to the terms of a cloud provider several years earlier. While it can still access and use its data, it no longer has any control over the surrounding ecosystem, nor over its evolution and changes.
Far from being merely hypothetical, this scenario is a daily reality for thousands of companies across Europe and beyond. It raises a crucial question: how can enterprises ensure mastery over their data and freedom of choice in such a context?
The Promise of Multicloud: Expectations and Reality
In light of this, businesses, especially SMEs, have turned to multicloud. Indeed, working with several providers offers greater flexibility, security, and workload portability. The idea is to migrate existing applications and then optimize them for the cloud.
Yet, in practice, this promise is not often fulfilled. Companies confront the need to “lift and shift” their on‑premises monolithic applications to the cloud, all while contending with new cloud‑first applications created by a new generation of engineers and with federated and distributed data silos.
At the heart of the problem lies something more fundamental than market share: the erosion of freedom of choice and, consequently, of sovereignty. This growing dependence on external platforms stifles innovation.
Meanwhile, the CIOs are tasked with verifying compliance for third‑party ecosystems, which traps regulators within proprietary interfaces. The future of digital technology then strangely blends with the past and ends up monopolized by a handful of people with an internal logic and motivations that clash with those of society.
National Security, Innovation, and Ethics: Global Stakes
This reliance on a few suppliers therefore raises three major issues.
First, it is a matter of national security. European countries are realizing that depending on foreign hyperscalers to train and deploy their AI models represents a risk to sovereignty. A number of questions arise: what would happen in the event of geopolitical changes? What would happen if a government’s access to its own citizens’ data is restricted due to foreign legal obligations?
It is also a question of innovation. Startups cannot afford exit fees that penalize exploration, and universities should not have to tailor their research to the commercial constraints of a single provider. If AI is the 21st century’s steam engine, it is essential to ensure that its fuel—data and computing power—remains accessible and portable.
Finally, it is a question of ethics. One of the greatest governance missteps in AI is the idea that ethics can be layered onto closed systems. That model biases, algorithmic fairness, and explainability can be regulated while deploying the most sensitive models via third‑party APIs executed in “Black Box” environments.
True AI governance begins with governance of the infrastructures. It means knowing where models are hosted, recording and auditing every inference, but also ensuring that models do not cross borders and do not violate local data residency rules. Being tied to a single provider or relying on pure managed services that operate like black boxes makes all of this possible.
Toward a Sovereign and Portable Cloud
The next technological evolution is a platform that does not merely promise portability but actually delivers it. Where compute engines move with the data, not the other way around. And above all, where AI can be run privately, securely, and with ease. It is not a question of abandoning the cloud; far from it. Its flexibility, scalability, and democratizing potential are revolutionary. But revolutions must be bounded, and the cloud must above all be a choice.
Today, companies face a difficult choice: continue to depend on providers, accept rising costs and diminished autonomy that follow, or switch to an environment where the infrastructure is fluid, where AI can be sovereign, and where cloud becomes a capability they own.
IT leaders—CIOs, CTOs, and CDOs—must be the guardians of absolute data control within the enterprise, both from budgetary and from compliance perspectives. One thing is certain: the right to process data must remain in the hands of those who own the data.
*Sergio Gago is Chief Technology Officer at Cloudera
