Amazon unveils Europe-based sovereign cloud to ease data control concerns

Amazon Web Services launched the AWS European Sovereign Cloud in mid-January 2026, offering a Europe-based cloud that the company says will be physically, legally and logically separate from its U.S. operations to address mounting European concerns over data jurisdiction, access and governance. The move aims to reassure governments and businesses that sensitive data and metadata can remain under local control while still accessing the scale and tools of a major cloud provider.

The new infrastructure is based in Brandenburg, Germany, and AWS has created a new parent company for the service that it says will be locally controlled in the European Union and "run by EU citizens." Stéphane Israël was named to lead the offering, with Stefan Hoechbauer appointed managing director. AWS also announced a five-member advisory board for the sovereign cloud; three of the five advisers are employees of Amazon.

AWS said the sovereign cloud preserves its core security technologies, including encryption, key management and the AWS Nitro System for compute isolation. The company pointed to independent third-party attestations for compliance, citing ISO/IEC 27001:2013, SOC 1/2/3 standards and Germany’s Federal Office for Information Security C5 attestation. AWS has said customer content and customer-created metadata will remain within EU borders under the new design.

Officials and industry observers framed the service as an attempt to deliver "control without compromise," offering full AWS capabilities while inserting sovereignty controls and operational resilience. The architecture is intended to ensure continued operations even amid geopolitical disruption. At the same time, cloud specialists warn that meeting stringent sovereignty and compliance requirements will usually require a comprehensive, multi-account cloud architecture and an operating model that enterprises must prepare before migrating regulated workloads.

AWS dated the launch Jan. 15, 2026; some reports cited Jan. 14. The announcement follows an initial plan disclosed in 2023 and comes against a backdrop of intensified European regulatory scrutiny and political pressure to reduce dependence on non-EU technology providers. Regulators in Europe are currently examining cloud services from major U.S. vendors under new rules aimed at ensuring fair digital markets and stronger controls over critical infrastructure. Market analysts estimate that AWS, Microsoft and Google together account for roughly 70 percent of the cloud market in Europe, a concentration that has driven calls for sovereignty measures and alternatives.

The sovereign cloud raises practical and legal questions that will determine its uptake. Customers will need to verify certifications and operational controls, evaluate how encryption and key management are implemented, and test the isolation of compute resources in practice. Governments and regulated industries will scrutinize governance documents and the legal separation of the new parent company to ensure that data access by non-EU authorities is constrained.

For European enterprises and public agencies, the offering could shorten the pathway to keeping regulated workloads onshore with familiar tooling. For policymakers, it will be an early test of whether architectural and corporate separation can satisfy legal and political demands for digital sovereignty without fragmenting the global cloud market. Regulators and customers are likely to seek detailed audits and contractual assurances in the months ahead.