Tech Explained: Here’s a simplified explanation of the latest technology update around Tech Explained: Data sovereignty in the age of AI in Simple Termsand what it means for users..
Many agreed that dependence on any single provider is increasingly hard to justify, despite the costs and complexity of diversification. This echoes the Pure Storage survey findings, in which global data leaders cited service disruption as the top data sovereignty risk; in the study, fully 100% of respondents said data sovereignty risks, including the possibility of service disruption, have caused organisations to consider where their data is located.
However, few believed it is realistic to abandon large cloud providers altogether. Even among organisations handling more sensitive data – in healthcare and financial services – there was recognition that hyperscalers often offer capabilities that individual organisations cannot match.
The question, they argued, is not whether to use hyperscalers, but how to govern their use, limit concentration risk and retain operational control. “There’s nothing wrong with [any particular provider] as long as you’ve got something you can fail over to, especially when you run a business that is critical to people’s lives and people’s businesses,” the UK bank leader insisted.
Others cautioned that failover capability addresses only part of the risk. Several participants noted that foreign legal frameworks can enable government access to data held by their domestic providers, regardless of where it is physically stored. One pointed to a recent case in which a major platform was fined not for storing data improperly, but because staff in another jurisdiction had ongoing access to it. This serves as a reminder that sovereignty concerns extend beyond physical location to questions of access and control.
These concerns prompted support among participants in both London and Singapore for hybrid and multi-cloud strategies, alongside sovereign or private-cloud fallback capacity. Although some welcomed the shift towards greater control, others warned that pushing sovereignty too far risks eroding competitiveness. Additional layers of compliance, bespoke infrastructure and restricted access to global platforms can slow deployment and raise costs.
The discussion exposed a clear contrast between London and Singapore. Participants in London put more emphasis on control and risk mitigation, whereas those in Singapore emphasised interoperability, portability and competitive agility. Participants based in Asia were more inclined to see sovereignty as strategic positioning, rather than as insulation from foreign providers.