SILICONANGLE · OPINION & ANALYSIS · SOVEREIGN AI SERIES, PART 1
On the four dimensions of real sovereignty, the fifth dimension every CFO is learning about the hard way, and why open source isn’t a preference — it’s the architecture.
| About this series. This is the first piece in a new SiliconANGLE editorial series on Sovereign AI — covering the definition, the geopolitical stakes, the investment landscape, and the architecture of sovereignty in practice. Next: the six-layer sovereign AI architecture stack. Expect segments, interviews, awards, and a running market map of the territory as it forms. We’re calling balls and strikes while others are still recycling stale thought leadership from Gartner. (Shots fired.) |
Something is wrong with the way the industry is talking about Sovereign AI. Not slightly wrong. Not grammatically wrong. Structurally wrong.
The term has landed in board decks, vendor marketing, and government procurement documents — and in almost every case, it means something far narrower than what’s at stake. Sovereign AI has become a synonym for data residency. For picking the right AWS region. For a geographic configuration that provides legal comfort (think GDPR) without addressing any of the underlying dynamics that create the actual exposure.
This is not a semantic complaint — it’s a strategic one, and it’s baked in fallacies. Organizations that define sovereignty incorrectly are building on a false foundation. By the time it becomes obvious, the window to fix it has already closed: vendor lock-in, compliance penalties, P&L nightmares, and pick your poison.
So let’s define it properly. Because the definition is the strategy (think AA for AI — the first step is admitting you have a dependency).
Why This Is Happening Now — and Everywhere at Once
The forces pushing sovereign AI from concept to operational imperative are converging at a speed most enterprise planning cycles weren’t designed to absorb.
Start with Stargate — a $500 billion US commitment to own the global AI supply chain, announced January 2025 by OpenAI, SoftBank, Oracle, and MGX, with $100 billion to deploy immediately. [1] The message was unmistakable: AI compute is strategic national infrastructure, treated with the same intentionality as energy grids and satellite networks. Then DeepSeek demonstrated that frontier AI could be trained on chips US export controls were specifically designed to restrict. The theory that raw compute dominance wins the AI race dissolved in a matter of weeks.
Europe responded structurally, not rhetorically. The Summit on European Digital Sovereignty in Berlin on November 18, 2025 — Macron and Merz co-chairing — convened more than 900 policymakers, industry leaders, and Member State representatives, and produced the Declaration for European Digital Sovereignty alongside more than €12 billion in announced investment and partnership commitments. [2] That declaration was then formally presented to the EU Telecom Council on December 5, 2025. [3] Mistral raised $830 million in institutional debt from a seven-bank consortium — BNP Paribas, Crédit Agricole CIB, HSBC, MUFG, and others; no US bank participation — to fund a sovereign GPU data center in Bruyères-le-Châtel, outside Paris, with 13,800 Nvidia GB300 GPUs and 44 MW of capacity. The company’s stated objective: 200 MW of sovereign capacity across Europe by end of 2027. [4] These are not policy positions. These are buildings being built — with reportedly much larger IPCEI on AI and IPCEI on Compute Infrastructure Continuum programs now entering matchmaking, set to commence by early 2027 across 17+ Member States. [5]
The Gulf is running at the fastest pace. Saudi Arabia’s HUMAIN — launched May 2025 under the Public Investment Fund and now with a minority stake from Aramco — is building the full AI stack: compute, models, cloud, applications. Eleven data centers under construction at 200 MW each; a $10 billion AMD partnership for 500 MW of compute; agreements with xAI and AirTrunk. This isn’t a data center play — it’s a national intelligence infrastructure play, with a stated ambition to become the world’s third-largest AI provider behind the US and China. [6] The UAE’s G42 and TII’s open-weight Falcon models — including Falcon Arabic and Falcon-H1 — reflect the same logic at the model layer. [7] Malaysia has established its National AI Office. India launched a sovereign LLM initiative. Canada committed an AI Compute Access Fund. None of these are coincidences.
The numbers confirm what the politics are signaling. The CNAS Sovereign AI Index tracks 130+ national sovereign AI initiatives, with more than 80% of total disclosed investment concentrated in the Middle East and East Asia. Infrastructure projects account for 59% of all initiatives tracked; Nvidia supplies the GPUs in 52% of them. [8] More than 60 nations have published formal AI strategies. More than 30 have committed specific domestic funding. This is not a wave — it is a continental shift.
| The CLOUD Act Problem. The US Clarifying Lawful Overseas Use of Data Act (2018) allows US law enforcement to compel American companies to produce data stored anywhere in the world — Frankfurt, Amsterdam, Singapore — regardless of GDPR. That eu-central-1 selection isn’t a legal firewall. It’s a geographic preference that holds until a federal production order arrives. [9] |
Gartner’s November 2025 survey of 241 Western European CIOs found 61% will shift toward local cloud providers specifically because of geopolitics — not performance, not cost. [10] Accenture’s 2025 survey of 1,928 organizations across 28 countries found 62% of European organizations actively seeking sovereign solutions in direct response to geopolitical uncertainty, with Danish (80%), Irish (72%) and German (72%) firms leading. [11]
What Sovereignty Actually Means — and What It Doesn’t

Here’s the thing about data residency: it’s not wrong. It’s just one-fourth of the answer — and most organizations have mistaken it for the whole thing.
Sovereign AI is about Agentcy — your data, your infrastructure, your stack, your rules.
Genuine sovereignty has four core dimensions (plus a fifth bonus pillar — Financial — which we’ll get to). All four. Failure in any one breaks the chain.
1. Territorial — where data and compute physically reside
Yes, it matters. Regulatory compliance, latency, baseline legal protection. All real. But this is the beginning of the analysis, not the conclusion. Organizations that stop here have answered 25% of the question and are filing it under “done.”
2. Operational — who actually manages and secures the environment
This is where most “sovereign” deployments quietly break down. Sovereign servers operated by a foreign-headquartered managed service provider, under foreign employment law, governed by foreign corporate policy — are not sovereign. (Think Huawei managing infrastructure for Telefónica.) [12] The questions that expose this are simple and uncomfortable: Who holds the encryption keys? Who gets paged at 3am during a breach? Which jurisdiction’s law enforcement can walk in and demand the audit logs? If the answers point outside your organization’s control boundary, the Territorial dimension was just window dressing.
3. Technological — who owns the underlying stack and IP
This is the one that hits hardest in AI specifically. A sovereign deployment built entirely on proprietary model APIs, proprietary orchestration frameworks, and proprietary policy engines hasn’t eliminated vendor dependency — it’s relocated it from the cloud infrastructure layer to the software layer, which is harder and more expensive to migrate. If you can’t fork the orchestration layer, audit the policy engine, or modify the runtime without going through the vendor: you don’t own the system. You’re licensing it. Categorically different things.
4. Legal — which jurisdiction governs access
Jurisdiction follows the company, not the data center. A US-headquartered entity’s foreign subsidiary is subject to US law. A European company running US-headquartered software is subject to US legal process through that vendor relationship. The CLOUD Act is the most visible expression; Mutual Legal Assistance Treaties and national security orders create parallel pathways. Real sovereignty requires the legal framework governing access to your data, models, and AI systems to be deliberately chosen and architecturally enforced — not assumed based on a map.
McKinsey’s December 2025 survey of 300 executives, investors, and government officials found 71% characterize sovereign AI as an “existential concern” or “strategic imperative.” The same research found most organizations lack a detailed strategy, action plan, or budget to execute on it. [13] The intent is there. The architecture is not.
Sovereign Cloud is a geography question. Sovereign AI is broader: how intelligence is created, trained, governed, and deployed — across infrastructure, models, applications, and organizational control surfaces. It requires a different posture entirely.
The Fifth Dimension: Financial Sovereignty
Bonus Pillar — Sovereignty from Vendor Lock-In
There is a fifth dimension of sovereignty that doesn’t appear in policy white papers — but that enterprise technology leaders are learning about this year, in real time, on live budgets. Call it Financial Sovereignty: the ability to own, predict, and control what your AI actually costs, without being subject to unilateral vendor pricing changes, usage-based billing surprises, or the forced obsolescence of the models your entire workflow depends on.
This is not theoretical. This is the defining enterprise AI story of Q1 2026 — and three companies are now the cautionary case study every CFO is being shown.
Uber — the budget bonfire
Uber gave Claude Code to roughly 5,000 engineers and encouraged adoption aggressively — going as far as ranking staff on internal leaderboards based on usage. Seemed like a great idea. Adoption ran from 32% of engineers in February to 84% “agentic users” by March. Average monthly spend per engineer landed in the $150–$250 range; heavy users hit $2,000. By April 2026, the company had burned through its entire 2026 AI budget in four months. CTO Praveen Neppalli Naga told The Information the company was “back to the drawing board” on AI budgeting; the COO began questioning ROI. [14] A productivity win that produced invoices competing directly with headcount budgets — and nobody had modeled for it.
Microsoft — beloved by users, killed by the CFO
Microsoft ran the same experiment in parallel. It rolled out Claude Code in December 2025 to its Experiences and Devices division — the group behind Windows, Microsoft 365, Outlook, Teams, and Surface. Engineers loved it. They preferred it over GitHub Copilot by a wide margin. On May 14, 2026, Microsoft began canceling those licenses, directing thousands of engineers back to Copilot CLI by June 30 (conveniently, the last day of Microsoft’s fiscal year). The tool wasn’t cancelled because it didn’t work. It was cancelled because it worked so well that token-based billing consumed the annual AI budget in months. [15] A tool beloved by the people using it, cut by the people paying for it.
The pricing model itself — Altman’s vision is your invoice
Anthropic, following the industry’s broader direction, moved away from flat fees toward usage-based token pricing for agentic workloads. As agentic AI runs multi-step tasks autonomously — in the background, without a human triggering each call — token consumption becomes nonlinear, continuous, and nearly impossible to forecast with traditional enterprise budgeting methods. At BlackRock’s 2026 Infrastructure Summit, Sam Altman described the direction as follows: “We see a future where intelligence is a utility, like electricity or water, and people buy it from us on a meter.” [16] Your CFO heard that too. There’s lots of talk out there about outcome-based pricing. This ideally aligns pricing with customer objectives where pay for value (versus token consumption) becomes the preferred model. We’re seeing this today with the way some firms price forward deployed engineers (FDEs) based on milestones. Think of this as more “services-as-software” where clients pay for value realized.
Google — the deprecation treadmill
Google illustrates the third risk: forced migration. Enterprises that built production workflows on Gemini API model versions have faced a rolling deprecation cycle — Gemini Code Assist legacy tools removed October 14, 2025; the original Gemini Python SDK reached end-of-life November 30, 2025; multiple preview models deprecated on short notice throughout early 2026. [17] Each cycle pulled engineering teams off product work and into emergency rewrites. The vendor’s roadmap — not the enterprise’s own priorities — was driving the engineering calendar.
The pattern across all three is identical. Organizations that did not own their AI stack became price-takers, timing-takers, and migration-takers. Their AI strategy was shaped not by their own decisions but by the commercial and engineering priorities of vendors they had no leverage over.
Sovereign AI resolves this. Self-hosted open-weight models make inference a compute cost — predictable, owned, optimizable. When you control the orchestration layer, you choose when to upgrade and on whose schedule. When your runtime is open source, a model deprecation is a parameter change, not a project. When you own the stack, your AI program budget is yours to manage.
Cost sovereignty is not about being cheap. It’s about being in control — which, as these three companies just demonstrated, is worth a great deal more than the token savings.
Open Source Is Not Optional

Stated plainly: you cannot build genuine sovereign AI on a closed proprietary stack. It is definitionally impossible.
Once you accept the five dimensions above, the conclusion is logical. Technological sovereignty requires the ability to audit, fork, and operate the system independently. A proprietary stack doesn’t allow this. The orchestration layer is a black box. The policy engine is vendor-controlled. The inference API can be modified, restricted, or repriced without your input. You cannot fork what you cannot read.
And the CLOUD Act problem applies to software IP just as much as it applies to data. A US-headquartered software vendor is subject to US legal process — which means the software they control, the keys they hold, the telemetry they collect, and the modifications they can be compelled to make are all within reach of US law enforcement. No hosting geography resolves this. Proprietary AI platforms create legal, operational, strategic, and financial exposure that a well-chosen data center cannot fix.
The only credible path runs through open source — not as a developer-culture preference, but as an architectural requirement. An open-source-first architecture means the orchestration engine can be audited, forked, and self-hosted. Model weights can be inspected and fine-tuned locally. The policy engine is code you own, version-controlled, readable. Connectors, pipelines, inference runtimes — owned, not licensed.
And open source enables genuine portability: the ability to move workloads between providers, across jurisdictions, across hardware generations — without being captive to a vendor’s release cycle or pricing changes. The EU Data Act — which prohibits cloud switching charges and data egress fees from January 12, 2027 — is the policy layer of the same structural shift. [18] Open-source-first architectures are what make an organization genuinely fluid in that market. Without them, you’ve traded cloud lock-in for software lock-in — a different constraint, not the absence of one.
| The first question to ask any sovereign AI vendor is not “where are your servers?” It is “can we audit the source code?” and “can we fork and self-host this without you?” If either answer is no, the solution fails the test — regardless of how the marketing slides describe the geography. |
The Next Wave of AI Will Be Decided Here
The first wave was about capability. Which models could do what. Who could ship fastest.
The second wave — the one we’re in now — is about control. Who owns the infrastructure that produces intelligence. Who governs access. Who controls the costs. Who sets the rules.
This wave won’t be won by whoever has the best models. Those are commoditizing faster than anyone predicted. It will be won by whoever owns the sovereign layer that governs how models are deployed, governed, and integrated into the systems of intelligence that run the world and will define the AI software stack.
The money confirms it. The global sovereign cloud market is projected at $195 billion in 2026 (Fortune Business Insights), growing to $1.13 trillion by 2034. [19] McKinsey projects the sovereign AI market at $500–600 billion by 2030, representing 30–40% of all AI spending. [20] These aren’t venture bets. They’re infrastructure commitments — the same category as telecommunications networks and energy grids in prior generations.
And the timeline is real. McKinsey found sovereign AI migrations take three to four years — not because the technology isn’t ready, but because organizations need time to decide where sovereignty actually matters and restructure their operating models accordingly. That clock starts from the architecture decision. Not from the compliance deadline. Not from the crisis. From the decision.
The organizations that start building for sovereignty now will have genuine AI capability — and genuine AI independence — when the regulatory, geopolitical, and competitive pressures of the next three years arrive simultaneously. The ones that wait will discover the migration window has already closed, and they’re operating on someone else’s infrastructure, someone else’s pricing terms, and someone else’s deprecation schedule.
The sovereignty wars have begun. The territory is forming. The next wave of AI will be decided here.
What This Series Is Going to Do
The world is fragmenting into Sovereign AI islands — regionalized, regulated, increasingly disconnected deployment environments, each with its own rules, requirements, and governance expectations. Every global enterprise faces the same challenge: building AI capability that’s genuinely sovereign within each boundary while staying coherent across the whole.
We’re going to map that territory. Next in the series: the six-layer architecture of sovereign AI readiness — what it actually takes to build a production-grade sovereign AI system from infrastructure foundation to governance apex. Then: a vendor market map (who passes the sovereignty test and who is applying the label to a SaaS product that doesn’t), deep-dives on sovereign AI infrastructure programs, and profiles of the regulated verticals where sovereign AI is a compliance clock, not a roadmap item.
We will interview the architects, CTOs, government program leads, and enterprise technology officers doing the actual building — not the press releases.
We will do awards purpose-built for sovereign AI — recognizing the organizations and people doing the hard, unglamorous work of production deployment.
And we will hold the line on rigor. Sovereign AI washing is already loud. Part of our job is giving the industry the vocabulary and the criteria to tell the difference.
The sovereignty wars have begun. The territory is forming. This is where we start mapping it.
About the Lead Authors
| Amit Eyal GovrinCEO and Co-Founder of Agentcy Labs, a research and software architecture consultancy firm founded specifically to advance the Sovereign AI agenda — helping regulated enterprises architect AI systems they fully own and control.Prior to Agentcy Labs, he co-founded Kubiya — one of the earliest enterprise agentic AI platforms deployed in production. At Kubiya, he was building agentic frameworks before LangChain existed: state machines for multi-step workflow orchestration and JSON-based function call interfaces before model providers had native function calling. By September 2023, Kubiya was running AI agents in production enterprise environments — real workloads, real governance, real audit trails — before “agentic AI” had entered the mainstream lexicon.He advises on sovereign AI architecture in partnership with Deloitte. He is a Gartner Cool Vendor and Intellyx Digital Innovator, and has covered enterprise AI and cloud infrastructure as an analyst voice at SiliconANGLE and theCUBE. | John FurrierCo-Founder and Co-CEO of SiliconANGLE Media and Co-Host of theCUBE — widely recognized as the ESPN of enterprise tech, having conducted tens of thousands of executive interviews at the world’s most important technology conferences.A Silicon Valley entrepreneur since 1997, he began his career at Hewlett-Packard, then founded Labrador Software (1996, early paid keyword search), served as VP of Product at RealNames, and founded PodTech Network in 2004 — one of the first venture-backed podcasting companies.He founded SiliconANGLE in 2008, which merged with Wikibon in 2010 to form SiliconANGLE Media Inc. — home of SiliconANGLE.com, theCUBE, theCUBE Research, and the Breaking Analysis podcast. His analyst thesis — that enterprise IT is moving from infrastructure decisions to platform outcomes, with the control plane as the new battleground — has proven prescient across cloud, big data, and the agentic AI era. He holds a B.S. in Computer Science from Northeastern University and an MBA from Babson College. |
Next in series → The Architecture of Sovereign AI Readiness: the six-layer stack that separates genuine sovereignty from sovereignty theater — layer by layer, from infrastructure foundation to governance apex.
References & Sources
All claims, figures, and quotations referenced in this paper are linked below. Where the underlying primary source differs in scope from the in-text claim, both are cited.
[1] OpenAI, “Announcing The Stargate Project,” January 21, 2025 — $500B over four years; $100B immediate; OpenAI, SoftBank, Oracle, MGX. openai.com/index/announcing-the-stargate-project
[2] Élysée, “Summit on European Digital Sovereignty in Berlin,” November 18, 2025 — Macron/Merz co-chaired; >900 participants; >€12B in commitments; Declaration signed. elysee.fr — Summit on European Digital Sovereignty
[3] Council of the EU, Transport, Telecommunications and Energy Council (Telecommunications), meeting of 5 December 2025 — information point on the Declaration. consilium.europa.eu — TTE Council, 5 Dec 2025. Declaration text: Declaration for European Digital Sovereignty (PDF)
[4] Data Center Dynamics, “Mistral AI raises $830m in debt financing for data center in Paris, France” — 13,800 Nvidia GB300 GPUs, 44 MW, Eclairion site in Bruyères-le-Châtel. datacenterdynamics.com — Mistral $830M raise. Bank consortium named at: thenextweb.com — Mistral seven banks
[5] Covington Global Policy Watch, “Important Projects of Common European Interest (IPCEIs) on Artificial Intelligence and Compute Infrastructure Continuum,” May 2026. globalpolicywatch.com — IPCEI AI and CIC
[6] Public Investment Fund of Saudi Arabia, “HUMAIN” portfolio page; CNBC, “Saudi AI firm Humain is pouring billions into data centers,” August 27, 2025; Aramco/HUMAIN minority-stake term sheet announcement. pif.gov.sa — HUMAIN · cnbc.com — Saudi AI firm Humain
[7] Computer Weekly, “UAE’s TII challenges big tech dominance with open source Falcon AI models”; G42 and TII coverage. computerweekly.com — TII Falcon
[8] Center for a New American Security (CNAS), “Sovereign AI Index” — 130+ initiatives; >80% of investment in Middle East / East Asia; infrastructure = 59% of projects; Nvidia in 52%. interactives.cnas.org — Sovereign AI Index
[9] LexisNexis, “Cloud Act vs GDPR: Data Protection for EU Companies” — extraterritorial reach explained. lexisnexis.com — CLOUD Act vs GDPR
[10] Gartner press release, November 12, 2025: “Geopolitics Will Drive 61% of CIOs and IT Leaders in Western Europe to Increase Reliance on Local Cloud Providers” — survey of 241 Western European CIOs/IT leaders, May–July 2025. gartner.com — Western European CIO survey
[11] Accenture, “Europe Seeking Greater AI Sovereignty,” November 3, 2025 — survey of 1,928 organizations across 28 countries and 18 industries, July–August 2025. newsroom.accenture.com — Europe AI sovereignty study
[12] RCR Wireless News, “Huawei to deploy Telefónica’s first commercial 5G-A network in Spain,” August 22, 2025. rcrwireless.com — Huawei / Telefónica
[13] McKinsey, “The sovereign AI agenda: Moving from ambition to reality,” December 18, 2025 — global survey of 300 executives, investors, and government officials. mckinsey.com — Sovereign AI agenda
[14] Fortune, “Uber burned through its entire 2026 AI budget in four months,” May 26, 2026 — CTO Praveen Neppalli Naga statement; COO ROI questions; ~5,000 engineers; spend distribution. fortune.com — Uber COO AI spending
[15] Windows Central, “Microsoft cancels Claude Code licenses, shifting developers to GitHub Copilot CLI,” May 2026 — Experiences + Devices division; May 14 rollback; June 30 cutover; FY-end alignment. windowscentral.com — Microsoft cancels Claude Code
[16] Gizmodo, “Sam Altman Says Intelligence Will Be a Utility, and He’s Just the Man to Collect the Bills” — BlackRock 2026 Infrastructure Summit, March 11, 2026. gizmodo.com — Altman “on a meter”
[17] Google for Developers, “Gemini Code Assist feature deprecations” (legacy tools removed October 14, 2025) and “Gemini API deprecations” (legacy Generative AI Python SDK EOL November 30, 2025). developers.google.com — Code Assist deprecations · ai.google.dev — Gemini API deprecations
[18] European Commission, “Data Act explained” — switching charges including data egress prohibited from January 12, 2027. digital-strategy.ec.europa.eu — Data Act explained
[19] Fortune Business Insights, “Sovereign Cloud Market Size, Share, & Growth Report [2034]” — $195.35B in 2026; $1,133.3B by 2034 (CAGR 24.60%). fortunebusinessinsights.com — Sovereign Cloud market
[20] McKinsey, “Sovereign AI ecosystems for strategic resilience and economic impact” — projects 30–40% of AI spending will be sovereignty-influenced ($500–600B by 2030). mckinsey.com — Sovereign AI ecosystems
© 2026 SiliconANGLE Media Inc. & Agentcy Labs. All rights reserved.

