Back to the journal
AI & AI Engineering July 2026

Sovereign AI: using AI without giving up control

Sovereign AI means using artificial intelligence without losing control over data, models, and decisions. Companies that want both must actively shape location, vendor independence, and traceability.

Sovereign AI is a strategic framework for using AI that ensures control over data location, model choice, and decision traceability, thereby reducing dependence on US cloud providers.

At a glance:

  • 3 pillars: Data location (EU/adequacy decision), vendor independence (open-weight ≠ open source), traceability.
  • Legal framework: GDPR Art. 28 (data processing agreement), EU AI Act (effective from 2024, high risk = conformity assessment).
  • Default risk: Schrems II ruling (2020) makes US cloud non-GDPR-compliant without standard contractual clauses and a Transfer Impact Assessment.

Where does my data run? Can I switch providers? And can I understand how the AI reached its answer? The default US cloud AI route quietly answers "no" to all three, often without anyone noticing. Sovereign AI is an active design task: data location, vendor independence, and traceability must be addressed together because the default path of US cloud AI gives away sovereignty without visible loss. For companies in Germany and the EU, this question is particularly urgent. The General Data Protection Regulation (GDPR) sets strict requirements for processing personal data. In addition, there is the EU AI Act, a regulation taking effect from 2024. It classifies AI systems by risk level: the higher the risk (e.g. hiring decisions or biometric identification), the stricter the requirements. Anyone who wants to use AI must comply with these regulations. The easiest path, using a US cloud AI, often leads to dependencies that are hard to correct later. My position is clear: sovereignty is not a nice-to-have, it is a strategic necessity that must be actively shaped.

Since the Schrems II ruling of the European Court of Justice (2020), blanket data transfers to the US are no longer sufficient. Imagine you outsource a critical business analysis to an external service. The results are good, but you do not know where your data was processed, which model was used, and whether anyone can see the results. This feeling of uncertainty is exactly what the concept of Sovereign AI addresses. It is about using the benefits of artificial intelligence while retaining control over your data, the technologies you use, and the decisions made.

What are the hidden costs of the default US cloud AI path?

The default US cloud AI path has three hidden costs: third-country transfer, which after the Schrems II ruling of the ECJ (2020) requires additional safeguards such as standard contractual clauses and a Transfer Impact Assessment; vendor lock-in through proprietary platforms (platforms owned and fully controlled by a single vendor, with no public access to its internals) and model-specific workflows; and intransparency, because closed models do not disclose training data or decision logic.

  • Third-country transfer, that is, sending personal data to a country outside the EU. If personal data is processed in the USA, you need additional safeguards after the Schrems II ruling of the European Court of Justice (2020). The ruling declared that simply sending personal data to the US was no longer legally sufficient. Concretely, this means: you need standard contractual clauses, pre-written contract terms under which the US provider commits to EU-level data protection. In addition, you must carry out a Transfer Impact Assessment, a written analysis of the risks the data export poses to the affected individuals. Many companies overlook or underestimate this effort.
  • Vendor lock-in, Once data is stored in a proprietary platform (a platform owned and fully controlled by a single vendor, with no public access to its internals) and workflows are tailored to a specific model, switching becomes expensive and time-consuming.
  • Intransparency, With closed models, you do not know what data they were trained on, how they decide in individual cases, and whether the results are biased. You get a black box.

Together, these three problems mean that the default path gives away sovereignty without it being visible at first glance.

What are the 3 dimensions of Sovereign AI?

The 3 dimensions of Sovereign AI are data location, vendor and model independence, and traceability. Sovereign AI comprises three dimensions that must be addressed together: (1) data location with EU processing and a data processing agreement under Art. 28 GDPR, (2) vendor and model independence via open-weight models such as Mistral, Qwen, or Llama, (3) traceability through independent evaluation of architecture and weights. Anyone who wants to implement Sovereign AI must address all three dimensions. Solving only one is not enough. I consider this three-pillar model the decisive framework for systematically evaluating and shaping sovereignty.

1. Data location: Where must the data be processed?

Data location is the first pillar of Sovereign AI: For GDPR-compliant AI use, data must be processed in the EU or in a country with an adequate level of protection; the central lever is the data processing agreement under Article 28 GDPR. It regulates that a processor acts only on the instructions of the controller and does not use the data for its own purposes. Large AI platforms now offer EU regions where processing takes place. The EU AI Act requires for high-risk AI systems (such as those used in hiring, credit scoring, or medical diagnostics) a conformity assessment, an official check that the AI system meets the EU requirements, which considers data governance (e.g. quality and representativeness of training/test data). Without clear agreements here, you risk GDPR violations.

2. Vendor and model independence: How do I avoid lock-in?

Vendor and model independence is the second pillar: Open-weight models are a key lever here. Unlike closed models, developers publish the trained weights (the finished, learned "knowledge" of the AI in the form of billions of numerical values). Companies can run this finished knowledge on their own infrastructure, customize it, and extend it. Examples include models from Mistral, Qwen, or Llama. A sober view is important: open-weight does not automatically mean open source in terms of license. Usage terms vary. But independence from the provider grows because the model is not tied to a specific cloud. Using open standards and interfaces avoids lock-in.

A comparison between closed and open-weight models highlights the differences. Evaluability means how well the model can be independently examined and tested for quality, bias, and fitness for purpose.

FeatureClosed modelOpen-weight model
Training data visibleNoNo (weights are open, training data are not)
Switching costHigh (lock-in)Low (run on own infrastructure)
EU operation possibleOnly via cloud regionsYes, on own hardware
License clearProprietary (owned and fully controlled by a single vendor, no public access to internals)Varies (not automatically open source)
EvaluabilityHardly possibleYes (architecture and weights analyzable)

3. Traceability: How do I check whether the AI decides correctly?

Traceability is the third pillar: It concerns the ability to understand and review the decisions of the AI system. With closed models, this is hardly possible. With open-weight models, you can analyze the model architecture, the underlying structure and design of the AI model, and the weights. You can conduct your own evaluations to detect biases or measure performance in your specific use case. The EU AI Act requires comprehensive documentation and human oversight for high-risk systems. Traceability is the foundation for this. Without it, every AI remains a risk whose extent you do not know.

Decision framework for Sovereign AI

  • Where is the data processed?
  • Is there a valid data processing agreement?
  • Can you switch providers without rebuilding the data?
  • Can you run or evaluate the model yourself?
  • Are the system's decisions transparent or a black box?

Every question you answer with no marks a point where you give up sovereignty. The levers are: contract design, choice of infrastructure, use of open models, and building internal evaluation expertise.

Our position: sovereignty is not automatic, it is an active design task.

At Mountain Road, we hold the position that AI use and data control are not opposites. Companies that want both must question the default path and design it consciously. The default of US cloud AI gives away sovereignty. The three dimensions of location, independence, and traceability must be considered together. The EU AI Act and GDPR set the framework. The technology, especially open-weight models and European data centers, provides the means. The responsibility lies with the companies. Those who act now secure the freedom to make different decisions tomorrow.

Frequently asked questions

What does Sovereign AI mean?

Sovereign AI, also called data-sovereign AI, refers to the use of artificial intelligence while maintaining control over data, models, and decisions. Companies retain authority over their information, avoid dependencies on individual providers, and can trace the results.

How do you use AI in compliance with GDPR in Germany and the EU?

GDPR-compliant AI use requires a data processing agreement according to Article 28 GDPR, processing in the EU or a country with adequate protection, and a risk assessment for third-country transfers. The EU AI Act adds risk-based rules for AI systems.

Can you run AI without a third-country transfer?

Yes, by operating AI models in European data centers or on your own infrastructure. Open-weight models enable operation without data flowing to third countries. Prerequisites are clear data processing agreements and choosing providers with EU regions.