'Move away from black-and-white thinking data sovereignty'
According to Bert Stam of Leaseweb, it is time we moved away from black-and-white thinking about data sovereignty.
Published on June 10, 2026
Our DATA+ expert and Editor-in-Chief, Elcke Vels, explores AI, cyber security, and Dutch innovation. Her "What if..." column imagines bold scenarios beyond the norm.
For years, choosing American cloud giants was a given. Organizations flocked to Microsoft, Amazon, and Google. But geopolitical tensions are now prompting companies and governments to look more frequently toward European alternatives. According to Bert Stam, managing director of Leaseweb Netherlands, it’s time to move away from black-and-white thinking about data sovereignty, because every step in the right direction counts. “If you analyze data sovereignty down to the last millimeter, you’ll always find that there’s still an American link somewhere in the chain.”
Strategic autonomy: it’s a term you hear more and more often in conversations. It’s more relevant than ever, but Leaseweb has been working on it for decades. “From the very beginning—about 30 years ago now—we’ve been sovereign in relation to local legal requirements,” says Stam. The company provides infrastructure as a service. Customers can choose a private cloud, a shared cloud, or, for example, a model where they only pay for what they actually use.
.png&w=2048&q=75){kind=logo}
Leaseweb operates in the Netherlands, Germany, the United Kingdom, and North America, among other regions. Leaseweb serves approximately 20,000 customers worldwide. “All of these regions are separate entities that operate fully in accordance with local laws and regulations, such as those governing personal data.”
A sovereign European cloud
The company launched the European Cloud Campus initiative, which has been approved by the European Commission. “At its core, it’s about a sovereign cloud that makes organizations less dependent on American hyperscalers and gives them more control over where data is stored and who has access to it,” says Stam. At the same time, the project aims to help attract highly skilled IT talent within the EU to develop and manage applications in virtual cloud environments.
Discussion is shifting
Discussions about data sovereignty are therefore part of Stam’s daily routine. One thing stands out to him: these days, the discussion is no longer just about data storage, but is becoming increasingly detailed and technical. More and more often, the question arises as to how resilient digital systems actually are if something goes wrong. “Last year, the main focus was still on: is your data stored in the Netherlands, yes or no? Now the conversation is shifting. Clients ask: if the power goes out, can we still keep going? Do you also need to have storage, computing power, and processing available locally?” In short, there seems to be a cautious rise in awareness.
The trap of big tech
At the same time, it turns out to be difficult in practice to actually achieve that autonomy. Many organizations are still heavily dependent on big tech, Stam notes. He refers to it as a trap. “Many features of large cloud platforms are attractive and make work easier, but at the same time, they ensure that organizations become increasingly entrenched in a single ecosystem. Applications are built on technology that is tightly intertwined with a single cloud environment, making switching increasingly difficult and costly.”
Black-and-white thinking must go
That is precisely why Stam advocates for a pragmatic approach. Switching over all at once is by no means always feasible. As a first step, many organizations therefore often opt for a hybrid model, in which part of the infrastructure remains with U.S. cloud platforms while sensitive data is stored locally. Stam cites the City of Amsterdam as an example, where a critical assessment is being made of which data truly needs to be stored locally and which is less sensitive. The rest of the Dutch government is also increasingly taking steps in that direction. “We are currently in discussions with government organizations and collaborating on proofs-of-concept to test European cloud alternatives.”
According to him, black-and-white thinking about data sovereignty isn’t realistic anyway. “If you analyze data sovereignty down to the last millimeter, you’ll always find that there’s still an American link somewhere in the chain,” says Stam. “Maybe you’re using virtualization software from an American company, a data connection runs through an American provider, or a component of the infrastructure was developed elsewhere. Then you can endlessly debate what is and isn’t fully sovereign. As far as I’m concerned, the emphasis should be on what is possible. If you can achieve 80 percent of your goal, that’s a huge step forward.”