Sovereign AI is not a real estate question.
Owning servers won't save you on shutdown day. Being able to switch will.
In June, a government switched off two frontier AI models overnight. No warning, no transition period. One export control directive, and teams around the world watched their pipelines go dark. I spent that week answering one question in various forms: shouldn’t we just run everything ourselves?
It’s the obvious reaction. It’s also the wrong one.
I work as CTO of a large federal security organization in Europe, after four decades in public service. Digital sovereignty is not a conference topic for me. It’s a line item, a legal obligation, and occasionally a very uncomfortable meeting. So believe me when I say: the shutdown in June was a warning worth taking seriously. It was the first time a state intervened in a live foundation model, and it will not be the last. Any critical process that depends on a single provider, without a tested fallback, is no longer a strategy. It’s a bet.
But watch what happens next. Across Europe, the reflex answer is localization: replace the international services, build national stacks, move everything into your own data center. Governments are setting deadlines to eliminate non-European dependencies. Regional providers are selling legal shields against foreign jurisdictions. Most organizations I talk to expect to rely more on regional solutions in the coming years, not less.
Some of that is overdue. And some of it could become the second mistake, the one that costs more than the first.
The museum
I’ve watched a large organization follow the localization reflex all the way to the end. Everything in-house, for sovereignty reasons: own platform, own models, own infrastructure. The decision was fast, the reasoning sounded principled, and nobody in the steering committee wanted to be the naive one.
What was missing was less glamorous: the operating capability. The people who patch, update, plan capacity, and get called at night. Costs ran away, the business units quietly kept working with other tools, and two years later the correction was more expensive than a braver middle path would ever have been.
They didn’t build sovereignty. They built a museum.
Here’s the uncomfortable truth behind that story: sovereignty is not a real estate question. It’s a set of capabilities. Can you audit your tools? Can you switch providers within days? Can you shut a system down without shutting the organization down? Can you keep working while you do all of the above? An organization that can answer yes runs sovereign operations even on international models. An organization that can’t is dependent, even if every server hums in its own basement.
Not every workload deserves the premium
Sovereign infrastructure costs more. Noticeably more, and it usually comes with smaller service catalogs and delayed features. That premium is justified for some workloads and pure waste for others.
This is why the single most useful exercise I know is unglamorous: classify every AI use case into three tiers. On-Premise, for anything touching regulated data, fundamental rights, or law enforcement operations, where full control over data flows and auditability is non-negotiable. Regional, for workloads where jurisdiction matters but full isolation doesn’t. Global, for the rest.
Organizations that skip this step end up paying the premium everywhere or nowhere. Both are leadership failures, just with different signatures.
And to be clear about my own line: I use international AI models extensively, for learning, prototyping, and strategic evaluation. For regulated data and law enforcement operations, they’re off the table. Knowing where to draw that line is the actual leadership skill.
What switching capability actually costs
The capability to switch is not free, and it produces no visible value in quiet times. It looks like this: a gateway layer between your business applications and the models, so no application talks to a provider directly. A second model, openly licensed, funded and kept ready as a fallback for critical processes. Contract clauses that cover model substitution and sudden access revocation, because standard agreements do not anticipate a government-ordered shutdown day. And a real switch-over exercise at least once a year, with actual traffic, not slides.
Open source plays a strategic role here, not an ideological one. Sovereignty does not arise simply because code is publicly available somewhere. It arises when architecture, operations, and governance are designed in a way that allows an organisation to retain its ability to make independent decisions.
Open-source software components do, of course, offer advantages in terms of auditability and as a safeguard for maintaining systems independently. However, this only applies to organisations that are capable of managing the operational burden themselves. Otherwise, open source becomes an unpaid maintenance contract with yourself.
One more thing that doesn’t show up in architecture diagrams: in high-stakes contexts, explainability, human final decision-making, data control, and bias testing are not features to negotiate. They’re the conditions under which you’re allowed to trust the system at all.
Where to start
If you take one thing from this letter, take the classification exercise. One quarter, one map of your real dependencies (including the ones nobody ever approved), three tiers for every AI use case. Then fund one fallback for your most critical workload and schedule one switch-over drill. You’ll learn more from that drill than from any strategy paper, including this one.
The most sovereign organization is not the one with the most servers. It’s the one that can pull the plug without turning off the lights.
One question for you: has your organization ever tested switching providers under time pressure?
Hit reply and tell me how it went. I read every response.
Read the article in german language: https://www.lezgus.de/souveran-ist-wer-wechseln-kann-was-der-modell-kill-switch-fur-deine-ki-strategie-bedeutet



