AWS claims their cloud is "sovereign" and "independent" while remaining owned by a US corp subject to US law (including the CLOUD Act). That's not how sovereignty works.
EU citizen operators don't change the fact that the underlying technology, patents, and corporate control remain American.
Zero details on pricing, available services, or how they'll handle conflicts between US law and their "sovereignty" promises. For something launching next year, that's concerning.
crazygringo · 42m ago
> That's not how sovereignty works.
Actually, it is. It will operate as a subsidiary company based in Europe. That means it's 100% subject to European law, not American law. And being staffed by Europeans means they are immune to any US legal threats. I.e. the US can't compel a European employee to reveal data under a subpoena the way it could compel American citizens.
Amazon remains the owner and controls the technology, yes. But as long as things are encrypted correctly and the hardware is in Europe, the data is secure from the US government. Sure Amazon or any cloud provider could build a back door, but that will eventually be discovered whether by hacker or whistleblower and their reputation will be forever ruined and they'll lose all corporate and government business forever. It's not in Amazon's corporate self-interest to allow a back door like that.
pyrale · 27m ago
> It will operate as a subsidiary company based in Europe. That means it's 100% subject to European law, not American law.
As a subsidiary company, does Amazon retain operational control over that branch?
If so, it's subject to the CLOUD act, and therefore, not compatible with EU rules.
> Amazon remains the owner and controls the technology, yes.
So, basically, the answer is that the EU subsidiary is not independent. Consider Lavabit's story, the US admin would have no issue asking Amazon to trojanize their tech.
> their reputation will be forever ruined
That happened 20 years ago.
> It's not in Amazon's corporate self-interest to allow a back door like that.
They wouldn't have a say in the matter.
crazygringo · 19m ago
> If so, it's subject to the CLOUD act, and therefore, not compatible with EU rules.
I'm assuming the CLOUD act is the entire reason why they're explicitly going with European-only staff.
That way Amazon can honestly say it has no operational control to violate EU law because there's no American employee they can command.
Operational control isn't all-or-nothing. European employees will do whatever Amazon tells them unless it breaks European law, in which case they won't. Amazon is intentionally setting it up in a way that it won't be able to do anything about that.
lazide · 17m ago
Or they’re attempting to ‘green wash’ something that US parent can definitely actually control, so they have some plausible deniability. It is not even close to the first time something like that has occurred.
dabedee · 36m ago
Being "100% subject to European law" doesn't override the parent company's obligations under US law. At best, it creates a legal conflict where AWS must violate either US or EU law. Which one will the US parent company prioritize if/when faced with enforcement actions?
The only way this would work is if the European operation were truly independent & separately owned, no corporate control from the US. But I don't think that's what AWS is proposing.
skissane · 27m ago
> Being "100% subject to European law" doesn't override the parent company's obligations under US law. At best, it creates a legal conflict where AWS must violate either US or EU law. Which one will the US parent company prioritize if/when faced with enforcement actions?
IANAL/etc, but the subsidiary and the parent are different people (legal personhood). The US parent is only responsible for the EU subsidiary’s actions under US law to the extent it has effective control of them. If the parent tells the subsidiary to obey a US legal order, and the management of the subsidiary refuses on the grounds of EU law - then the management of the parent has done what US law requires them to do. The US management might consider firing the EU management and replacing them with new managers - but if the job requirement is “must be willing to break local law”, nobody with an appropriate background is going to apply, so if they fire them they won’t be able to replace them, hence they are legally justified in not firing them.
It is normally true that a wholly-owned subsidiary just does whatever the parent’s executive management demands, but this is one of the rare cases where that generalisation breaks down. (If we consider non-wholly-owned subsidiaries, it becomes a much more common thing.)
lazide · 16m ago
That is a rather laughable actual protection isn’t it? People do stuff because their bosses tell them too.
skissane · 2m ago
I know people (even members of my own family) who have resigned jobs because they felt the personal legal risk to themselves was excessive. In my experience, it is a much more common event at the C-suite level, where the personal legal risk is most acute, than at the level of individual contributors. If the company goes bankrupt, the ICs in accounting are unlikely to be personally found liable for the company’s debts - but if the CEO and CFO are proven to be guilty of “trading while insolvent”, they can be.
crazygringo · 11m ago
They generally don't when the boss is safely protected in another country, but you'll go to jail in your own country.
lazide · 10m ago
They do all the time. See every mining company, ever.
adrr · 19m ago
Amazon has ownership of the company not a management stake. If you had a startup and filled all your boards seats with only EU board members. That doesn't mean the CEO and other officers are bound by EU law. Sure they could fire CEO and other officers but I bet the bylaws of the company requires officers to be EU citizens.
crazygringo · 31m ago
> At best, it creates a legal conflict where AWS must violate either US or EU law.
No, that's the whole point of this setup. Amazon will not be violating US law when its European subsidiary says no, we won't respond to your subpoena. It would be if Amazon USA owned the European data centers directly and employed American workers. But it will do neither. The US courts can't compel companies to do things they have no legal authority over. It doesn't matter that Amazon owns the subsidiary -- fundamentally, the subsidiary is a foreign entity.
petcat · 25m ago
The EU is being squeezed by USA and China on all sides whilst staring down the barrel of a Russian invasion on their eastern borders. They're in a really bad place and don't have a lot of options. It's why they were so quick to succumb to Trump's lopsided trade agreement.
blitzar · 31m ago
> It will operate as a subsidiary company based in Europe.
Already was - I pay Amazon Web Services EMEA SARL ("AWS Europe") an entity established in Luxembourg.
> That means it's 100% subject to European law.
Always have been. What is it with tech companies thinking the law doesn't apply to them because muah internet?
> US can't compel a European employee
Courts compel companies not employees, companies get fined and CEOs go to jail for failure to comply.
ljm · 18m ago
So Amazon becomes a supranational entity.
You should be ashamed of yourself for shilling for this shit.
Curtis Yarvin would be proud.
wkat4242 · 53m ago
Yeah this is just window dressing. The NSA will still get their feeds whenever they want.
That said, being fully European doesn't guarantee anything either. They'll just bribe some employees or use an allied intelligence agency within the EU.
"AWS rescined my offer due to the lack of citizenship"
"At the beginning of June, I had the opportunity to interview at AWS for a Systems Engineer position (working on the EU Sovereign Cloud project)."
greatgib · 44m ago
At the moment that the thing is operated and owned by an US company, they are subject to the law and will of the US government and so obviously not sovereign.
I'm wondering if someone could sue them for "deceptive marketing statement" under European law.
Sadly a lot of company will pretend to believe the marketing of aws to have an excuse to use aws and pretend to be using a safe sovereign cloud.
Also, I have doubt that the European employees and entities with all access and review to source code, and everything. It will probably be European technician running black box servers in an European data center.
blitzar · 36m ago
> believe the marketing of aws to have an excuse to use aws and pretend to be using a safe sovereign cloud
and pay a premium for the pleasure of course
gitremote · 45m ago
"The Cloud Act is a law that gives the US government authority to obtain digital data held by US-based tech corporations irrespective of whether that data is stored on servers at home or on foreign soil. It is said to compel these companies, via warrant or subpoena, to accept the request."
This may be blindingly obvious, but I’m going to say it anyway: If Amazon was willing to actually give up control of AWS EU, then this kind of announcement would be entirely surplus to requirements. But they will (obviously and rationally) not be giving up control of AWS EU because that would essentially have to be an act of charity, so they need to dress it up a bit.
(Before hitting ‘add comment’ I’m taking a moment to consider if I’m being overly cynical. But no, I really don’t think I am. But my company does compete with AWS, so that is a bias.)
wkat4242 · 51m ago
Well it wouldn't have to be charity. They could just divest or sell it.
It would be a dumb move though because they need a worldwide CDN for customers from other countries outside the EU too.
tensor · 1h ago
But it's still ultimately supporting a US company. The world needs a diversity of companies not just subsidiaries of the same few US companies.
CamperBob2 · 1h ago
True. Someone should look into why all these companies tend to be started in the US, and not in the EU.
adamcharnock · 43m ago
I left a comment fairly related to this a while back:
But there _is_ also an attitude difference. In terms of willingness to take risks and innovate, the USA does do very well for itself, and I think the UK does ok too. But that cannot be said for the EU countries I’ve lived in. Stable reliable long term safe jobs seem to be more the name of the game, and starting a company is seen as a big and risky commitment. Whereas in the US and UK you can start a company in your lunch break.
It is a generalisation, and I’m part of a wonderful entrepreneurial community here in Munich. But even there everyone says how risk averse European businesses are. I really really wish it wasn’t true.
verelo · 1h ago
lol…try hire someone in Germany. You’ll get it in about 5 minutes.
Sincerely, someone in Canada who did this.
mschuster91 · 51m ago
Hiring someone in Germany is dead easy (assuming the candidate is an EU/EEA citizen - foreigners from outside the EU/EEA are a nightmare because the immigration authorities are swamped in cases). You hand the candidate a contract, ask for a few informations (e.g. tax identifier code, health insurance code) and your accountant (or, if larger, HR dep't) deals with the rest.
The problem is firing someone in Germany, which can be pretty difficult once a company exceeds 5/10 employees. You basically need either cause (e.g. sabotage, theft, other criminal activity) or the company needs to be in dire economic situations.
tensor · 1h ago
I think that's pretty straightforward. The US VC funding is far greater and easier to obtain than in Europe or other western nations. But it's a bit of a chicken and egg scenario. The US VC space exists partly because of the wild success of silicon valley. Once it got a significant lead it became a self re-enforcing system.
To compete, other countries need their own VC system which is a bit tricky. It requires likely a level of government funding or other incentives to get it off the ground and ramping up. Then also, you need to incentivize VCs to stay in your country.
At least my 2cents.
wkat4242 · 45m ago
I don't think we should have so much VC anyway. Most of that is just basically gambling. Most of these startups crash and burn. Here in Europe we frown on that, just like we frown on taking out loans and credit cards.
Here in Europe the best credit rating is for the person who's never needed a loan or credit before. It proves they're smart with money. But US citizens have to roll money between credit cards monthly.
The VC in the US mainly existed because interest was so low that money was easy to throw around and see if it stuck. That's no longer the case but these companies are from the time it was.
I don't think we should try to become another America. We don't want unconstrained ratrace capitalism here. And we can never out-US the US (even though China does manage to do that). We should just make alternatives in our own way. Solid with good foundations, play the game by our rules not someone else's.
ay · 57m ago
There’s a “EU Inc” initiative which is aiming to fix things. Fingers crossed.
They would also need to reform other rules such as bankruptcy.
nabla9 · 2m ago
This is relatively common. It's the same with weapons and weapons systems.
robertclaus · 13m ago
This very much confused me. Isn't the idea behind this movement that Europe doesn't want to be dependent on external companies for critical infrastructure? Won't this just be the equivalent of a shell company completely dependant on Amazon in the US for any future fixes or R&D?
ManBeardPc · 19m ago
If the development is not happening in the EU it is not sovereign. It is a proprietary solution controlled by an US company. If they pull the plug the EU cloud will not receive security updates nor bugfixes or they simply revoke their licenses. Operating in Europe and by Europeans is not enough.
timrogers · 1h ago
Interestingly, the title refers to citizens but the body only refers to residents:
> the AWS European Sovereign Cloud is operated only by personnel who are European Union (EU) residents located in the EU, subject to EU law.
anon191928 · 1h ago
it also says this in article "we are adding EU citizenship to our hiring requirements "
blitzar · 1h ago
> subject to EU law
Always was. Its telling that they think that they were not previously subject to EU laws when their EU subsidiary did business with someone located in the EU.
mschuster91 · 50m ago
> Its telling that they think that they were not previously subject to EU laws when their EU subsidiary did business with someone located in the EU.
The key thing is, at the moment US staff can do admin actions (e.g. SSH into physical hosts). Under this new framework, they can't.
Teocali · 25m ago
As long as one US employee of Amazon has access to this cloud, this cloud is not sovereign.
fimdomeio · 1h ago
This sounds so weird. Is there a legal requirement for this?
Does this offer any type of real protection? Or is there a code of conduct that that intelligence agencies never hire people with foreign nationalities?
skgough · 1h ago
It sounds like a natural expansion of AWS GovCloud offerings to me. Servicing the US government and it's contractors has been very lucrative for AWS. Taking that successful model into new markets makes sense.
croes · 41m ago
They just forget to mention that the CLOUD Act makes sovereignty impossible as soon as anything of the service is owned or operated by a US company.
Havoc · 22m ago
That’s certainly has some substance and thus seems like a good development
But ultimately it’s still very much a US hyperscaler.
Would US gov/US big biz entrust their data to huawei if they promise a similar us location based scheme? I think not
snihalani · 1h ago
I wonder if EU lawmakers know about HTTPS or SSL
Yizahi · 36m ago
They know and they are actively trying to dismantle them inside the EU by trying to mandate backdoors. They have already made two attempts in the recent years.
demarq · 48m ago
AWS should have never given an inch in this direction!
Actually, it is. It will operate as a subsidiary company based in Europe. That means it's 100% subject to European law, not American law. And being staffed by Europeans means they are immune to any US legal threats. I.e. the US can't compel a European employee to reveal data under a subpoena the way it could compel American citizens.
Amazon remains the owner and controls the technology, yes. But as long as things are encrypted correctly and the hardware is in Europe, the data is secure from the US government. Sure Amazon or any cloud provider could build a back door, but that will eventually be discovered whether by hacker or whistleblower and their reputation will be forever ruined and they'll lose all corporate and government business forever. It's not in Amazon's corporate self-interest to allow a back door like that.
As a subsidiary company, does Amazon retain operational control over that branch?
If so, it's subject to the CLOUD act, and therefore, not compatible with EU rules.
> Amazon remains the owner and controls the technology, yes.
So, basically, the answer is that the EU subsidiary is not independent. Consider Lavabit's story, the US admin would have no issue asking Amazon to trojanize their tech.
> their reputation will be forever ruined
That happened 20 years ago.
> It's not in Amazon's corporate self-interest to allow a back door like that.
They wouldn't have a say in the matter.
I'm assuming the CLOUD act is the entire reason why they're explicitly going with European-only staff.
That way Amazon can honestly say it has no operational control to violate EU law because there's no American employee they can command.
Operational control isn't all-or-nothing. European employees will do whatever Amazon tells them unless it breaks European law, in which case they won't. Amazon is intentionally setting it up in a way that it won't be able to do anything about that.
The only way this would work is if the European operation were truly independent & separately owned, no corporate control from the US. But I don't think that's what AWS is proposing.
IANAL/etc, but the subsidiary and the parent are different people (legal personhood). The US parent is only responsible for the EU subsidiary’s actions under US law to the extent it has effective control of them. If the parent tells the subsidiary to obey a US legal order, and the management of the subsidiary refuses on the grounds of EU law - then the management of the parent has done what US law requires them to do. The US management might consider firing the EU management and replacing them with new managers - but if the job requirement is “must be willing to break local law”, nobody with an appropriate background is going to apply, so if they fire them they won’t be able to replace them, hence they are legally justified in not firing them.
It is normally true that a wholly-owned subsidiary just does whatever the parent’s executive management demands, but this is one of the rare cases where that generalisation breaks down. (If we consider non-wholly-owned subsidiaries, it becomes a much more common thing.)
No, that's the whole point of this setup. Amazon will not be violating US law when its European subsidiary says no, we won't respond to your subpoena. It would be if Amazon USA owned the European data centers directly and employed American workers. But it will do neither. The US courts can't compel companies to do things they have no legal authority over. It doesn't matter that Amazon owns the subsidiary -- fundamentally, the subsidiary is a foreign entity.
Already was - I pay Amazon Web Services EMEA SARL ("AWS Europe") an entity established in Luxembourg.
> That means it's 100% subject to European law.
Always have been. What is it with tech companies thinking the law doesn't apply to them because muah internet?
> US can't compel a European employee
Courts compel companies not employees, companies get fined and CEOs go to jail for failure to comply.
You should be ashamed of yourself for shilling for this shit. Curtis Yarvin would be proud.
That said, being fully European doesn't guarantee anything either. They'll just bribe some employees or use an allied intelligence agency within the EU.
"AWS rescined my offer due to the lack of citizenship"
"At the beginning of June, I had the opportunity to interview at AWS for a Systems Engineer position (working on the EU Sovereign Cloud project)."
I'm wondering if someone could sue them for "deceptive marketing statement" under European law.
Sadly a lot of company will pretend to believe the marketing of aws to have an excuse to use aws and pretend to be using a safe sovereign cloud.
Also, I have doubt that the European employees and entities with all access and review to source code, and everything. It will probably be European technician running black box servers in an European data center.
and pay a premium for the pleasure of course
https://www.theregister.com/2025/07/25/microsoft_admits_it_c...
(Before hitting ‘add comment’ I’m taking a moment to consider if I’m being overly cynical. But no, I really don’t think I am. But my company does compete with AWS, so that is a bias.)
It would be a dumb move though because they need a worldwide CDN for customers from other countries outside the EU too.
https://news.ycombinator.com/item?id=43465403
But there _is_ also an attitude difference. In terms of willingness to take risks and innovate, the USA does do very well for itself, and I think the UK does ok too. But that cannot be said for the EU countries I’ve lived in. Stable reliable long term safe jobs seem to be more the name of the game, and starting a company is seen as a big and risky commitment. Whereas in the US and UK you can start a company in your lunch break.
It is a generalisation, and I’m part of a wonderful entrepreneurial community here in Munich. But even there everyone says how risk averse European businesses are. I really really wish it wasn’t true.
Sincerely, someone in Canada who did this.
The problem is firing someone in Germany, which can be pretty difficult once a company exceeds 5/10 employees. You basically need either cause (e.g. sabotage, theft, other criminal activity) or the company needs to be in dire economic situations.
To compete, other countries need their own VC system which is a bit tricky. It requires likely a level of government funding or other incentives to get it off the ground and ramping up. Then also, you need to incentivize VCs to stay in your country.
At least my 2cents.
Here in Europe the best credit rating is for the person who's never needed a loan or credit before. It proves they're smart with money. But US citizens have to roll money between credit cards monthly.
The VC in the US mainly existed because interest was so low that money was easy to throw around and see if it stuck. That's no longer the case but these companies are from the time it was.
I don't think we should try to become another America. We don't want unconstrained ratrace capitalism here. And we can never out-US the US (even though China does manage to do that). We should just make alternatives in our own way. Solid with good foundations, play the game by our rules not someone else's.
https://www.eu-inc.org/
> the AWS European Sovereign Cloud is operated only by personnel who are European Union (EU) residents located in the EU, subject to EU law.
Always was. Its telling that they think that they were not previously subject to EU laws when their EU subsidiary did business with someone located in the EU.
The key thing is, at the moment US staff can do admin actions (e.g. SSH into physical hosts). Under this new framework, they can't.
But ultimately it’s still very much a US hyperscaler.
Would US gov/US big biz entrust their data to huawei if they promise a similar us location based scheme? I think not
Appeasing a nationalists appetite is impossible.