How can companies maintain control over their data when it is stored, shared, and edited in the cloud? Data location, contracts, and general security claims all sound reassuring. But they don’t fully answer the question that ultimately matters: who can actually access and control the data in practice? This article explains why data sovereignty requires technical safeguards – and which criteria truly matter when selecting cloud solutions that deliver real, enforceable control.

Today, personal and business-critical information – contracts, customer data, financial records, or confidential project documents – no longer resides on in-house servers. It moves across systems, clients, partners, and jurisdictions as part of everyday workflows. That’s what makes modern collaboration so effective: it’s faster, more connected, and more flexible. At the same time, it has reshaped what control over data actually means, particularly as regulatory requirements tighten worldwide.

Why data residency alone is not enough

To regain a sense of control, many organizations turn to familiar measures: choosing trusted providers, negotiating robust contracts, and ensuring compliance with regulations like GDPR.

Cloud providers actively reinforce this approach. European data centers, regional hosting, and contractual guarantees are widely positioned as safeguards - promising to keep data within clear legal boundaries.

This reflects how data sovereignty has traditionally been understood. In this model, control is tied to jurisdiction: where data is stored, which laws apply, and who is legally permitted to access it. Data residency plays a central role here. Storing data in the EU or Switzerland, for example, helps organizations align with regulatory requirements and limit legal exposure.

Where trust reaches its limits

These measures are essential and in regulated industries often mandatory. But they rely on one underlying assumption: that access to data can be governed through trust and rules.

What they don’t fully address is how cloud systems actually operate at a technical level. A provider may be contractually restricted from accessing data. Regulations may prohibit access. Yet if the system itself allows it, that capability exists – quietly in the background.

Now add another layer: global operations. Many cloud providers operate across national borders and are therefore subject to multiple legal jurisdictions. Even if they store data in Europe, laws such as the US CLOUD Act may still apply to them.

This is where the gap becomes visible: policies and regulations define who is allowed to access data. At the same time, it is not always transparent which laws ultimately take precedence. The key point is this: real control begins where access is technically impossible. Everything else is a form of risk management.

At the same time, achieving that level of control does not mean abandoning the cloud or building isolated infrastructure. In a connected world, that approach is neither practical nor efficient. The real challenge is how do you use the cloud without giving up control?

Data sovereignty requires technical guarantees

True data sovereignty begins where control no longer depends on trust. It is achieved when organizations retain verifiable, technical control over access to their data – independent of infrastructure, provider, or location. Thus organizations should take a closer look at the technical architecture of cloud solutions. The following questions help you cut through assumptions and reveal whether control actually holds.

1. Are files fully protected against unauthorized access?

If you’re handling sensitive data in the cloud, one thing matters above all: it must remain protected at all times – not just during transfer or storage. “We encrypt your data” is a common promise. But it does not explain whether data is ever decrypted during processing.

In many cloud setups, data is encrypted in transit and at rest but briefly decrypted in between – for example, when files are previewed in the browser, indexed for search, or processed for collaboration features. At those moments, data exists in plaintext and becomes technically accessible.

This is where true end-to-end encryption makes a difference. Content is encrypted directly on the user’s device before it is uploaded or shared. The encryption keys are generated and stored locally, under the user’s control. The server only ever receives encrypted data. There is no moment when the provider can access readable content.

2. Does the provider hold the encryption keys?

Encryption protects data, but control depends on who holds the keys. In many cloud architectures, providers retain access to encryption keys or manage them centrally. This allows them to perform operations like processing, support, or recovery. However, this also means they technically retain the ability to access customer data.

This is where the distinction becomes critical:

• Who is allowed to access data (based on contracts and policies)
• Who can access it (based on system design)

These are not the same thing. True data sovereignty depends on the second. With a zero-knowledge architecture, encryption keys are never available to the provider. Only the intended users can decrypt the data. As a result, access is not governed by trust, contracts, or policies: it is prevented by design. Even under legal request or cross-border pressure, the provider simply has no technical way to unlock the data.

3. Who controls how data is used and shared?

Preventing unauthorized access is only part of the equation, but what happens once access is granted? Think of a typical workflow: a file shared with a partner, reviewed by an external advisor, and passed between teams. Control often weakens at this stage, not because of breaches, but through routine collaboration. The real question is: how precisely can you define and enforce what others are allowed to do with your data?

In many tools, sharing is broad by default. Once access is granted, options to restrict usage are limited or difficult to manage over time. More robust approaches allow organizations to control access much more intentionally:

• defining exactly who can view, edit, or share content – and for how long
• protecting shared files with passwords, email notifications, watermarking, and more.
• revoking access instantly when needed

These capabilities turn access from a one-time decision into something that can be actively managed, enforced, and continuously updated.

4. Can you track and verify what happens to your data?

Even well-defined access rules don’t remain static. Teams evolve, projects end, responsibilities shift. Over time, access accumulates, and without visibility, it becomes difficult to keep track of what is actually happening. Who currently has access to this data and how has it been used? Without clear answers, control becomes hard to validate.

This is where traceability becomes essential. Features such as audit logs, versioning, and detailed admin reports make data usage transparent. This level of visibility does more than support compliance or audits. It allows organizations to continuously validate that control is still intact, not just assumed. In practice, this is what turns data sovereignty from a static policy into something that holds over time.

Data sovereignty by design

Working through these questions makes one thing clear: data sovereignty doesn’t come from a single measure, from location, contracts, or features in isolation. It comes from how control is built into the system. Tresorit combines three layers to make that control tangible in practice:

• Jurisdictional controls ground data in the right legal context, with residency options across the globe, from the EU and Switzerland to the US.
• Cryptographic protection ensures that only intended users can access content, using client-side end-to-end encryption and zero-knowledge architecture.
• Access governance defines how data is used in practice, with granular permissions, secure sharing controls, policies, and full auditability.

Tresorit refers to this combined approach as data sovereignty by design, ensuring that organizations control who can access, decrypt, and act on data, regardless of where it is stored or which infrastructure is used.

How sovereign is your cloud solution really? Download our practical checklist to evaluate step by step whether a provider relies only on data location and security promises – or truly offers full technical control over data, keys, access, and auditability.