360 Mozambique
Now Reading
Data Centers and Digital Sovereignty – an Increasingly Difficult Balance (Part II)
360 Mozambique
360 Mozambique

Data Centers and Digital Sovereignty – an Increasingly Difficult Balance (Part II)

23/12/2025
  • David Gonçalves • EY Partner Technology Consulting

The concept of digital sovereignty refers to the ability of countries and entities to control their digital assets. In the context of the cloud, these concerns mainly involve the location of sensitive data from citizens (who are increasingly aware of privacy risks), organizations, and government entities. It also raises issues of excessive technological dependence on foreign technology providers. Currently, only a small number of companies are considered global hyperscalers, with market share highly concentrated among three providers: AWS, Microsoft Azure, and Google Cloud.

For executives and policymakers, balancing the scale becomes a challenge: leveraging the enormous benefits global services can provide without compromising the strategic and legal autonomy of data. In response to this challenge, regulations initially emerged focused on controlling data transfers and access. Examples include rules issued by the EU, China, and the USA:

  • EU: Since 2018, the EU has developed a comprehensive approach to data sovereignty centered on GDPR, establishing strict controls on data residency, cross-border transfers, and corporate accountability.
  • China: The Personal Information Protection Law (PIPL) imposes strict controls on international transfers.
  • USA: The 2018 CLOUD Act (Clarifying Lawful Overseas Use of Data Act) illustrates tensions around sovereignty, as it allows U.S. authorities to access data stored abroad if controlled by a U.S. provider, which conflicts with the aforementioned regulations.

More recently, the EU and the U.S. developed the EU–U.S. Data Privacy Framework, aiming to align both regions to regulate transatlantic data flows, enhance citizen security, and reduce operational complexity for companies.

Additionally, strategic initiatives are emerging to bring together governments and private actors to mitigate sovereignty risks.

“For executives and policymakers, balancing the scale is a challenge: leveraging global service benefits without compromising strategic and legal data autonomy.”

One of the most emblematic initiatives is GAIA-X, launched in 2020 by a Franco-German consortium with EU support. GAIA-X seeks to build a federated ecosystem of interoperable, secure cloud services aligned with European standards of transparency, reversibility, and privacy. Rather than creating a European hyperscaler from scratch (currently considered unfeasible), GAIA-X connects different providers under common rules, avoiding power concentration in a single entity and ensuring that no participant—especially outside the EU—can compromise agreed standards. Essentially, it is a decentralized cloud architecture with European certification and governance, offering companies services fully compliant with EU laws.

Several countries have also launched sovereign cloud initiatives for sensitive public and strategic sector data. Private initiatives also respond to government requirements:

  • AWS European Sovereign Cloud: Data centers in multiple EU countries, operated only by European personnel.
  • Microsoft Data Boundary in the EU: Completed in 2025, ensuring customer data remains in Europe.
  • Google Cloud and Oracle: Similar offerings in partnership with local operators.

Developing countries face unique challenges in implementing digital sovereignty. In West Africa, digital divides hinder the collection, management, and local use of data. Infrastructure remains insufficient, resulting in low internet coverage and significant urban-rural disparities.

However, countries such as Ghana, Senegal, and Nigeria provide relevant examples:

  • Ghana: Proactive adoption of blockchain technologies to modernize and secure digital infrastructure.
  • Senegal: Leading initiatives including investment in “neutral” data centers.
  • Nigeria: As a fintech hub, incorporates dynamic economic and technological models.

It is important to note that data location alone does not ensure sovereignty. The central issue is defining who has access to information and addressing potential legal conflicts. Even with local legislation, practical constraints exist: constructing and operating data centers requires technical expertise and supporting infrastructure, such as power networks. For instance, in Ireland, electricity grid pressure led to a freeze on new data center connections in Dublin until 2028. Similarly, the Netherlands imposed moratoria on hyperscalers near Amsterdam. Balancing sovereignty requirements with energy and environmental constraints is essential.

Key questions arise: Can agility and sovereignty coexist? What can policymakers and business leaders do to address these challenges?

“In Mozambique, relevant steps have already been taken to create a balanced ecosystem. One example is the new cloud regulation.”

Coexistence is possible. While there is no exact prescription, several guiding principles can help shape a strategy:

  1. Recognize the cloud as a vital strategic asset.
    Governments and companies should view the cloud not as a threat but as a lever to increase innovation, agility, and competitiveness. Investment in specialized know-how is essential.
  2. Formulate calibrated public policies.
    Policies should protect national rights and interests without creating barriers to innovation. Overregulation can stifle growth without preventing external dependence.
  3. Establish robust data governance strategies defining sovereignty/critical data.
    Identify data categories that, if exposed or controlled by third parties outside jurisdiction, could affect national security, essential services, economic stability, fundamental rights, or key competitive advantages for companies.
  4. Define technical guidelines for resilient architectures.
    Reference guidelines setting high resilience standards help governments and private entities design architectures aligned with sovereignty needs.
  5. Plan long-term strategies while allowing for continuous adjustment.
    Technology evolves rapidly, and geopolitical contexts change. Conditions must be in place to understand these shifts and respond effectively.
  6. Support collaborative initiatives.
    Collaboration is not a weakness but a way to combine skills and resources for innovation. Autonomy does not mean closing digital borders—it is the ability to decide how and where to process data.

In Mozambique, steps already include:

See Also
Technology and Cybersecurity Threats: Absa Bank’s Commitment to Secure Innovation

  • Finalizing new cloud usage regulations by INTIC for adoption across sectors.
  • Opening world-class Tier 3 data centers in multiple regions.
  • Creating the Ministry of Communications and Digital Transformation.

Further investment is needed to meet local needs and remain competitive regionally. In Africa, South Africa leads as a hub with over 40% market share in networks and data centers, hosting major hyperscalers and direct submarine cable connectivity. Kenya and Nigeria are rapidly investing in data centers and special economic zones to attract foreign investment, accelerating digitalization and lowering data traffic costs.


The convergence of data centers, cloud computing, and data sovereignty represents one of the most complex challenges of the digital era. While data centers remain critical digital infrastructure, concerns over sovereignty are reshaping how governments and organizations store, process, and govern data. The digital future requires a governance model balancing global connectivity benefits with legitimate national and organizational control over critical data. This model must consider technical, economic, infrastructure, geopolitical, security, and individual rights factors.

The ideal balance is not static: it requires continuous adjustment as technology evolves and geopolitical contexts shift. By recognizing the cloud as a strategic asset and actively ensuring it is reliable, secure, and inclusive, digital transformation can reach its full potential.

Mozambique has a promising role to play, provided there is strategy and sustained investment. Key priorities include:

  • Strengthening public-private partnerships to consolidate and expand data center and cloud services, integrating Mozambique into interoperable regional ecosystems.
  • Expanding fixed and mobile connectivity via co-investment in national fiber networks and international links, as well as mobile coverage.
  • Accelerating cloud and data protection regulations to attract investment supporting innovation under international standards.
  • Maximizing submarine cables and new infrastructure to boost connectivity, reduce latency, and lower digital operating costs.
  • Investing in digital skills and workforce development, addressing social and technological adoption barriers.
  • Leveraging generated demand to develop related infrastructure, such as electricity, using both public funds and incentives for cloud and data center providers investing in renewable energy and environmental efficiency.

SUBSCRIBE TO GET OUR NEWSLETTERS:

Scroll To Top

We have detected that you are using AdBlock Plus or other adblocking software which is causing you to not be able to view 360 Mozambique in its entirety.

Please add www.360mozambique.com to your adblocker’s whitelist or disable it by refreshing afterwards so you can view the site.