Oracle launches EU Sovereign Cloud that keeps data within Europe

Oracle launches EU Sovereign Cloud that keeps data within Europe

Oracle is launching a cloud infrastructure exclusively for use within EU member states in July. EU Sovereign Cloud will operate first from data centers in Frankfurt and Madrid.

GDPR legislation often rears its head for tech companies. While the EU is dishing out fines, the industry is struggling to ensure compliance. This is because it stipulates that European user data cannot leave the continent. EU Sovereign Cloud should remedy this problem. The service will not immediately have all the features Oracle likes to offer but is a crucial step toward the kind of data processing that should be the norm within Europe.

According to Oracle VP of Products & Strategy Leo Leung, the giant fine Meta recently received (€1.2 billion) for siphoning EU data to America shows what happens when a company is careless with data regulation.


EU Sovereign Cloud remains connected to the Internet but has no contact with the Oracle Cloud Infrastructure. Eventually, all Oracle products should be available through the EU Sovereign Cloud route, making compliance much more feasible. This is unique, Leung argues. “It has all the same commercial cloud services so there’s no penalty for running it. It has been designed to protect against data being taken outside of the EU.”

Among the customer base, Oracle expects government agencies and strictly regulated industries to be interested in it. For example, it thinks banks, healthcare and telecom will be pretty keen on it.

However, there are some drawbacks to using EU Sovereign Cloud over conventional Oracle services. For example, not all Fusion applications will be available immediately upon launch. In addition, all applications in use must be migrated to the new service.

Key management

The EU Sovereign Cloud is not the only thing Oracle is presenting. It also comes with OCI External Key Management allows customers to encrypt data with keys created outside OCI, making security much harder to crack. Likewise, there is OCI Dedicated Key Management, a hardware security module within OCI on a single-tenant basis. Again, this is wholly driven by the customer.