100%
GRIMOIRE
GrimoireDindon CorpusSynthesis VolumesThe Foundation of Iron
FRENAR
RATIO
STRUCTURAL STUDY · OPÉRATION DINDON · JUNE 2026
◆◆◆
THE DIGITAL GROUND
Where the datacentres are, who decides, who pays
◆ CONTEXT

The Opération Dindon corpus covered contractual dependence on hyperscalers, semiconductor dependence, training and competence recognition. It had not addressed the physical and geographical dimension: where European datacentres are, who owns them, what legal constraints apply to the data they hold. This study fills that blind spot.

◆◆◆
Amine RAITI · Infrastructure Architect & SRE
Public document · CC BY-NC-SA 4.0 · AI Powered by Amine · Opération Dindon
RATIO
1
SECTION 1 · THE MAP
AMSTERDAM, FRANKFURT, DUBLIN — THREE HUBS, ONE DEPENDENCE

The geography of datacentres in Europe is not neutral. It results from fiscal, energy and political decisions that have directed investment towards certain territories. Three zones concentrate the bulk of capacity: the Amsterdam-Frankfurt corridor (AMS-IX and DE-CIX internet exchange nodes), Ireland (European headquarters and datacentres of American hyperscalers), and the Nordic countries (abundant energy, natural cooling, attractive tax regimes).

◆ WHY IRELAND BECAME EUROPE'S DATACENTRE

Ireland hosts the European datacentres of Google, Meta, Amazon, Microsoft and Apple. Not for any particular technical quality of its soil — but for its 12.5% corporate tax rate, which attracted the European headquarters of hyperscalers, bringing their datacentres in their wake. Data from hundreds of millions of Europeans thus flows through infrastructure physically located in Ireland, subject to the European GDPR, but operated by American companies subject to the CLOUD Act.

◆ THE CLOUD ACT: THE LAW THAT FOLLOWS DATA

The CLOUD Act (2018) authorises US authorities to demand access to data held by American companies, regardless of where it is physically stored. An AWS datacentre in Dublin hosting a French SME's data is simultaneously subject to GDPR and the CLOUD Act. In case of conflict between the two, the legal answer remains uncertain. This uncertainty is structural, not accidental.

◆ NASSIHA — WHAT GDPR DOES NOT RESOLVE

GDPR compliance does not immunise data against a US DOJ request based on the CLOUD Act. Both regimes apply simultaneously — and their interaction is not resolved by current international law.

RATIO
2
SECTION 2 · OWNERSHIP, OPERATION, CONTROL
THREE LEVELS THAT DO NOT ALWAYS COINCIDE

The question "who owns European datacentres" breaks down into three distinct levels: ownership of the building and land, technical operation of the infrastructure, and control of the data flowing through it. A datacentre can be physically on European soil, operated by a European subsidiary, and yet subject to extraterritorial control by an American parent company.

◆ SOVEREIGN EUROPEAN ACTORS: A SHORT LIST

OVHcloud, Hetzner, Scaleway, Data4 — actors who both own and operate large-scale datacentres under European control are few. The vast majority of public cloud capacity in Europe is operated by AWS, Azure and GCP — American legal entities, subject to the CLOUD Act, whatever the physical location of their servers.

◆ THE INTERXION ACQUISITION BY DIGITAL REALTY — $8.4 BILLION (2020)

Interxion was the leading independent European neutral datacentre operator (colocation). Its 2020 acquisition transferred ownership and control of critical European infrastructure to an American company. An ordinary commercial transaction — but one that illustrates the mechanism by which European digital infrastructure sovereignty erodes not through conquest, but through acquisition.

◆ THE SAME MECHANISM AS VOLVO

"The Mastery of Iron" documented how Volvo was acquired by Geely — not through a hostile act, but through the absence of an industrial policy. Europe does not lose its datacentres through expropriation. It cedes them through a lack of strategic digital asset protection policy.

RATIO
3
SECTION 3 · ENERGY AS A STRATEGIC VARIABLE
THE DATACENTRE IS AN INVERTED POWER STATION

A medium-sized datacentre consumes as much electricity as a city of 50,000 inhabitants. This consumption is both a siting constraint and a political lever. The Nordic countries won the hyperscaler datacentre competition precisely because they built attractiveness policies around energy: abundant, cheap, low-carbon hydro and nuclear power; low ambient temperatures allowing natural free cooling.

◆ FRANCE: AN AMBIGUOUS POSITION

France has real assets — low-carbon nuclear electricity, dense fibre, a market of 67 million people. But it has not developed a coherent policy of attractiveness and protection simultaneously. It attracted hyperscaler datacentres (AWS Paris region) without demanding in return any commitments on public data localisation, technology partnerships with French actors, or contributions to fibre infrastructure financing.

◆ SUBMARINE CABLES: THE INVISIBLE INFRASTRUCTURE

Datacentres are connected to each other and to the rest of the world by submarine fibre optic cables carrying 99% of international internet traffic. Since 2010, American hyperscalers own or co-finance a growing share of this capacity. In 2022-2023, several cables were severed in the Mediterranean and Baltic in unexplained circumstances — revealing a real, exploitable physical vulnerability that is nearly impossible to protect across thousands of kilometres of ocean.

◆ NASSIHA — SOVEREIGNTY IS NOT AUTARKY

Preserving sovereignty over data and infrastructure does not mean expelling hyperscalers. It means ensuring dependence remains reversible. Reversibility is the true metric of sovereignty — not the absence of dependence, but the absence of irreversible dependence.

RATIO
4
SECTION 4 · BETWEEN ATTRACTIVENESS AND SOVEREIGNTY
A TENSION EUROPE HAS NOT RESOLVED

Europe faces a real tension between attracting hyperscaler investment and preserving sovereignty over its data and infrastructure. These two objectives are not incompatible — but articulating them requires an explicit policy that most Member States have not formulated. The intra-European competition to attract datacentres pushes each country to offer more without demanding anything in return — a negative-sum game for collective sovereignty.

◆ GAIA-X: THE DILUTED AMBITION

GAIA-X, launched in 2019 as a European sovereign cloud initiative, was progressively diluted by the integration of hyperscaler members — AWS, Azure and GCP are GAIA-X members and influenced its standards in a direction favourable to their interests. Its partial failure is instructive: digital sovereignty is not built by including the actors one seeks to emancipate from.

◆ SITING CONDITIONS AS A NEGOTIATION LEVER

A state hosting a hyperscaler datacentre has a unique negotiation moment — before the building permit, before the electrical connection, before the tax benefits. This moment is rarely used to demand sovereignty counterparts: EU localisation of public data, training of local technicians, third-party access for European actors, non-unilateral application of extraterritorial legislation to European data. These counterparts are negotiable. They are neglected because states compete with each other.

◆ NASSIHA — INTRA-EUROPEAN COMPETITION IS THE REAL PROBLEM

As long as Ireland can attract AWS datacentres by offering 12.5% corporate tax and France cannot oppose this without a European agreement, fiscal and regulatory European coordination is the prerequisite for any coherent digital sovereignty policy. Without it, each state plays alone against hyperscalers who play collectively on a global scale.

RATIO
5
SECTION 5 · WHAT THE SRE NEEDS TO KNOW
GEOGRAPHY IN ARCHITECTURE DESIGN

The geography of datacentres is not a geopolitical abstraction reserved for policymakers. It is an architectural constraint that every SRE must integrate into their deployment decisions. Where is the data? Under which jurisdiction? What are the latency times between regions? What are the connectivity disruption scenarios? These are not optional questions — they are structural.

◆ LEVER 1 — KNOW THE LEGAL ORIGIN OF INFRASTRUCTURE USED

Every SRE deploying on public cloud should know: what is the legal entity operating this cloud in the relevant country, is it subject to the CLOUD Act, what are the data localisation clauses in the service contract. This information should appear in every infrastructure risk analysis — alongside the availability SLA or backup policy.

◆ LEVER 2 — DESIGN FOR GEOGRAPHIC RESILIENCE

A resilient architecture does not only distribute load between availability zones (AZ) of the same provider in the same country. It considers resilience across distinct providers, distinct countries, and distinct legal regimes. Multi-cloud and multi-jurisdictional are not the same thing — but the combination of the two is true geographic resilience.

◆ LEVER 3 — INTEGRATE SUBMARINE CABLES INTO CONTINUITY PLANS

A BCP/DRP that does not model the submarine cable severance scenario affecting connectivity between regions is an incomplete plan. These incidents are documented, recurring, and slow to repair. The architectural response — backup routing, local cache, graceful degradation — must be prepared in advance, not discovered during the incident.

RATIO
6
SECTION 6 · THE PROPOSAL
THE DIGITAL GROUND AS A STRATEGIC ASSET

The proposal of this study is to treat the digital ground — the physical location of datacentres, the cables connecting them, the energy powering them — as a strategic asset on a par with agricultural land or the railway network. This is not nationalisation. It is the recognition that the physical infrastructure of digital is a critical infrastructure that deserves explicit governance.

◆ MEASURE 1 — MAP AND PUBLISH GEOGRAPHIC DEPENDENCE

Each Member State should publish an annual inventory of datacentre capacity on its territory: owner, operator, volume, energy consumed, legal origin of controlling entities. This transparency does not exist today. It would allow citizens, regulators and businesses to assess their real exposure to extraterritorial legal risk.

◆ MEASURE 2 — CONDITION TAX BENEFITS ON SOVEREIGNTY COMMITMENTS

Any tax benefit or administrative facilitation granted to a hyperscaler datacentre should be conditional on verifiable commitments: EU localisation of public data, training of local technicians, third-party access for European actors, and non-unilateral application of the CLOUD Act to European data hosted in these datacentres.

◆ MEASURE 3 — PROTECT SOVEREIGN EUROPEAN ACTORS

OVHcloud, Hetzner, Scaleway and their European equivalents deserve explicit preference in public procurement — not out of protectionism, but for consistency with a stated digital sovereignty policy. A state that preaches digital sovereignty while hosting its data on AWS is not practising sovereignty — it is talking about it.

◆◆◆

The digital ground is not an abstraction. It is concrete, cable, electricity and law. Whoever controls these four elements controls the infrastructure. Not the contract. The ground.

◆◆◆
NEMO SUPRA LEGEM EST