Skip to content

Is it still safe to use American Cloud Services?

Nearly every customer we speak with about their cloud journey is asking the same two questions: “What is Trump doing?” and “What should we do now?” It’s completely understandable that leadership teams are concerned about their continued reliance on American cloud services in their business – especially during uncertain geopolitical times. But what actions should you actually take?
6/23/25 2:43 PM Peter Odgaard-Jensen

Take emotions out of the equation 

When we’re asked for advice and perspective in times like these, we always start by removing political opinions and emotional responses from the analysis. Dealing with political tornadoes is a task for politicians and diplomats – not IT leaders. 

In our experience, executive teams are often overwhelmed with fragmented and sometimes conflicting information. They struggle to find a clear path forward that they can align around. That’s why we focus on surfacing facts over feelings – though admittedly, that’s easier said than done in an age of algorithm-driven headlines and rapid opinion-sharing across platforms. 

The Cloud Spectrum of Concern  


To help bring clarity, we’ve developed the Cloud Spectrum of Concern – a practical model designed to assess the current climate using as many verifiable facts as possible. 

Yes, it’s clear that we’ve moved beyond the “business-as-usual” stage. But based on our analysis, we’re still very much in the green when it comes to the overall balance of benefits vs. risks in using American cloud services.

The-Cloud-Spectrum-of-Concern

What about legislation or security shifts?

For now, the short answer is no.  

The EU Data Boundary ensures that data from the EU and EFTA will not be stored or processed outside Europe, and (for now) there are no reports that this is about to change. 

In fact, major American tech providers have repeatedly protected their customers' rights to data privacy. For example: 

  • Apple has refused to share source code with law enforcement and denied government access to its systems. 
  • Microsoft shares twice a year how many government requests for data access they have had and their response. Over the last more than 10 years, Microsoft has shared customer data three times in situations where law enforcement attempted to stop global crime networks. 

In short, US tech companies know that their long-term credibility and market position depend on their ability to remain politically neutral and uphold user trust. 

In Denmark, the Attorney General has investigated the risks of using Microsoft 365 and concluded that:  

"The assessment concludes that there are a number of risks that can be mitigated with effective measures, so the overall risk is assessed to be low to medium for the registered parties, which is considered satisfactory.” (Source)

Could new tariffs impact Cloud services? 

So far, the answer appears to be no. 

EU trade organizations continue to report that conversations and negotiations with their US counterparts are ongoing, which is good. If the EU imposes a standard tariff on American goods, it will likely not affect EU-based subsidiaries unless the EU is creative in its implementation. We believe that "money talks" and that it is likely that US tech companies will absorb any increase in end-customer pricing to maintain their foothold in the EU market.

So, what should you do? 

Here’s our practical advice: 

  1. Start with a risk assessment

This is the foundation of everything. Understanding where your real vulnerabilities lie allows you to prioritize and act with clarity. We offer structured assessments that help our customers identify and prioritize where to mitigate and how. 

  1. Create a contingency plan

We recommend creating a contingency plan. This plan is the first step toward gaining a structured overview of which actions need to be taken, in what order, and by whom, in the event of a crisis that requires a response. We do not have a formal offering in this area, but we are familiar with Gartner’s framework, which we believe is well-structured and useful. 

  1. Protect your data

For Microsoft365 we recommend adopting Microsoft Purview for data classification, information protection, and security compliance. We have several customer cases and a solid and comprehensive set of Purview offerings.  

For infrastructure, we advise adopting a hybrid cloud strategy – where data is stored on-premises or in a sovereign cloud (when available in your country). This is another area where we have deep expertise, real-world experience, and scalable capacity.  

 

Do you need help?

If you need help navigating the complexity or want to reassess your cloud position, let’s talk - we’re here to help. 

Contact us here.

Peter Odgaard-Jensen
Business Unit Director, twoday Cloud Platforms & Security

Sources: Kammeradvokaten & European Comission

Related posts