MICKAI
Article · 4 July 2026

Under Oath, They Said They Could Not Say No. That Sentence Is the Whole Market

Microsoft France told the French Senate under oath it cannot guarantee EU data will never reach US authorities. A sovereign region improves the engineering. It does not close the legal gap. Ownership does.

Under Oath, They Said They Could Not Say No. That Sentence Is the Whole Market
Author
Micky Irons
Published
4 July 2026
Follow Micky Irons
LinkedInX
sovereigntyCLOUD Actsovereign clouddata residencyregulated industries

By Micky Irons

On 10 June 2025, a Microsoft France executive sat before a French Senate committee, under oath, and was asked a plain question. Could the company guarantee that data belonging to French citizens, held in a French sovereign region, would never be handed to United States authorities? The honest answer, repeated and reaffirmed through 2026, was no. They could not guarantee it.

I want to sit with that for a moment, because I think most of the coverage skimmed past the important part. This was not a leak. It was not a hostile analyst report. It was the provider itself, on the record, declining to promise something buyers had assumed they were already paying for. When the person selling you sovereignty tells a parliament under oath that they cannot promise sovereignty, the marketing and the reality have visibly parted ways.

That sentence, we could not say no, is the whole market. Everything else is detail.

Why they could not say no

The reason is structural, not technical. The US CLOUD Act lets American authorities compel a US-domiciled company to produce data in its possession, custody, or control, regardless of where in the world that data physically sits. Encryption at rest, a datacentre in Paris, a French-badged subsidiary, a local operating partner: none of these change the ownership chain. If the ultimate parent is subject to US jurisdiction, the parent can be ordered to reach into the subsidiary and produce.

So when Microsoft France answered honestly, they were not being evasive. They were describing the law they operate under. A French sovereign region genuinely improves a lot of things. It improves data residency, latency, local operational staffing, and resistance to casual access. Those are real engineering gains and I will not pretend they are nothing. But an engineering improvement to a datacentre does not rewrite the jurisdiction its owner answers to. The gap that stays open is legal, and you cannot close a legal gap with a better rack layout.

This is the honest version of the argument, and I insist on the honest version. I am not going to tell you that European institutions are legally barred from using US cloud. They are not. Almost every regime that governs regulated data, including GDPR, DORA, the FCA and PRA rulebooks, the EBA guidelines, and the NHS Data Security and Protection Toolkit, permits cloud with the right controls. The genuine no-cloud bar exists only at the workload level: classified material at SECRET and above, ITAR-controlled defence data, isolated OT and SCADA environments, and cases where a data protection impact assessment comes back negative. Most workloads are not those workloads.

So the market does not rest on prohibition. It rests on preference. And the preference is about control.

Control is the thing you are actually buying

Strip away the acronyms and a sovereignty decision comes down to one question. When a foreign authority issues a compelled-production order for data you are responsible for, who gets to answer, and what can they say?

In the US sovereign cloud model, the honest answer, given under oath, is that the provider cannot guarantee a no. The decision is not yours. It sits several corporate layers above you, inside a legal system you do not vote in and cannot appeal to.

There is exactly one structure where the answer is genuinely no, and it is not a contract clause. It is ownership. If the system runs inside your own walls, on hardware you control, with no foreign parent holding the keys, then there is no third party who can be compelled, because there is no third party in the possession chain at all. A subpoena served on Microsoft cannot reach a system Microsoft does not operate. That is not a stronger promise. It is the removal of the party who would otherwise have to make the promise.

This is why I built Mickai the way I did.

Classical marble scene, Atlas, gold rim light on void black

What we built, and why the shape matters

Mickai is a Sovereign Intelligence Operating System. A SIOS is not an app you rent and it is not a region you are assigned. Regulated organisations own it and run it inside their own walls, air-gapped where they need to be, with a cryptographically-signed audit record generated on every action the system takes. When your legal team is asked who can be compelled to hand over the data, the answer is nobody outside this building, because nobody outside this building has it.

That single design choice changes the answer to the Senate question. If a French ministry or a UK trust runs Mickai on its own infrastructure, there is no US parent, no operating-under-licence arrangement, and no offshore possession to compel. The subpoena has nowhere to land. The audit trail, signed at the point of action, means the organisation can also prove exactly what the system did and did not do, which is the other half of sovereignty that people forget: not just keeping data in, but being able to demonstrate control to a regulator afterwards.

The intellectual property under this is real and it is documented. We have 104 UK patent applications on file, roughly 2,340 claims across 13 families, with the named inventor Mickarle Wagstaff-Irons, and they are moving through toward examination and grant. Those filings describe the sovereign runtime, the signed audit substrate, and the isolation model. I frame the moat by what the filings contain, because that is the honest frame.

The size of the preference

If the market were only the workloads with a genuine workload-level no-cloud bar, it would be a niche. It is not. The register-backed sovereign market we model is around 16,092 institutions across the UK and EU: 7,933 regulated core organisations plus an 8,159 large-private adjacency that wants the same control for commercial reasons. The broader enterprise-AI-platform software category that this sits inside runs, on Verdantix numbers, from about USD 13 billion in 2024 to USD 50.3 billion by 2030, which is roughly £11.7 billion to £39.7 billion. That is not a prohibition market. It is a preference market, and preference markets at that scale are where the durable businesses get built.

The Senate testimony did not create this demand. It just made it impossible to ignore. Every procurement officer who read that transcript now has to explain, in writing, why they accepted a provider who told a parliament under oath that they could not say no.

Classical marble scene, Atlas, gold rim light on void black

The takeaway

Sovereign cloud is a genuine improvement and I will not dismiss it. But an improvement is not a closure. As long as the parent is US-domiciled, the CLOUD Act gap stays open, and the provider's own sworn answer to whether they can guarantee otherwise is no. If your requirement is control, if you need to be the one who answers a foreign subpoena and can say no and mean it, then the only structure that delivers that is ownership inside your own walls. That is not a slogan. It is the one place the law leaves you standing on your own ground.

Frequently asked questions

Does the CLOUD Act mean European institutions cannot legally use US cloud?

No, and I want to be precise about this. Almost every regime, including GDPR, DORA, the FCA and PRA rules, the EBA guidelines, and the NHS DSP Toolkit, permits cloud with the right controls. The genuine no-cloud bar applies only to specific workloads such as classified material, ITAR-controlled data, and isolated OT systems. The wider market is driven by preference for control, not by prohibition.

Does a French or European sovereign region fix the problem?

It fixes a lot of engineering problems: residency, latency, local staffing, resistance to casual access. It does not fix the legal one. If the parent company is subject to US jurisdiction, the parent can be compelled regardless of where the datacentre sits, which is exactly what Microsoft France told the Senate under oath.

How is Mickai different from a sovereign cloud region?

Mickai is a Sovereign Intelligence Operating System that you own and run inside your own walls, air-gapped where needed, with a cryptographically-signed audit record on every action. There is no foreign parent in the possession chain, so there is no third party to compel. The answer to a foreign subpoena becomes genuinely no because the data never left your control.

Is this just marketing, or is the technology real?

It is built and it runs. The design is backed by 104 UK patent applications, around 2,340 claims across 13 families, named inventor Mickarle Wagstaff-Irons, now moving toward examination. The filings describe the sovereign runtime, the isolation model, and the signed audit substrate.

If you want to go deeper, we have written more on the sovereignty preference market and why owning your intelligence layer beats renting it, on how the signed audit record satisfies a regulator after the fact, and on where the genuine workload-level no-cloud bar actually applies. Those three together explain the whole shape of what we are building.

Micky Irons, founder and CEO, Mickai LTD

Subscribe
Get every new Mickai article by email.

Long-form essays on sovereign AI from Micky Irons. One email per article. No tracking, no marketing, no third parties. Every email includes a one-click unsubscribe link.

Prefer RSS? Subscribe at /articles/feed.xml.

Originally published at https://mickai.co.uk/articles/microsoft-under-oath-cloud-act-sovereignty-gap-owned-systems-close. If you operate in a regulated sector or want sovereign AI on your own hardware, the audit form on mickai.co.uk is the entry point.
More articles
4 Jul 2026
Alex Karp Is Right: You Are Paying For Tokens You Cannot Audit
Alex Karp said hosted-AI vendors capture your data and bill you for unproductive tokens that create no value. He is right. We built Mickai so regulated organisations own the substrate instead of renting it, with a signed audit record on every action.
4 Jul 2026
The EU Just Pushed High-Risk AI to December 2027. Here Is What We Are Building Instead of Waiting
The Digital Omnibus provisional agreement moves the EU AI Act high-risk deadlines from August 2026 to December 2027. Most coverage frames the delay as relief. We frame it as the window to own your compliance stack outright, so you are compliant on day one in 2027 instead of retrofitting logging, oversight and traceability under a live deadline.
4 Jul 2026
Article 50 Lands in August: Machine-Detectable AI Provenance, and Why We Sign It At Source
Article 50 makes synthetic content machine-detectable from 2 August 2026, and the draft Code of Practice names C2PA as the route. We bind Content Credentials to the cryptographically-signed audit record Mickai writes on every action, so provenance is produced at source inside your own walls, not bolted onto a cloud API afterward.
4 Jul 2026
Schrems III Is Coming. Do Not Bet Your AI Pipeline on an Adequacy Decision
A single US Supreme Court ruling has put every AI stack that routes personal data to a US processor back on the wrong side of legal certainty. We explain why the Data Privacy Framework is now shaking, why a third adequacy invalidation is a live risk, and why owning your inference in-territory is the only hedge that does not depend on how Brussels or Luxembourg rules.