Delos Cloud vs. Stackit Workspace – Wolves in Sheep’s Clothing

The discussion around digital sovereignty in Germany and Europe is in full swing. Few other topics are currently being driven as strongly by politics, administration, and business alike. The demand is clear: Europe should become more independent, especially from the major American hyperscalers – namely AWS, Microsoft Azure, and Google Cloud.

However, while the term “sovereignty” gains weight in public communication, it loses substance. The buzzwords sound like control, autonomy, and data protection. The reality often looks different.

Two prominent examples illustrate this particularly well: Delos Cloud and Stackit Workspace. Both are marketed as “sovereign alternatives” to the well-known cloud and collaboration services from the USA. Both are specifically aimed at public administration, authorities, and companies with high Compliance requirements. And both suggest offering a European, trustworthy solution.

Upon closer inspection, however, these offerings are rebrands – technically and structurally closely tied to the original US platforms. What initially appears to be a sovereign product is, in fact, a licensing and integration model that continues the same proprietary dependencies Europe wanted to overcome.

Political Pressure Grows – and Creates Quick Answers

The motivation behind these initiatives is understandable. Since the end of the Privacy Shield agreement between the EU and the USA, there has been legal uncertainty regarding data transfer across the Atlantic. Added to this is the Cloud Act, which grants US authorities access to data from American companies under certain circumstances – even if this data is stored in Europe.

For authorities and public institutions, this means a dilemma: they need modern, collaborative tools and scalable infrastructures but are not allowed to process their data outside European jurisdictions without further ado. At the same time, Europe lacks equivalent alternatives that offer the same functionality and user-friendliness as the services of the hyperscalers.

In this context, offerings like Delos Cloud and Stackit Workspace emerge. They promise to combine the best of both worlds: the technological maturity of American platforms and the legal security of European locations. An understandable approach – but one with constructive weaknesses.

Delos Cloud – the “German Azure”

Delos Cloud is a subsidiary of SAP. The project is operated in close partnership with Microsoft. The goal is to offer public sector customers in Germany – especially the federal government, states, and municipalities – a “sovereign Microsoft cloud.”

The promise is: the same technology as Azure, but on German soil, operated by a European company under German law. In theory, this sounds like an elegant solution.

In practice, however, Microsoft retains control. The cloud is operated with Azure technology, the management interfaces, APIs, and management tools come from Redmond. The source code, software architecture, and update mechanisms remain in American hands. Even if physical servers are located in Germany, the software remains under US jurisdiction.

The crucial point: Microsoft is a US company – and thus subject to the US Cloud Act. This obligates US companies to provide data to US authorities upon request, which they “control,” regardless of the storage location. Delos Cloud may be legally anchored in Germany, but technically the data sovereignty remains dependent on an American provider.

This means: No real sovereignty, just legal acrobatics.

Stackit Workspace – the “German Google Suite”

Similarly, Stackit Workspace, an offering from the Schwarz IT Group, which also operates the cloud provider Stackit, is based on Google Workspace – but under a licensing and operational model that creates the impression of having created a European alternative.

The communication is clever: Stackit positions itself as a partner for “digital self-determination” and talks about a “sovereign workplace in the cloud.” But as with Delos Cloud, the reality falls short of the buzzwords.

Google provides the software, controls the further development, and has – at least technically – the ability to access all data. Again, the architecture is not European, but American.

It can be compared to a TV channel producing German versions of American shows. The title is localized, the format is Germanized, but the production rights remain in Hollywood.

Stackit Workspace and Delos Cloud are thus not expressions of European sovereignty, but the opposite: a formal legal translation of American platform logic into European sales models.

The Dangerous Comfort of Familiar Brands

The popularity of such offerings lies not only in their technology but also in the psychological effect. Authorities and companies already accustomed to Microsoft or Google hardly have to change their processes, interfaces, and training.

This conveys security – but it is the security of habit. You remain in the same ecosystem, with the same licensing structures, the same dependencies, and the same risks.

True independence is uncomfortable. It requires going new ways, learning new tools, and questioning existing routines. But that is the price of sovereignty.

What Sovereignty Really Means

Digital sovereignty is not a marketing term but an architectural principle. It means that an organization is always able to operate, move, or replicate its data, systems, and workloads independently – without the influence or permission of third parties.

This requires three things:

1. Transparency over technology – open interfaces, traceable software, documented processes.
2. Control over operations – the ability to manage infrastructure yourself or switch operators.
3. Portability of data and workloads – technical standards that enable migration.

None of these three prerequisites are met by Delos Cloud or Stackit Workspace. Both are proprietary ecosystems whose architecture does not belong to the customer but is only temporarily licensed.

The European Alternative Already Exists

Europe does not need to invent “its own hyperscalers” to be sovereign. The technology for this already exists – it is open, standardized, and widespread.

With Kubernetes, a universal standard for Container orchestration is available, supported by almost all cloud providers. Kubernetes abstracts infrastructure – it makes applications portable, independent of physical location or provider.

Based on this, sovereign platforms can emerge that deliver exactly what Delos Cloud and Stackit only promise: true control over data and systems.

ayedo and Loopback – Sovereignty Through Architecture, Not Rhetoric

With Loopback, the Managed Kubernetes offering from ayedo, companies and authorities can operate their workloads on any European cloud providers – dynamically, securely, and independently.

Loopback is not a rebrand of US technology but an independent platform based on open standards. It abstracts infrastructure and allows container workloads to be operated where they belong – whether at Plusserver, IONOS, Scaleway, Exoscale or in their own data center.

At the same time, ayedo supports the operation of sovereign open-source applications, including:

• Nextcloud for collaboration and file sharing
• OpenDesk, an open-source alternative to Microsoft 365 curated by the Center for Digital Sovereignty (ZenDis)
• Keycloak for identity management
• and many other services from the European open-source ecosystem.

This is not a theoretical construct but a functioning architecture.

Kubernetes as the operating system, Loopback as the orchestration layer, open-source applications as sovereign tools.

Why Open Standards Are the Better Protection

Sovereignty is not a state that can be contractually established – it arises through technical design.

Open standards prevent dependencies because they enable exchange. Proprietary systems prevent exchange because they create dependency.

Delos Cloud and Stackit Workspace are examples of the latter category. They do not replace hyperscalers; they only extend them – with a German label but the same DNA.

A sovereign path for Europe does not consist of locally labeling US products but in the consistent use of open technologies. Only in this way does control, transparency, and long-term independence arise.

Conclusion: Sovereignty Cannot Be Bought

The public administration in Germany faces a crucial choice. It can take the seemingly easy path and continue to rely on the “sovereign” clouds of American manufacturers – with familiar comfort but ongoing dependency. Or it can choose the more demanding but sustainable path: sovereignty through open standards, modular architectures, and European technology partners.

Delos Cloud and Stackit Workspace are wolves in sheep’s clothing. They promise security but only offer proximity – and proximity is not control.

ayedo and Loopback stand for the counter-model: architecture instead of marketing, open systems instead of sealed black boxes, technical sovereignty instead of political symbolism.

The future of European IT lies not in new brands but in new models – where companies and authorities retain sovereignty over their systems instead of delegating it anew.

Sovereignty does not arise from ownership but from the ability to act freely.