I built a database in France because the Cloud Act makes EU data sovereignty impossible

In January 2025, the US administration fired three members of the Privacy and Civil Liberties Oversight Board (PCLOB), the independent agency responsible for overseeing US mass surveillance. The European Commission had cited this board 31 times in its adequacy decision for EU-US data transfers. Without a quorum, PCLOB can no longer function. That same month, an executive order launched a review of all Biden-era national security decisions, including Executive Order 14086, the legal foundation of the EU-US Data Privacy Framework. If you are a European developer storing user data on AWS, Azure, or GCP, these are not abstract policy events. They affect the legal basis of your data processing. This is the story of why I built VelesDB, and why I think the answer to the sovereignty problem is architectural, not legal. Three US laws, one problem Most developers have heard of the Cloud Act. Fewer realize it is just one piece of a layered legal framework that gives US authorities broad access t