Microsoft told the French Senate it cannot guarantee European data stays out of US hands
On 10 June 2025, two executives from Microsoft France appeared before a French Senate commission of inquiry into public procurement. They were under oath. Towards the end of the hearing, Senator Dany Wattebled asked Anton Carniaux, Microsoft France's director of public and legal affairs, a simple question: could he guarantee that French citizens' data would never be transmitted to the American authorities without the agreement of the French authorities?
His answer, on the record, was this:
« Non, je ne peux pas le garantir, mais, encore une fois, cela ne s'est encore jamais produit. »
"No, I cannot guarantee it — but, once again, that has never yet happened."
The exchange is in the Senate's official transcript and was widely reported afterwards, including in English by The Register.
Two things are worth saying plainly before anything else. First, Mr Carniaux answered honestly, under oath, and deserves credit for it. He also said that Microsoft scrutinises requests, pushes back on those it considers unfounded, and asks US authorities to redirect demands to the customer where possible. His colleague Pierre Lagarde also pointed to Microsoft's contractual commitment, in place since January 2025, that EU customer data is stored and processed within the EU — a commitment this article takes at face value, because the issue is not where the data sits but who can be compelled. Second, this is not a Microsoft problem. Any company in the same legal position — Google, Amazon, OpenAI, Anthropic, or any other US-owned provider — would have to give the same answer if asked the same question under oath. Most are simply never asked.
What the CLOUD Act actually says
The law behind that answer is the Clarifying Lawful Overseas Use of Data Act — the CLOUD Act. It was introduced as H.R. 4943 in the 115th Congress and enacted on 23 March 2018 as Division V of the Consolidated Appropriations Act, 2018.
Its central provision, codified at 18 U.S.C. § 2713, requires a provider of electronic communication or remote computing services to preserve and disclose data within its "possession, custody, or control"
"regardless of whether such communication, record, or other information is located within or outside of the United States."
A few points to keep this accurate rather than alarming:
- The CLOUD Act is not a surveillance free-for-all. Disclosure orders still require legal process — typically a warrant issued under US law in a criminal investigation.
- It applies to companies subject to US jurisdiction, not to a country or a data centre. A US-owned company is within reach wherever its servers sit. A company with no US presence or ownership is not.
- The location of the data is, by the statute's own words, irrelevant. That is the entire point of the Act: it was passed to resolve a dispute over whether US warrants reached a Microsoft server in Ireland.
Residency is not jurisdiction
"Your data stays in the UK" is the most common reassurance offered by AI vendors selling into British healthcare and law. It is usually true, and it is usually beside the point.
Data residency answers a geography question: where do the servers sit? Jurisdiction answers a legal question: which governments can compel the company that controls those servers? The CLOUD Act makes the second question the one that matters, because a US-owned company holding your data in London, Cardiff or a "UK sovereign region" still holds it within its possession, custody or control — and § 2713 attaches to the company, not the postcode.
That is why the French Senate testimony matters. European customers had been offered sovereign cloud products, EU data boundaries and contractual reassurances for years. When the question was finally put directly, under oath, the company's own legal director confirmed what the statute already said: the boundary is technical and contractual, not legal. He could not guarantee it would hold against a lawful US order, because no US company can.
What this means for a GP practice or a law firm choosing AI tools
For most practical purposes, no US agency is interested in your referral letters or your attendance notes. The realistic risk is not that your patient data is read in Washington next week. The risk is what you can truthfully write down in your own governance paperwork.
If you are a GP practice, your DPIA for an AI tool has to assess international transfer and third-country access risk. With a US-owned vendor, you cannot write "no third-country authority could lawfully compel disclosure of this data", because the vendor's own counsel, under oath, says otherwise. You can still decide the residual risk is acceptable — many organisations reasonably do — but the assessment has to be honest, and your Caldicott Guardian and DPO should see the question answered rather than skipped.
If you are a law firm, the stakes are sharper, because the data in question may be privileged. Legal professional privilege binds you; it does not bind a foreign court issuing an order to your vendor. A vendor that can be compelled under another country's law is a gap in the privilege analysis that "UK data residency" does not close.
In both cases the question to put to your information governance lead is the same: does our paperwork describe where the data sits, or who can be made to hand it over?
The one question to ask any vendor
You do not need to be a lawyer to test this. Ask every AI vendor — including us — one question in writing:
"Which governments could legally compel your company, or any company in your ownership chain, to disclose our data — and under which country's law?"
Then watch the shape of the answer.
- A good answer names the legal regimes that apply and says so plainly: for a UK-owned company on UK-owned hardware, that is UK law — warrants and orders under UK statutes, served on a UK entity, contestable in UK courts.
- A weak answer changes the subject to encryption, certifications or data residency. Encryption standards are necessary and welcome, but a disclosure order is served on the company that holds the keys. Residency, as above, is geography.
- An evasive answer is itself information. Anton Carniaux answered the question honestly because he was under oath in front of a senate commission. Your procurement email does not carry that obligation — which is exactly why you should ask in writing and keep the reply.
Ownership is the variable to check. Not where the servers are, not where the support team sits, but who ultimately owns the company and therefore whose courts can reach it.
Check your own stack in two minutes
Our CLOUD Act exposure checker walks you through seven questions about who owns your current AI and cloud tools. No email address, no tracking — your answers stay in your browser, and the result is a link you can forward to your DPO.
Run the checker →Where we stand, for the record
Hush AI is a UK-owned company. The service runs on NVIDIA hardware that we own, located in England. No US parent, and no US processor that stores or uses your conversation content — traffic passes through a network edge we disclose on our security page, and content is processed and stored only on our own hardware in England. That is why the CLOUD Act's reach, which attaches to US companies wherever their data sits, does not attach to us. UK law applies to us in full, and we would answer the question above in writing for any practice or firm that asks.
In the same spirit of saying things plainly: conversation history is stored, encrypted, on our UK hardware until you delete it — we do not claim otherwise — and it is never used for training. Hush drafts documents under clinician or fee-earner review; it is not an ambient scribe and not a medical device. Our DSPT self-assessment is in progress, not yet complete. If you find an error in this article, write to us and we will correct it with a dated note.
The one question that matters is not "where is my data?" It is "who could be compelled?" Microsoft answered it under oath. Every vendor you are evaluating should be willing to answer it in writing.
Sources:
1. Sénat (France), commission d'enquête sur la commande publique — compte rendu, audition of Microsoft France (Anton Carniaux, Pierre Lagarde), 10 June 2025.
2. The Register, "Microsoft exec admits it 'cannot guarantee' data sovereignty", 25 July 2025.
3. CLOUD Act, Division V of the Consolidated Appropriations Act, 2018 (enacted 23 March 2018) — official text via US DOJ.
4. 18 U.S.C. § 2713, Cornell Legal Information Institute.