When US Services Go Dark: Risk Analysis and Contingency Planning for European Businesses
A French judge at the International Criminal Court appears on a US sanctions list. He lives and works in Europe. Yet he cannot book hotel rooms, rent a car, or shop online. His European credit cards no longer work – because payment processing runs through Visa, Mastercard and the US dollar.
He is a judge, not a business owner. But the infrastructure that failed him is the same infrastructure on which European companies run their operations.
His case is a stress test for a question that concerns every European executive team: what happens to the business when the US technology it depends on is no longer available?
The answer is not a political exercise. It is an operational risk analysis – and the time to conduct it is now.
The new risk landscape
The market has already responded. According to a Gartner survey, 61 % of Western European CIOs plan to increase their reliance on local cloud providers. Digital sovereignty is no longer a niche concern. It is a structural transformation.
That transformation is not driven by conviction but by necessity. The CLOUD Act gives US authorities access to data stored by US companies – regardless of location. The Defense Production Act enables compulsory access to technology. And a supply-chain risk designation can sever a company from the US ecosystem entirely, as the Huawei and Kaspersky cases have demonstrated.
What makes matters worse: the current US foreign and trade policy has fundamentally altered the predictability on which European businesses based their planning. Tariff decisions made at short notice without consulting trade partners, the expansion of sanctions regimes, and the dismissal of the oversight bodies charged with supervising the EU-US Data Privacy Framework – all of this signals one thing: the risk premium on US technology dependence has risen. Anyone whose planning rests on political stability in Washington is planning on an assumption that can no longer be substantiated.
For European businesses, the procurement calculus has shifted. The question is no longer just where data resides. It is about who controls the supply chain:
“It is no longer just about where your data sits – it is about where your vendor’s HQ is located and who holds the keys to your supply chain.”
What is at stake
Most European businesses have no clear picture of how deep their dependence on US technology runs – or how tightly the individual dependencies are interlocked. An honest inventory typically reveals the following:
Identity – the single point on which everything stands. Entra ID (formerly Azure AD) manages all user accounts, access rights and authentication in many organisations. This one service is the central node: if it fails or access is revoked, no one can log in – to any system that authenticates through it. No email, no file access, no line-of-business application, no VPN. Everything that follows hangs on this single point.
Operating systems. Windows runs on the majority of corporate desktops. macOS and iOS dominate in many industries. Both operating systems require ongoing licensing and regular updates. Without updates, devices become a security liability within months. Without a licence, they become unusable.
Productivity. Microsoft 365 bundles email, calendaring, document storage, intranet and communications into a single package. Google Workspace offers the same to a different customer base. In both cases, the entire working environment – including every document, every email, every calendar entry – resides with a US provider. Lose access, and you do not lose a tool. You lose the entire foundation of work.
Cloud and backups. Infrastructure on AWS, Azure or GCP. Backups on S3, Glacier or OneDrive. If access to these services is lost, it is not just production that is affected – data recovery is, too. In the worst case, production systems and backups are simultaneously unreachable because they reside with the same provider.
Communications. Teams, Zoom, Slack, Google Meet. Internal and external communications run through US platforms. A failure does not merely affect convenience – it affects the ability to act: those who cannot communicate cannot coordinate, cannot decide, cannot respond.
Payment processing. Visa and Mastercard process the majority of European card transactions. As the French judge’s case demonstrates, US sanctions can block payment processing within Europe – not in theory, but in documented practice.
These dependencies are not isolated from one another. They are chained. Entra ID authenticates access to Microsoft 365. Microsoft 365 runs on Azure. The backups sit on Azure. Communications run through Teams – which also runs on Azure. A single licence revocation, a single sanctions decision, a single vendor decree can break this entire chain. It is not one system that fails. It is the system.
Scenarios that are no longer theoretical
The question is not whether these dependencies constitute a risk. The question is which scenario could materialise, and when:
Licence revocation. Russian companies lost access to Microsoft services in 2022 – licences, cloud services, updates, overnight. Iranian users have been cut off from Google services, Apple features and cloud platforms for years because US sanctions law mandates it. For European businesses, this seems unthinkable – but the mechanism exists, it has been deployed, and current US foreign policy has lowered the threshold for its use. What was once reserved for extreme crises has become an instrument that can be activated at short notice and without warning.
Price escalation. Broadcom multiplied licensing costs for European cloud providers after acquiring VMware – perpetual licences abolished, subscription model enforced, prices in some cases increased tenfold. Vendor lock-in makes such price hikes possible: anyone who has built their entire infrastructure on one platform cannot switch in weeks. Unilateral price changes are not an exception; they are a business model.
Data access withdrawal. Backups on S3 or Glacier are accessible only as long as AWS grants access. In the event of a supply-chain risk designation, a sanctions action or a contract amendment, that data would be unavailable – potentially permanently. Anyone who keeps their backups with the same provider as their production systems has neither in an emergency.
Service discontinuation. Google has shut down more than 290 products. Microsoft has altered or discontinued services without notice. The decision to continue a service rests with the provider – not the customer. Anyone who builds their business on a service is building on a decision that someone else makes.
None of these scenarios requires a war, a crisis or a political decision directed against Europe. A contract amendment, a regulatory measure or a corporate decision in a jurisdiction Europe does not control is sufficient. The risk is not that one of these scenarios materialises. The risk is that none of them has a contingency plan.
The contingency plan: three readiness levels
The terminology comes from disaster recovery. It applies directly to digital dependencies:
Hot Standby: A fully functional alternative runs in parallel. In an emergency, the switchover is immediate.
Pilot Light: The alternative is configured and tested but not in production use. Activation takes hours to days.
Documented Plan: The alternative has been identified and the migration path documented, but nothing has been built. Activation takes weeks to months.
For every critical dependency, at least a Pilot Light should exist. The effort involved is manageable – the cost of an emergency without preparation is not:
| Dependency | Risk on failure | Pilot Light (minimum) |
|---|---|---|
| Windows | Desktops unusable | Linux images created, deployment tested on pilot group |
| Microsoft 365 (email) | No email traffic | Sovereign mail server configured, DNS switchover prepared |
| Microsoft 365 (documents) | File access lost | LibreOffice / Collabora installed, compatibility tested |
| Teams / Zoom | Communications failure | Matrix/Element server deployed, accounts provisioned |
| Entra ID | No logins possible | Sovereign identity provider (Keycloak/LDAP) configured, sync tested |
| AWS / Azure / GCP | Infrastructure lost | Account with European cloud provider, baseline configuration in place |
| Backups (S3/Glacier) | Data loss | Regular backup export to sovereign storage tested |
| Apple (iOS/macOS) | Devices become obsolete | Device management plan for Android/Linux prepared |
| Payment processing | Transactions blocked | SEPA direct debit active, contracts with EU payment service provider |
Some European institutions are already further along: France has migrated 500,000 agents across 15 ministries to Visio, a sovereign alternative to Zoom. Austria’s military has switched to open-source services. The EU Commission communicates via Matrix. The European Parliament voted 471 to 68 in January 2026 in favour of an “open source first” resolution.
These examples show that the alternatives exist and are in production – at governments, armed forces and institutions whose security requirements exceed those of most businesses. The question is not whether the alternatives work. The question is whether they will be ready in time.
The time factor
A Microsoft 365 migration typically takes 6 to 18 months. A cloud migration 12 to 24 months. An identity provider switch 3 to 12 months. A desktop operating system migration 12 to 36 months at scale.
These are timeframes for orderly projects under normal conditions – with budget, staff and a functioning day-to-day business. Anyone who starts planning after a crisis has already struck has none of these timeframes available.
What happens instead: employees arrive at the office on Monday morning and cannot log in. Customers receive no response. Suppliers receive no invoices. Contracts cannot be fulfilled because the systems used to manage them are gone. It is not one service that goes dark – it is the organisation’s ability to act.
The cost of such a crisis – business interruption, lost revenue, contractual penalties, reputational damage – exceeds the cost of any preventive measure many times over. A Pilot Light fundamentally changes this calculus. It reduces activation time from months to days – and with it, the difference between an orderly transition and operational paralysis.
Five steps to operational readiness
1. Dependency audit. Map every piece of US technology your business operations depend on. Not just the obvious systems, but the layers beneath them: DNS providers, certificate authorities, CDN providers, payment processors.
2. Risk classification. Assess each dependency by likelihood and impact. Prioritise: what would bring operations to an immediate halt? What would be manageable? The answer to the first question defines where contingency planning must begin.
3. Contingency plan per category. For every critical dependency, define at least one alternative. Document the activation path. Assign responsibility. A plan that sits in a drawer and no one knows about is not a plan.
4. Launch pilot projects. Select the three most critical dependencies and build a Pilot Light for each. Test the switchover under real-world conditions – not on paper, but with actual users. The experience from these pilots is worth more than any position paper.
5. Regular review. A contingency plan that is never tested is not a contingency plan. Conduct a stress test at least once a year in which you simulate the failure of a critical US service. What it reveals is what will determine the organisation’s ability to act when the real thing happens.
What this analysis is not
This risk analysis is not a recommendation to avoid US technology. It is not a political statement. US providers deliver the most capable products on the market in many areas. Businesses that use them are acting in economically rational self-interest.
But it is equally rational to treat dependence on a single provider, a single jurisdiction or a single payment system for what it is: an operational risk. One that can be managed – but only if you start before it becomes acute. Anyone who waits until the emergency to look for alternatives does not find alternatives. They find chaos.
The tools for this – Open Source, sovereign cloud infrastructure, open standards – are mature and available. What most businesses lack is not the technology. What they lack is the decision to prepare.
The French judge whose credit cards stopped working had no choice. He appeared on a list, and the infrastructure failed. European businesses still have a choice today. The question is, for how long.
Sources
- Digital Sovereignty – Build vs. Buy (UC Today, Feb. 2026)
- Microsoft suspends new sales in Russia (Microsoft, March 2022)
- Euro cloud body says Broadcom licensing unfair (The Register, May 2025)
- Killed by Google: Directory of discontinued Google services
- Trump’s sacking of PCLOB members threatens data privacy (Lawfare, Jan. 2025)
- Europe votes to tackle deep dependence on US tech (Computerworld, Jan. 2026)
- LaSuite: The sovereign productivity suite of the French government
- Pentagon vs. Anthropic: A Strategic Analysis (digital-independence.org, Feb. 2026)
Topic overview: Cloud and Infrastructure