It’s the legal situation in the US - and the reason why people familiar with the topic have been upset about the EU data sharing exemptions and similar stuff for over a decade now. It’s also really frustrating to keep explaining customers that the way they’re planning to use cloud stuff violates local data protection laws (even before GDPR), only for them to ignore it and do it anyway. We need way better education for people in charge of that kind of projects - and way higher penalties for violations, including the ability to fine organizations before they lose data when they store protected data in a way US government can get access to.

The only way a Microsoft cloud (or any cloud service from a US company) in the EU can work is if that company doesn’t have access to the European systems - both on hardware level and system level.

Microsoft attempted to do just that by having a German cloud managed by T-Systems - but gave up on that already years ago