The wrong debate
For three years, African governments and institutions debated "data sovereignty" almost exclusively in terms of server location. Where is the data stored? Is the data center in-country?
These are real questions. They are not the most important questions.
Where the actual risk lives
The model is more sensitive than the data.
When an institution fine-tunes a language model on its internal documents — loan files, customer communications, regulatory filings, internal memos — it creates an artifact that encodes institutional knowledge in a form that is transferable, copyable, and difficult to audit.
A fine-tuned model trained on three years of a bank's internal communications is a liability if it lives on a vendor's infrastructure. The vendor controls the weights. The vendor controls inference. The vendor controls what the model learns next.
What sovereign LLMs actually require
Sovereignty over a language model requires:
- Control over training data (what goes in)
- Control over the training process (where it runs)
- Control over the weights (who can copy them)
- Control over inference (who can query the model)
- The ability to audit what the model learned
None of these are guaranteed by server location alone. All of them are achievable with the right architecture.
What we recommend
For institutions handling sensitive data: deploy open-weight models on infrastructure you control. The performance gap between proprietary and open-weight models has collapsed. The sovereignty gap has not.