I sat down with a Canadian university last week. They were trying to articulate to industry partners what their compute offering would be.
They knew "sovereign" was the right word. They couldn't define it for a buyer.
They couldn't tell me what a partner would actually use it for that they couldn't already do on AWS in Montreal.
That's not the university's failure. The industry calls three different things "cloud" and lets two of them get confused every day.
Here's the thesis: most "sovereign cloud" on the market is public cloud with a regional badge.
The cleanest configuration — your hardware in your jurisdiction — is the one almost nobody is selling.
And the federal government's flagship Canadian compute program is structurally pointing builders away from it.
Now the disambiguation.
The three kinds
Three questions, three answers.
Public cloud asks: what's the cheapest viable path?
Sovereign cloud asks: whose laws apply to my data?
Private cloud asks: whose hardware is it?
The simplest way to see it is housing.
Public cloud is an Airbnb.
Someone else owns the place. Someone else picks the country. You swipe a card, use it, leave.
Sovereign cloud is an apartment in your home country.
You're still renting. The landlord still owns the building. But the building sits in your country, and your country's laws govern what happens inside.
Private cloud is a house you own.
You hold the deed. You can put the house in your country — or in someone else's. Where the house sits and whether you own it are two separate decisions.
That last point is the one most people miss. Sovereign and private aren't different intensities of the same thing. They're answers to different questions.
Sovereign asks whose country are you in.
Private asks whose name is on the deed.
A Canadian renting an apartment in Toronto is sovereign but not private.
A Canadian who owns a condo in Miami is private but not sovereign.
A Canadian who owns a house in Toronto is both.
Most "sovereign cloud" sold today is the apartment in Toronto — and the landlord is American.
The cleanest configuration — the house you own, in your own country — is the one almost nobody is selling.
Public cloud
Public cloud is the Airbnb. AWS, GCP, Azure, Oracle.
You're a customer on shared infrastructure. The provider chooses where the metal lives, when it gets upgraded, and what jurisdictional regime it operates under.
You get a region toggle. That's the extent of your control.
Public cloud won because the trade is excellent for most workloads — you don't build a datacenter to run a side project, and you scale from one user to a million the same afternoon.
It doesn't answer the sovereignty question or the ownership question. It answers the convenience question, which is usually the right question.
Just be honest that's the question you're answering.
Sovereign cloud
You bought legal posture, not infrastructure.
Sovereign cloud is the rented apartment.
Still a tenant model, still someone else's hardware — but the building operates within a defined jurisdiction, with documented data residency, and is subject to that jurisdiction's laws.
The key word is tenant. You don't own the metal.
Receipts:
- Google Cloud approved a quota of 16 A100 GPUs in Canadian regions on April 22, 2026.
- Telus is publicly selling a "Sovereign AI Factory" with H200s and InfiniBand interconnect.
- The federal government's AI Compute Access Fund reimburses:
- 67% of eligible cloud costs when compute runs in Canada
- 50% when it runs outside.
- That 17-point spread is a literal federal price on jurisdictional control.
The CLOUD Act problem
Here's where the housing analogy breaks down — and where the actual problem lives.
In real estate, if you rent an apartment in Toronto, Canadian law governs what happens inside it. Doesn't matter if the landlord is American. The apartment is physically here, so Canadian law wins.
Cloud doesn't work that way.
The CLOUD Act (2018) lets U.S. authorities compel American companies to hand over customer data they control — regardless of which country it physically sits in.
FISA Section 702 lets U.S. intelligence services compel that same data for foreign intelligence purposes, with less procedural friction.
Neither cares where the datacenter is. Both care who owns the company.
So a "Canadian region" of AWS is a Toronto apartment with an American landlord — and the American landlord can be ordered, by an American court, to make a copy of your stuff and ship it home.
A Canadian region from a U.S. hyperscaler answers the residency question.
It does not answer the disclosure question.
If you're finding this useful, I send essays like this 2-3x per week.
·No spam
Those are different questions, and they get the same marketing word.
That's not nothing — for a lot of buyers, the residency answer is enough.
It's a different thing than what most people imagine when a vendor says "sovereign," and a different thing than what they assume they're getting when they say it back to themselves.
If what you actually want is I don't want a foreign government compelling my provider to hand over my data, you need to look further than a regional badge.
If what you want is my data should live in Canada for compliance optics, the badge is fine.
Two different conversations. Same words.
Private cloud
Private cloud is the house you own.
Single-tenant infrastructure where you control the metal.
On-prem in your office. A colocated rack in a datacenter. A dedicated bare-metal box from a provider where the hardware is contractually yours.
A rack in a Canadian colocation facility is a small private cloud. A datacenter floor is a big one.
Same architecture: you bought the hardware, you control the stack, a third party sells you space, power, and bandwidth.
The colo math: at roughly $5,000 to $10,000 per month of equivalent public cloud spend, owning the hardware starts winning.
A single rack of GPU-capable hardware pays for itself in twelve to eighteen months at typical utilization.
Anyone above that monthly spend who hasn't at least quoted the alternative is making an unexamined choice.
Private cloud does not, by itself, answer the sovereignty question.
A rack you own in Ashburn, Virginia is fully private and fully not sovereign to Canada. A rack you own in Beauharnois, Quebec is both.
Where you put the hardware is a separate decision from whether you own it.
The trap
The university partner I started with thought "sovereign" and "private" were synonyms.
So do most procurement decks. So do most government tenders.
So does most of the press coverage of Canadian AI compute right now.
| Public | Sovereign | Private | |
|---|---|---|---|
| Housing analogy | Airbnb | Rented apartment | House you own |
| Tenancy | Multi-tenant | Multi-tenant | Single-tenant |
| Hardware ownership | Provider | Provider | You |
| Data residency | Provider's choice | Yours, by region | Wherever you put the hardware |
| Who can compel disclosure | Provider's home jurisdiction | Provider's home jurisdiction, regardless of region | Jurisdiction where the hardware sits |
| Question it answers | Cheapest viable path? | Whose laws apply? | Whose hardware is it? |
The cleanest configuration — sovereign and private, your hardware in your jurisdiction — is the rarest. Almost nobody is selling it.
ISED's design is the tell: the AI Compute Access Fund reimburses cloud service contracts and explicitly does not reimburse hardware purchases.
The federal government's flagship AI compute program is structurally pointing builders at sovereign-public, not sovereign-private.
Toward more rented apartments, not toward more owned houses.
That's a bet about which problem the program thought it was solving.
Reasonable people can disagree about whether it's the right bet for the next decade.
But it is a bet, and it deserves to be named rather than absorbed.
What this means if you're buying
The wrong question is do I want sovereign cloud? The right question is which of these you're trying to answer:
- Cheapest viable path. Public. AWS, GCP, Azure. Pick a region, ship the workload. — The SaaS founder shipping product.
- My data needs to sit inside Canadian law — and stay out of foreign disclosure regimes. Sovereign, and probably from a Canadian-headquartered provider. Read the fine print on the parent company. — The hospital under PHIPA, the law firm with privileged data, the bank under OSFI.
- I want to stop renting forever. Private. Buy the hardware. Put it in a colo. Run your own stack. — The operator above ~$10K/month of inference spend on steady-state workloads.
You'll probably want a mix. Most serious operators eventually run all three for different workloads.
The day you can name which one you're choosing for a given workload — and why — you stop being a buyer vendors get to confuse.
You start being one they have to answer to.
Three different decisions. Three different questions. Stop calling them all cloud.