Illustration: Swiss data center and AI data protection, US models versus Swiss hosting

AI and data protection

Data protection and data residency in AI: US models or Swiss hosting?

The most capable AI models come from the US, the strongest data sovereignty comes from Swiss hosting. This article shows how to weigh the two objectively and decide correctly per use case.

The core tension: capability versus data sovereignty

The most capable AI models today largely come from US providers such as OpenAI, Anthropic and Google. They deliver the best results on complex tasks, but they raise questions about data residency and legal exposure. Using them means sending data to systems operated under US law.

On the other side are open models such as Meta's Llama or the models from Mistral, which can be run at Swiss providers. This keeps data under Swiss jurisdiction, at the possible cost of somewhat lower raw capability or higher operational effort.

This article frames the tension objectively, explains the legal foundations and offers practical decision guidance, without overstating the strengths of either side.

What data residency and data sovereignty mean

Data residency describes the physical location where data is stored and processed. Data sovereignty goes further: it concerns which legal system the data is subject to and who can lawfully access it.

The distinction matters, because data can sit physically in a Swiss data center and still be exposed to a foreign authority if the operator is subject to foreign law. Location alone does not guarantee sovereignty.

For Swiss businesses this is especially relevant in regulated sectors such as finance and healthcare, at law firms, and whenever personal data or trade secrets are processed. Here data sovereignty often decides whether an AI use case is even permissible.

The legal frame: nDSG, GDPR and the US CLOUD Act

Three legal frameworks shape the debate. They are partly in tension with one another, which explains the core problem.

  • Revised Swiss Federal Act on Data Protection (nDSG/revDSG): In force since 1 September 2023. It allows personal data to be disclosed abroad only if an adequate level of protection exists there (Art. 16 nDSG), otherwise additional safeguards are required.
  • EU General Data Protection Regulation (GDPR): Applies to the processing of data of people in the EU and therefore also affects many Swiss companies with EU ties.
  • US CLOUD Act: Requires US providers to hand over data on the order of US authorities, regardless of where the data is physically stored, in some cases without informing the people concerned.

Switzerland and the US established the Swiss-U.S. Data Privacy Framework (in effect since 15 September 2024), which eases data transfers to certified US companies. It does not, however, remove the fundamental reach of the CLOUD Act. For sensitive data a careful assessment therefore remains necessary.

Swiss hosting and open-source models in practice

Switzerland has developed an ecosystem that makes capable open models operable under Swiss law. Infomaniak, for example, offers open models such as Llama and Mistral through its AI services as an API, hosted entirely in Switzerland, and states that inputs are not used for training, with alignment to the nDSG and GDPR.

Swisscom provides a sovereign Swiss AI Platform on which data remains in Switzerland. Exoscale, a cloud provider of Swiss origin, runs data centers in Switzerland and Europe and is among the inference partners for new Swiss models.

An important building block is Apertus, the fully open, multilingual language model released on 2 September 2025 by the Swiss AI Initiative (EPFL, ETH Zurich and the national supercomputing center CSCS). It is available in 8 and 70 billion parameter variants under a permissive open-source license, was trained on the Alps supercomputer in Lugano, and also covers languages such as Swiss German and Romansh.

Such models do not always match the peak performance of the large US models, but they are more than sufficient for many business tasks and bring the decisive advantage of data sovereignty.

The trade-offs: where compromises arise

The choice is rarely black and white. Both paths have clear advantages and drawbacks that weigh differently depending on the use case.

  • Raw capability: US frontier models often lead on very complex reasoning and long contexts, but open models are steadily closing the gap.
  • Data sovereignty: Swiss hosting keeps data under the nDSG, while US services are additionally subject to the CLOUD Act.
  • Operational effort: Self-hosted or Swiss-hosted open models can require more integration and operations work than a ready-made US API.
  • Cost: Open models avoid per-query licensing fees but create infrastructure and maintenance costs.
  • Future resilience: Open weights and standard interfaces reduce dependence on a single provider.

Decision guidance: match model and hosting to data sensitivity

The most pragmatic approach ties the model and hosting to the sensitivity of the data in each use case, rather than to a blanket policy decision.

  • Highly sensitive data (health, finance, personal data, trade secrets): prefer Swiss-hosted open models or on-premise operation.
  • Medium sensitivity: EU regions with GDPR safeguards or Swiss hosting, depending on the specific type of data.
  • Low sensitivity (public content, anonymized or non-critical data): US frontier models can make sense when capability is the deciding factor.
  • Principle: do not send personal data or secrets to a model without first clarifying the legal framework and the storage location.

The pragmatic stance of ORO Solutions

ORO Solutions takes a pragmatic stance: we decide per use case rather than dogmatically. For sensitive data we favor Swiss and open-source hosting, for non-critical tasks we use the best available capability.

The architecture is what matters. We design solutions so that the model stays swappable, for example through an abstraction layer between the application and the model. A US model can later be replaced with a Swiss model without rebuilding the whole application, and you keep control over data and cost.

If you are weighing which AI strategy fits your data and your industry, we support you from analysis to operation. Get in touch and we will assess your use case both legally and technically.

Sources and further reading

FAQ

Frequently asked questions

Are US AI models banned in Switzerland?

No. Their use is permitted, but for personal data it requires a review of the data transfer and appropriate safeguards. For especially sensitive data, Swiss or European hosting is often the safer choice.

Is a Swiss data center enough for data sovereignty?

Not necessarily. What matters is which law the operator is subject to. A US corporation can be subject to the CLOUD Act even when data is stored in Switzerland.

Are open-source models less capable?

US frontier models often lead on the most demanding tasks, but open models such as Llama, Mistral or Apertus reliably cover many business applications.

Can we switch the model later?

Yes, if the architecture allows for it. With an abstraction layer between the application and the model, you can change providers without rebuilding the solution.

Read more

Related services

Contact

Start your next project with ORO

Get in touch with us to find the right solution for your business - we advise you free of charge and without obligation!

Get in touch