Digital sovereignty, the ability for an organization to maintain clear control over how its data is stored, accessed, and governed, has moved from a technical concern to a board-level priority. As organizations expand their digital footprints and accelerate cloud adoption, rising regulatory scrutiny and growing customer expectations are forcing businesses to rethink how they manage data.

Sovereignty means different things to different people, the panelists noted, but the common thread is the need to take control over customer data, which has become essential to maintaining trust. The pressure to demonstrate that control is now shaping transformation plans, vendor choices and long-term customer experience strategies.

Control of Critical Data Is Becoming a Strategic Must

The energy crisis following the invasion of Ukraine exposed the geopolitical dimension of critical infrastructure, reinforcing the need for systems that can operate independently in extreme circumstances.

“Digital sovereignty is about stability and resilience,” said Julia Weberberger, Head of Corporate Strategy at Energie AG Oberösterreich, describing it as a source of power. “[W]e have to make sure that we operate our critical data on our own. We operate our own data center, with emergency power supply, and rely on a multi-provider strategy to create redundancies… It’s also very important that we build expertise in digital sovereignty in Europe, but also within our company.”

Europe is developing a new mindset built on innovation and security, Weberberger said, shaping companies, knowledge, opinions and even social narratives. In this environment, European data sovereignty is becoming a key strategic concern that requires balance.

As Martina Saller, Public Sector Sales Lead at Microsoft Austria said:

“It’s not a black and white discussion. It’s not about choosing the path of sovereignty or choosing the path of innovation. It’s about balancing and orchestrating… a risk-based approach.”

That layered approach should separate highly sensitive workloads from those suited for cloud-based innovation.

Public administrators highlighted that sovereignty is multidimensional: technical, legal, economic and emotional. What customers want above all is visibility and choice. As one leader emphasized, beyond control over data processing and storage, true sovereignty also means being able to choose the parts of a technology package they need rather than being required to buy licenses for bundles, which drives up costs.

Procurement rules, however, are still playing catch-up. With different requirements scattered across the EU, organisations often end up doing the same work multiple times. A more unified approach that allows for shared certifications and tech that plays nicely across borders would make it easier for businesses and public bodies to build modern, sovereign digital systems. And to make sure those sovereignty rules help innovation instead of getting in the way, organizations say they need clear guidance and strong partnerships with their tech providers.

What Customers Need from Cloud Partners

A recurring message throughout the discussion was that sovereignty cannot be achieved in isolation. Customers expect their cloud partners to help them meet changing regulatory, security and operational demands.

As Norbert Parzer, Certified Public Accountant, Tax Advisor and Partner at EOS put it, “first find the companion before you start the journey.”

To address concerns around extraterritorial data access, Jeff Bullwinkel, VP and Deputy General Counsel, Corporate External and Legal Affairs at Microsoft EMEA, detailed the steps the vendor has taken to provide assurance and legal protection.

The tech giant has built the EU Data Boundary for the Microsoft Cloud to “mitigate the risk, or reduce the surface area of risk by just reducing situations in which data is transferring from one continent to another.”

Just as crucial is Microsoft’s assurance that it will resist demands from governments to divulge customer data, Bullwinkel said:

“When Microsoft gets a request or a demand in order for data from any government around the world, we have a contractual obligation to litigate against that order whenever there’s a lawful basis for doing so. And we have quite a history of doing that…with a view toward guarding against that kind of risk and so we will continue in the future as well.”

Microsoft has also expanded its sovereign controls and confidential computing to ensure that customers hold the keys to their data.

The vendor recently announced expanded capabilities for its Sovereign Public Cloud and Sovereign Private Cloud. By the end of this year, customers in four countries—Australia, the United Kingdom, India and Japan—will have the option to have their Microsoft 365 Copilot interactions processed in-country. This will be expanded to 11 more countries in 2026: Canada, Germany, Italy, Malaysia, Poland, South Africa, Spain, Sweden, Switzerland, the United Arab Emirates, and the U.S.

These capabilities directly address customer expectations for operational autonomy and regulatory compliance.

Partnerships help empower organizations to keep control over their processes and architecture, so that digital transformations are secure and interoperable. Organizations across sectors are embracing AI, but they need to be sure that the models they use preserve transparency and control.

“There are many areas we see it’s important to have a good collaboration. And for that, trust is… obligatory. It’s the absolutely necessary thing. And it cannot just be a marketing promise,” Weberberger said.

The use of large language models (LLMs) raises critical questions when it comes to maintaining control over customer data, Weberberger noted, highlighting the need for transparency around who trains the data, who defines which information AI models are allowed to use, how ethical principles are implemented and who has the control and influence over the models.

“We need answers in the future when it comes to… how these LLM models are trained. Many providers tell us ‘we don’t use the customer data to train our LLM.’ But for us, still, the question remains, but how do the providers develop their LLMs when they don’t use the customer data to train them? Here we need clear agreements that we all know how it works, and openness to trust.”

For critical sectors like energy, innovation must align with stringent risk-management requirements without compromising safety or resilience.

Data Sovereignty as a Shared European Project

Panelists underscored the need for different regulators in Europe to get on the same page when it comes to digital rules, to create a clearer, more unified set of standards that works in practice and gives organizations the confidence to keep innovating.

“Policy makers and industry representatives should work together on defining clear, understandable and practical frameworks, which has not always happened in the past,” Parzer said.

“It’s about establishing certainty for market participants at the end… They should understand that innovation is not a luxury. It is just an enabler for our economic growth and insurance for our future. So it is all about defining rules that are going to balance innovation with compliance.”

And when those standards line up, it doesn’t just cut down on compliance headaches — it makes it easier for governments and regulated industries to embrace AI and cloud tools, giving them the guardrails they need to move ahead with confidence.

The conversation made one point clear: sovereignty is no longer a static concept. It is a shared responsibility shaped by policy, technology, and partnership. Customers expect cloud providers not only to deliver secure platforms, but also to collaborate, openly and continuously, on the frameworks, tools, and governance models that will define Europe’s digital future.

As the panel demonstrated when customers, policymakers, and technology providers align around transparency, control and trust, Europe can innovate at the pace required to remain resilient and competitive.

“I think we cannot expect this topic is going to go away,” Bullwinkel said. “These things are front of mind, absolutely, for our customers, for our partners, for government leaders… Things we’ve been talking about… around data privacy, around data security, around resilience, around data residency, these are all things that will continue to inform the conversation.”

Around 65% of consumers now use messaging apps like WhatsApp to engage with companies, research from Salesforce shows. WhatsApp, owned by Meta Platforms, has evolved from a simple personal messaging tool to a platform for customer engagement and loyalty.

Using messaging apps like WhatsApp is about meeting customers where they are. As the third most popular app worldwide, WhatsApp has a whopping 2 billion users, of which 1.54 billion interact with WhatsApp for Business accounts, making it impossible for brands to ignore.

WhatsApp for Business includes a range of communication tools—a free app, an advanced API platform, and an ad format that directs users to the app, along with extra features that help businesses of any size handle customer communication at scale.

Around 68% of WhatsApp users believe it’s the most convenient way to engage with brands, according to Freshworks. That suggests the app should be a key element of a brand’s omnichannel customer service strategy, offering a way to connect with customers in a channel they prefer to use.

WhatsApp offers the convenience of asynchronous communication, allowing customers to reach out to brands in their own time. By providing 24/7 availability through AI agents and live support, as well as Quick Replies and Automated Messages, companies can eliminate the frustration of only being available during business hours, when customers themselves may be unavailable.

Businesses can use the app to create engaging, personalized customer interactions with its rich media features incorporating images and videos.

In addition, with security a growing concern among businesses, it’s worth noting that WhatsApp uses end-to-end Signal encryption to keep messages private and ensure customer information is protected. Meta ensures WhatsApp Business Platform is compliant with the General Data Protection Legislation (GDPR) and other key regulatory requirements.

WhatsApp for Business Becomes Default Loyalty Channel in Asia-Pacific

Brand outcomes in Asia-Pacific highlight the importance of having a WhatsApp strategy. Of the 1.54 billion WhatsApp Business users, around 748 million are in Asia-Pacific, compared with 130 million in North America. With so many people in Asia using the app every day, the region shows how naturally companies can work it into their customer conversations.

Regional insights from polling firm YouGov show that 32-43 percent of consumers in the Asia-Pacific region use business messaging to complete purchases, track orders, and connect with brands, especially during major sales and seasonal campaigns. Similarly, Infobip’s Messaging Trends Report points to Asia-Pacific as the world’s fastest-growing messaging region, driven by dynamic markets like Indonesia, the Philippines and China. The region saw a 51 percent increase in conversational messaging in 2024, led by a doubling in WhatsApp growth to 100 percent.

As business messaging has become integrated into the customer lifecycle, WhatsApp has, in effect, become the default loyalty channel for high-intent customer engagement in the region, according to Meta.

“We are seeing the shopping journey become more conversational because consumers now want dialogue, not one-way marketing,” said Vicky Yiu, APAC Strategic Partnership Manager, Business Messaging at Meta.

“WhatsApp is increasingly becoming the commerce layer for brand engagement in Asia. Customers don’t just browse — they consult, request support, complete transactions, and revisit brands all within messaging threads.”

L’Occitane’s WhatsApp-First Strategy

At the recent Commerce Leadership Forum held at Meta Singapore’s office, French beauty brand L’Occitane stated that WhatsApp now accounts for more than 80 percent of its inbound and outbound customer conversations in Asia-Pacific, becoming its primary customer touchpoint across different markets.

“By using WhatsApp as a unified touchpoint, we can move customers seamlessly from online discovery to in-store engagement without losing context,” said Terrence Siu, Chief Information Officer, APAC at L’Occitane. “Customers enjoy a consistent and personalized experience wherever they interact with us, be it on Facebook, Instagram, or WhatsApp.”

The brand extends this into a loyalty journey by staying connected with customers through the app so that they continue to feel guided and valued after the first transaction.

“By distributing samples and exclusive VIP offers directly through WhatsApp, we can convert interest into purchase immediately in the same channel the customer already uses,” Siu added. “This approach has lifted our coupon redemption rate to 87%. Once the customer is connected, we continue the journey through personalized refill and replenishment reminders, helping us maintain an ongoing relationship rather than a one-time transaction.

“WhatsApp has become a loyalty bridge — from sampling, to purchase, to repeat purchase — all within one seamless customer journey.”

Across the region, it has become apparent that loyalty sticks only when customers are actively engaged, rather than passively included. As Alan Chan, CEO and Founder of Omnichat put it:

“Points sitting in an app don’t translate into customer relationships, but loyalty delivered through WhatsApp stays close to the customer’s daily behavior.”

Rather than waiting for customers to remember a loyalty program, brands can link QR codes to product samples, in-store touchpoints and messaging-based rewards to proactively engage members in real time.

“This is the difference between a loyalty database and a loyalty journey. When customers are reminded, recognized and rewarded in the channel they already use every day, loyalty becomes a habit,” Chan said, adding:

“[A]nd unlike apps, no one uninstalls WhatsApp.”

Using WhatsApp to keep customer relationships active means retention doesn’t have to be expensive. Brands in Asia-Pacific are showing the way by moving away from one-time campaigns and toward relationship-led loyalty that leans into conversational commerce where customers are already having real conversations.

On November 9, 2025, Mixpanel notified OpenAI that an attacker had gained unauthorized access to part of its systems and exported a dataset containing some customer information and analytics data related to the API. Mixpanel shared the affected dataset with OpenAI on November 25, the company stated in a blog post.

The breach occurred within Mixpanel’s systems and there was no unauthorized access to OpenAI’s infrastructure and systems. ChatGPT and other OpenAI products were not affected. “No chat, API requests, API usage data, passwords, credentials, API keys, payment details, or government IDs were compromised or exposed,” Open AI stated. It also confirmed that session tokens, authentication tokens, and other sensitive details for OpenAI services were not involved.

But Mixpanel’s systems had access to user profile information from platform.openai.com⁠. According to OpenAI, the information that may have been affected included:

• Users’ name and email address
• Operating system, browser and location (city, state, country) used to access the API account
• Referring websites
• Organization or User IDs associated with the account

OpenAI has removed Mixpanel from its production services and said it is working with the company as well as other partners to gauge the scope of the incident and determine whether any further response actions are needed. It is in the process of directly notifying the organizations, admins and users that were affected by email.

“While we have found no evidence of any effect on systems or data outside Mixpanel’s environment, we continue to monitor closely for any signs of misuse,” the post stated.

The incident is a reminder that exposure of non-critical metadata can introduce security risks, and sharing identifiable customer information with third parties should be avoided. As Ron Zayas, Founder and CEO of Ironwall by Incogni, told CX Today in a recent interview:

“The smart play is to learn how to sanitize your data. You don’t have to share 100 pieces of information on one of your customers with an outside company. It’s stupid. Why are you sharing all that customer information?”

Enterprises often underestimate the value of metadata to attackers, as it doesn’t contain critical information like customers’ login credentials or payment details. But malicious actors use the information to create credible phishing or impersonation campaigns, which are becoming an effective way to deploy ransomware attacks through social engineering.  Having a person’s real name, actual email address, location, and confirmation that they use OpenAI’s API makes malicious messages look far more convincing.

OpenAI acknowledged this in the blog post, advising its API users:

“Since names, email addresses, and OpenAI API metadata (e.g., user IDs)  were included, we encourage you to remain vigilant for credible-looking phishing attempts or spam.”

Users should “[t]reat unexpected emails or messages with caution, especially if they include links or attachments. Double-check that any message claiming to be from OpenAI is sent from an official OpenAI domain,” the post added. It also encouraged users to protect their account by enabling multi-factor authentication “as a best practice security control” and noted that OpenAI doesn’t request credentials such as passwords, API keys or verification codes through email, text or chat.

Complex AI Stacks Open More Ways In for Attackers

As with recent cyberattacks exploiting third-party platforms, the incident serves as a reminder that API-based architectures will only become more vulnerable with the use of AI in enterprises. AI systems are too complex for most companies to develop in-house, so they build stacks of third-party tools using APIs, all of which collect operational metadata and open up more attack vectors.

While vendors and enterprises are tempted to collect as much customer information as possible to train AI models as well as deliver personalization, they need to be judicious in the types of information they collect and store, Zayas said, as the risk of data breaches in the AI era will become “much more significant.”

“Companies are opening up all of their data and feeding it to an AI engine. And how secure are the AI agents? They’re led by big companies, but big companies get breached all the time.”

Zayas warned that the major AI and cloud providers like OpenAI, Google and AWS will become increasingly vulnerable as hackers target them for their wealth of data:

“When your data is sitting there, you’re going to get attacked. If I can pull out information… from an AI provider, I am going to get so much rich data that I don’t have to worry about attacking a lot of companies… That’s where companies and criminals are putting all their time and effort—going to the big ones. If you’re giving them data, you are much more of a target.”

Enterprises need to get smarter about the data they share with AI tools to get the outcomes they need. Customers’ personally identifiable information can often be removed to anonymize the data without affecting how the tools work, Zayas noted.

“You’re going to see the breaches being more and more related to the amount of information that’s coming out with AI, the amount of information that’s being enriched, and companies are going to suffer from this.”

Enterprises also have to train employees to avoid carelessly uploading spreadsheets and other files to chatbots like ChatGPT, because even if a company’s systems aren’t hacked, malicious actors may be able to extract customer information using certain prompts.

As the adoption of AI tools accelerates, enterprises should treat every handoff to an AI provider as a potential point of exposure of their customer data. Limiting the amount and sensitivity of information sent to these systems and designing workflows that avoid unnecessary data transfer can reduce the impact of a breach, protecting customers as well as the company’s reputation.

Today’s contact centers are interacting with customers that stretch from the Silent Generation all the way to Gen Alpha in a day.

As Garry Gormley, Founder of FAB Solutions, put it, “We’re at a strange impasse.”

There’s the Silents and Boomers who still value voice contact with human agents; Gen X and Millennials who mix digital self-service with human support; Gen Z, who jump between apps and channels; and the emerging Gen Alphas, who are growing up expecting hyper-personalized, predictive experiences.

Put all six generations together, and it’s easy to see why no single communication style or service model can cover everyone.

Managing by Generation Isn’t Just an HR Strategy

There’s an economic case for taking generational differences seriously. Data from the World Economic Forum shows that countries can increase their GDP by 19% over 10 years by managing their workforce based on generational groups, and that extrapolates itself out to customers, noted Katy Forsyth, Managing Director of Red Recruitment.

Every generation wants speed, multichannel and intuitive service, but the defining difference between the generations is that younger consumers want personalization, Forsyth said.

“[Gen Z] want everything addressed to them personally. They want an emotional connection with their service… And then when we get the Alphas coming along, they’re even more hyper-personalized.”

These consumers expect brands to use predictive analysis to make recommendations based on the activity on their phones.

Much of this comes down to economic pressure. Gen Z’s spending habits are different because their financial realities are different. Forsyth highlighted that in the UK, “it costs Gen Z six times their salary to get a house deposit. For an Xer in 1995, it was a third of one year’s salary.”

It’s partly because of that smaller buying power that when Gen Z consumers do choose to spend, they want meaning behind the transaction. “The personalization is super important,” Forsyth said, noting that on Black Friday, Gen Z consumers will spend an average of £255 on purchases, which is almost double the £155 that Gen Xers are expected to spend.

That makes Gen Z customers an important demographic for brands to address and they need to understand how to appeal to them. Younger consumers are the mostly likely to use GenAI and AI assistants in their holiday shopping, with Gen Z accounting for two-thirds of shoppers turning to ChatGPT for gift inspiration, according to research from Bread Financial.

Despite narratives around younger generations’ aversion to picking up the phone, Forsyth warned against oversimplification when it comes to providing voice channels:

“Even though they might want to self-serve, you’ll be surprised… as soon as it gets uncomfortable, they want voice. Do not believe the headlines.”

Data shows that when dealing with emotional issues Gen Z wants to speak to a service agent, indicating that companies need to tread carefully and avoid dealing with customers on the basis of assumptions.

Matching Service to the Customer You Actually Serve

For contact centers, getting to grips with practical ways to stay authentic as they juggle all the different ways generations communicate is not an easy task. Beyond managing multiple channels, it’s about making sure every interaction feels honest and human, whether a customer reaches out on the phone, chat or through social.

That means giving contact center agents the freedom and tools to adjust their tone to the customer, using technology to support real connection.

While older generations may still prefer a softened message, younger generations will not tolerate spin. Forsyth said of Gen Z:

“They do not trust you as businesses, whether you’re employing them or selling to them… They will take bad news… but you need to tell them the truth. Do not flower it up… Forget the good news, just go for the jugular, and they’ll respect you a whole lot more. Tell them it’s expensive, but why?”

Trust was a recurring theme during the discussion, as well as the ways in which it spans across generations.

Marco Ndrecaj, Director of Customer Experience Management, Shared Services Connected, said the biggest threat to customer experience isn’t channel fragmentation, it’s eroding trust:

“We need to make sure that we are demonstrating trust in the right way, through communicating honestly and openly about the engagements that we have, either through a bot, or through an AI agent, or through a live person and being really clear on the distinction between those and servicing that to the right people.”

Ndrecaj highlighted a sentiment from one of his contact center advisors: “Customers are being overwhelmed with information… technology on its own doesn’t build trust. People do… What matters is how we use technology to enhance the customer connection.”

The balance between human empathy and AI capability is the foundation on which to build credibility, increasing trust rather than eroding it.

“Humans bring empathy and judgment, while AI provides skill and insight. And when brands get this balance right, that’s when the magic happens.”

Brands are challenged with producing content to appeal to the TikTok generation, which gravitates toward fast-paced, video-led storytelling, while remaining relevant to older audiences that engage in different ways. “How do we think about how we adapt and create that video first experience for the consumers of tomorrow?” Ndrecaj said.

But Ndrecaj also urged brands not to confuse channels with meaning: “I don’t think it’s the actual medium. It’s more around how you make them feel. Gen Z and Gen Alpha think very differently. It’s not about video content or… collecting points. It’s about them feeling a sense of purpose. It’s about organizations that actually have shared values.”

Ndrecaj pointed to brands like Nike and Lego as examples, noting: “They actually invite their customers to co-create products. And that is a feeling that you can’t buy through TikTok or Instagram.” Forsyth, too, cited Nike as brand that is connecting well with customer service for Gen Alpha.

Brands also need to strike a balance between acknowledging the differences between generations and making assumptions about what customers want.

Beyond Stereotypes: Reading the Real Customer Need

Sandrea Morgan, Head of Customer Support at Adanola, warned against treating generational traits as blanket truths. “It depends on where you are as a business and what type of customer you’re interacting with…. because what a customer expects depends on the experience they want to have. What am I trying to purchase. Is it something for the home? Is it something for you personally? That does change what you expect no matter what age you are.”

Morgan contrasted the customer expectations of two different types of businesses.

“In my current role [with a] younger Gen Z customer, the majority of what they want is [for interactions] to be simple, quick, on brand, but pretty efficient and professional. I was in a role a year ago, [with] a slightly older customer. The product was a bit more expensive. There was more of a luxury feel to it. What they wanted from us was very, very different, and the tone of voice that the advisor had was very, very different.”

Understanding the customer makes it easier for brands to move beyond generic customer service design and give their contact center employees the tools and training they need to connect with customers in the most appropriate way for the service they expect.

“Sometimes that’s a piece of technology that you can give them, and sometimes it’s about the training that you give them to be the best in their job every day,” Morgan added, stressing the importance of aligning agents’ skills to the customers they serve.

And to complicate things even further, figuring out what customers want isn’t straightforward, because while they might say they make purchases based on their values, their actual choices can tell a different story.

For Gen Z, for example, their values matter, but they are also under strain from the limits to spending power. As Forsyth pointed out:

“Their values are really critical, but we are in a cost-of-living crisis that is affecting the Zs, and they’re having their values pushed as a result of that.”

Businesses need to be prepared for that to change over the next three to five years and make sustainability more cost-effective to deliver. “Then we keep every generation happy, but particularly the Alphas, who will just be hitting with the spending power,” Forsyth said, as they transition to becoming a larger share of retail spend.

Ultimately, serving customers spanning six generations is about listening closely and building the kind of service that can flex as customers’ needs shift.

As governments and enterprises deepen their reliance on cloud and AI technologies, control over where data is stored and how it is processed has become central to maintaining operational resilience and regulatory compliance, and most importantly, customer trust.

More than 80 percent of business leaders cite data sovereignty as a strategic business priority, according to research by German analyst firm BARC.

“We have to get a lot better at understanding that data is money, and we need to put the security that we’ve had in place around money for 1,000 years around data,” online privacy expert Ron Zayas, CEO of Ironwall by Incogni, told CX Today in an interview.

Companies are feeding their data to AI engines to train their models, but regulations like the EU Data Act, which creates rules for data sharing and access—not to mention growing cybersecurity threats—require them to tread carefully. As Zayas put it:

“We need to understand that the same way you wouldn’t let your employees interact with networks without a firewall, you can’t let companies interact with AI without having some type of firewall in between and understanding what data you can share.”

Recent moves by European and global technology leaders indicate that they are responding to accelerating demand for a sovereignty-driven approach to innovation.

The Rise of Europe-Built Cloud and CX Solutions

Odigo, a European CCaaS and CXaaS provider, recently acquired Akio, a French software vendor specialising in AI-powered CCaaS solutions for SMEs and mid-market firms. The merger brings together Odigo’s enterprise-scale CX offering with Akio’s capabilities in AI, voice of the customer analytics, and reputation management.

But beyond expanding product portfolios, the acquisition represents a strategic move to consolidate European technological capabilities and reduce dependence on non-European cloud providers. (Aside from data sovereignty that push is becoming more significant given recent cloud service outages.)

As Odigo stated in announcing the deal:

“[T]he merger of two complementary French vendors with a strong presence across Europe reinforces Odigo’s ambition to create a competitive European alternative to the American firms in the sector. This approach comes at a time when European companies are placing greater focus on data sovereignty and control over their technological environments.

Patrick Giudicelli, Founder and President of Akio, added: “Joining Odigo means joining a French company that shares our values of customer proximity and sovereignty.”

The newly combined company offers a customer engagement ecosystem designed and hosted within Europe, where data control and regulatory compliance are built into the architecture.

Global Platforms Are Localizing Data and AI Operations

The big tech players are also evolving their approaches to sovereignty. Last week, enterprise AI platform Workday announced the rollout of its Workday EU Sovereign Cloud in 2026, keeping its European customers’ data local and secure.

All operations, including AI processing, data center access, support, and maintenance, ensure customer data is managed by EU-based personnel and never leaves the region.

“Workday understands how quickly evolving data sovereignty requirements can make it difficult for organizations to keep pace,” Gerrit Kazmaier, President, Product and Technology at Workday, said in the announcement. “Workday EU Sovereign Cloud gives our customers the freedom to innovate and grow confidently—helping them harness the power of AI while knowing their data remains protected and compliant.”

EU Sovereign Cloud is built on AWS infrastructure and spans multiple, geographically separated data centers to provide redundancy for key systems. Hardware protections prevent unauthorized access, and end-to-end encryption safeguards data whether it is in use, in transit, or in storage. An EU advisory board provides oversight to strengthen transparency and adherence to European sovereignty and security standards, Workday said.

The vendor plans to extend the offering to other regions down the line, but there’s no surprise that it’s starting with Europe first, given the region’s strict data rules.

Tech giant Microsoft has added a new set of capabilities to its Sovereign Public Cloud and Sovereign Private Cloud offerings that build on its digital sovereignty controls to deliver AI and cloud services strengthened by its ecosystem of specialized in-country partners.

The update includes end-to-end AI data processing within the European Union’s Data Boundary, the general availability of Microsoft 365 Local, and localized versions of its Copilot AI assistant in four countries by the end of the year, with 11 more to follow in 2026. That ensures Copilot interactions are typically processed in data centers located within a nation’s borders, to give customers greater control over where their data goes.

Microsoft has also extended its Sovereign Landing Zones for Azure and introduced new infrastructure capabilities, such as support for external SAN storage and the latest NVIDIA GPUs, to help enhance the performance of local deployments. The company is expanding its ecosystem of regional experts through a Digital Sovereignty specialization.

Microsoft acknowledged that organizations in Europe and other jurisdictions face a complex slate of regulatory mandates, as well as heightened expectations for resilience. As Douglas Phillips, President and Chief Technology Officer, Microsoft Specialized Clouds, stated in the update:

“Sovereignty has become a core requirement for governments, public institutions, and enterprises seeking to harness the full power of the cloud while retaining control over their data and operations.”

The conversation around data sovereignty has also been amplified by Zoho, which raised the issue in releasing its latest Zoho One upgrade.

The vendor highlighted the value of controlling the full technology stack and emphasized that operating its own infrastructure through to applications allows it to offer deployment models that give customers the control they need to meet regulations and provide transparency to their end users.

“We are doing these on-premise deployments in some countries where your data center has to be set up in that country, because we own… the entire stack … we are able to do it particularly when dealing with governments,” Raju Vegesna, Chief Evangelist at Zoho, said during a media briefing.

This approach allows organizations to maintain national or regional control over critical communication systems, an increasingly common requirement for enterprises that need to guarantee uninterrupted access to essential services.

These initiatives reflect a broader market realignment and a recognition that sovereignty does not need to be a constraint on innovation but can be a selling point for vendors. European enterprises increasingly expect cloud and AI providers to deliver verifiable assurances of data control and jurisdictional compliance.

As regulatory demands tighten and put more pressure on enterprises, from the EU Data Act to AI rules and sector-specific cybersecurity requirements, cloud providers that can offer data sovereignty by design are likely to gain a competitive edge.

The IRS will use Agentforce across the Office of Chief Counsel, Taxpayer Advocate Services and the Office of Appeals, Paul Tatum, Executive Vice President of Global Public Sector Solutions at Salesforce, told Axios.

The move follows major staffing cuts at the agency implemented by the Department of Government Efficiency (DOGE), which has since been quietly disbanded according to reports, as well as furloughs during the recent government shutdown. The IRS lost around 25 percent of its staff between January and May, shrinking from roughly 103,000 employees to about 77,000, according to a report from the Treasury Inspector General for Tax Administration (TIGTA).

The US Congress has reduced the IRS’s funding under the Inflation Reduction Act (IRA) from $80BN over a 10-year period to $37.6BN. And proposed budgets for the 2026 financial year would reduce the agency’s annual funding by around 20 percent.

“Completing IT modernization projects, providing quality service to taxpayers, and enforcing tax laws with a reduced workforce and budget will be challenging for the IRS,” the TIGTA said.

That’s where Salesforce comes in. The vendor received FedRAMP High Authorization back in June for Agentforce alongside its Data Cloud, Marketing Cloud, and Tableau Next offerings. It launched its Agentforce for Public Sector edition in August, which provides government agencies and local authorities with tailored, pre-built and AI agents.

Salesforce has already been working with the IRS to modernize some basic technology in those departments and will now add AI agents to handle tasks like generating case summaries and searching data to reduce the time it takes to handle customer interactions.

The aim is to help employees process cases so that taxpayers get the information they need faster, rather than to replace them, Tatum said.

The TIGTA pointed out that the agency still needs human staff to manage its complex remit:

“Despite numerous ongoing automation projects, the IRS still needs skilled and experienced employees to interpret tax law changes, investigate criminal activity, prevent fraudulent refunds, and implement complex coding changes for its information systems.”

That puts pressure on employees to deliver all this while providing a satisfactory service to taxpayers.

According to a separate TIGTA report in October, the Inspector General received nearly 250 complaints from taxpayers during the 2024 filing season, from January through May 2024, about interactions they had with IRS representatives.

The TIGTA found that IRS contact center representatives were typically courteous and professional in their interactions with taxpayers. But it identified “some instances where improvements are needed”. In 11 percent of call recordings, taxpayers received poor customer service, such as unprofessional behavior from IRS representatives, long wait times on hold or disruptive background noise. Another 15 percent of calls were either dropped or disconnected.

Why Automated Platforms Are Emerging as a Fix for Government Contact Center Shortages

AI platforms like Agentforce could provide a solution for government organizations like tax agencies that are facing a challenge in staffing contact centers to provide service to millions of taxpayers, especially during peak seasons.

Efforts to boost contact center productivity eventually hit a natural limit, because employers face a challenge in maintaining full staffing. “There’s a ceiling. You can’t make people give 110%. We work with governmental organizations who are losing employees and haven’t got the power or the money to fire into that space,” James Mackay, Regional Sales Manager at conversational AI firm Rasa, told CX Today in a recent interview.

Faced with thinning ranks from retirements, budget cuts or hiring freezes, these agencies are turning to AI to help frontline employees manage the workload. Mackay laid out the scope of the challenge ahead:

“Not reimagining how it works is an existential threat. It’s not like they need to just pay more for people; they can’t get the people. So now they have to figure out how they rationalize that ability to serve these customers. You’ve got a government who can’t afford the contact center, who legally have to provide that service, how are they going to do it?”

For government organizations, changes in service approaches such as scaling back contact center operations are not simply a business decision.

In the UK, HMRC was forced to backtrack almost immediately last year on plans to reduce its customer helplines in an attempt to funnel taxpayers towards its digital services such as chatbots and online forms. The agency stated that was “halting its plans in response to the feedback” from the public, business groups and politicians.

The Canada Revenue Agency (CRA) has also come under scrutiny in recent months following layoffs earlier this year, given ongoing taxpayer complaints around long wait times, unanswered calls, and contact center agents providing inaccurate tax information. The CRA has hired back some staff, as the issue has been escalated to Parliament and the Auditor General. An assistant commissioner at the CRA, Melanie Serjak, told MPs in a standing committee in October that the agency is looking at AI, among other technology tools, to assist agents in providing accurate responses.

While AI is often touted as a solution that “makes everything better,” supporting staff in government agency contact centers is one area where there is true potential, Mackay added.

“Is AI the answer to that? It might not be. There might be other ways… like outsourcing has been a favorite way of dealing with that. But AI has a real chance, if used well, to help augment and get rid of—to some degree—some of the requirements for bums on seats.”

For an agency that fields millions of questions, complaints and appeals each year, even small improvements in case handling can translate into noticeable gains in service experience for the public.

Summarizing long case files, retrieving policies instantly, drafting communications, and pulling up relevant data are the kinds of small efficiencies that add up to noticeable real-time savings in understaffed environments.

However, the challenge will be using AI solutions appropriately and avoiding the risk of hallucinations related to tax filing or collection, which could have serious consequences for taxpayers.

Organizations will need to establish clear guardrails around how automated systems handle sensitive financial information, making sure that every recommendation or calculation they make is grounded in verified data. Human oversight will remain critical, particularly if AI is tasked with interpreting complex regulations or communicating with taxpayers.

Salesforce, for its part, recommends deploying AI agents for non-critical tasks and where human experts can easily intervene.

“Salesforce doesn’t advocate for a blind AI processing tax returns without a human being involved in reviewing and supplementing it,” Tatum told Axios. “When the agents are built, there’s a lot of guardrails put in … [they’re not] allowed to make final decisions, they’re not allowed to disperse funds.”

For other government organizations, the IRS’s move offers a case study into how AI might fit into their own service delivery approaches, aimed squarely at relieving pressure on overworked teams.

For many enterprises, the toughest part of navigating the agentic AI wave is determining whether the technology actually solves a real problem. Danny Gunn, Head of Workforce Planning at Bet365, put it candidly:

“Part of the understanding of AI is the use case. It may sound great from the sales pitch, but does it actually work? There are quite a few [solutions] where we tried them and they don’t actually work, whether that’s because we’re not ready and our backend processes can’t use all of that or the technology isn’t quite as good as the sales pitch that we get to see.”

For organizations operating under financial constraints, the hype can create tension to turn to AI as a cure-all to deliver cost savings. Kim Baker, Head of Operational Support Services at UK housing association L&Q, noted that leaders are under “huge pressure to not spend too much money and save as much as we can.”

“Everyone just says AI as if it’s now the answer to everything, but I don’t think people really fully understand what AI is and what it might be able to do for them.”

Baker added a critical reminder that any organization considering agentic AI for automation needs to address “simple truths” before jumping on the bandwagon:

“There’s no point launching AI if your data is not right in the first place, because where’s it going to look to answer these questions?”

Without reliable data, even the most advanced agentic AI implementation will deliver inconsistent results, and undermine trust in the technology.

Understanding Where AI Truly Adds Value

The pressure to “have AI” is evident across the industry, often overshadowing the need for alignment with real organizational challenges. Keith Griffin, Cisco Fellow VP, noted how easily organizations default to AI without planning or frameworks: “It is very much about ‘we need to have some AI capability’ but not think deeply about where there’s evidence of where it [gets results] and some of the reasons why AI adoption scores.”

“Mismatched use cases, expecting AI to do things that it’s not very good at, or assuming that it can do more than possible,” all result in failed implementations, Griffin added. “People are getting caught up with which AI models should be used, and it really doesn’t matter… as long as it’s safe to use and an appropriate use for the organization.”

Chris Rainsforth, Director of Learning & Innovation at contact center industry body The Forum, noted that AI has become “a catch all” for any operational challenge and highlighted the pitfall of rushed deployments:

“What we’ve seen a lot of examples of, unfortunately… people trying to deploy something without understanding the problem they’re trying to solve. In the first instance, they spend a lot of money, they spend a lot of time, spend a lot of effort doing something, and then it doesn’t get the results.”

Leadership often grows frustrated when a costly AI project fails to deliver results, questioning why the investment isn’t paying off. Untangling those underlying issues then becomes a difficult and time-consuming process.

But encouragingly, more organizations are beginning to pause and reassess, Rainsforth said.

“On the flip side, we are starting to see more people take a more considered approach, going, ‘what are the outcomes? What am I trying to solve? Let’s then work back from that to understand what technology can enable us to deliver it.’ And AI might not be the answer to every problem. It might be something else.”

“People are starting to have those conversations be a bit more kind of thoughtful about that approach, rather than just wasting time and effort and money,” Rainsforth said.

Putting the Customer First in Tech Decisions

Ultimately, when leaders pay close attention to what their customers need, rather than what the market is hyping, they gain a clearer sense of which tools will genuinely improve experiences and which investments aren’t worth pursuing, several speakers emphasized.

Listening to customers provides the grounding needed to make purposeful, informed choices about where and how to deploy new technology, whether that’s agentic AI or other systems.

Frontline experience shows that customers don’t tend to share the industry’s fixation on AI-driven speed and automation; they’re simply looking for problems to be solved efficiently. As David Holmes, Director of Sales at UK utility SSE observed:

“I don’t have customers tell me, ‘I hope you hurry up with that AI’. I don’t have customers saying, ‘I hope you handle my call quicker’; customers care about the resolution, they care about the time on the phone. They do care about simplicity and I think most sales could benefit from all of that, and that’s where technology can help.”

Across discussions on the show floor, that theme consistently resurfaced. The path to meaningful AI adoption starts with understanding customer needs. When enterprises anchor technology decisions in real-world pain points rather than hype cycles, they’re more likely to avoid missteps and deliver measurable improvements.

Speakers pointed to the widening gap between aspiration and execution, especially as AI exerts increasing pressure to demonstrate innovation.

As Natalie Higgins, Solutions Sales Executive at NiCE put it:

“There’s an overload of data and a very short amount of time… frontline team managers, supervisors, executives are spending hours trying to mix all of this information together, but by the time they’ve done that analysis the opportunity has passed.”

The manual approach of the past no longer matches the pace of the environment. “The speed to deliver has changed,” Higgins said, “Using the manual, time consuming process does not make it easy for you to drive continuous optimization.”

Too Much Data, Too Little Clarity

Speakers acknowledged a repeating cycle. Enterprises face the same issues year after year but struggle to move forward. As one speaker put it, “Even though we’ve had the same challenges and outcomes for the last 10 plus years, organizations are stuck,”

“And why is that? Because there’s too much data that we don’t make enough sense of.”

Describing the challenge as “super hard”, Higgins noted that “demands keep increasing and the challenges are rising… the speed to deliver has changed, and that’s what makes it difficult.”

In the rush to respond quickly, teams confront a wall of questions: “Where is my data? What data do I have? And how on earth do I go about it for any particular solution?” Higgins said.

The issue is not the lack of data but the lack of time, capability, and coherence to make it usable.

“There is a massive disconnect between the strategic direction that a business wants a company to go in and actually, how do you get to that insight?” said Andrew Tucker, Solution Engineer at NiCE.

“You know that the data exists for you to be able to make the decisions and roadmap these initiatives.”

Data silos make it difficult to move with agility. “There is a massive time lag between ‘I want to achieve a certain thing,’ and ‘here is a roadmap for how you achieve that,’” Tucker added.

To make matters worse, “we’re layering on an extra level of complexity… caused by every single vendor out there… pushing the AI narrative.”

Data Connection, Not Just Collection

When it comes to data management, teams often lack the ability to translate it into meaningful action. “How do we make a data-driven decision… to be able to influence that?” Tucker asked, describing organizations that spend “weeks and months worth of work… to say what is happening, why it’s happening, and how do I forecast outcomes?”

Building bigger datasets won’t solve the problem. What matters is linking information in a way that reveals what’s really happening.

“This isn’t about data collection. This is about data connection,” Higgins said.

There is much debate in the industry about the level of data organization needed to be able to roll out AI-based applications.

Kim Baker, Head of Operational Support Services at UK Housing Association L&Q warned: “There’s no point launching AI if your data is not right in the first place, because where’s it going to look to answer these questions?”

When enterprises can get a handle on their data, they can draw out actionable insights, and AI can be a tool to help manage and extract data, making it AI-ready.

“Data is becoming more readily available. It’s more insightful. We can make better data driven decisions as organizations,” said Chris Rainsforth, Director of Learning and Innovation at The Forum.

“Some people haven’t caught up with that data yet and are still sitting back in that old way of thinking. That change will continue, and it’ll continue to drive us.

Marco Ndrecaj, Director of Customer Experience Management at Shared Services Connected, described large-scale operations facing overwhelming customer segments and datasets: “You’re like, oh my god, what am I looking at first? And I think that’s where the strength of AI comes to play.”

“Let AI take care of the data, take unstructured data, the structured data, and then turn it into insight. Once that’s done… let the human with empathy and with care to take it from there.”

As the conversations made clear, it’s imperative that enterprises turn data “overload into clarity,” and strike the right balance between automation and human judgement.

X (formerly Twitter), ChatGPT, Claude, Perplexity, Spotify and payment giant Square were among those caught up in the fallout.

The trouble began just before 11:48 GMT, when Cloudflare posted that it was dealing with an “internal service degradation” causing intermittent outages across its service network. Users saw error pages, stalled logins, broken APIs, and sites claiming connections were blocked. There were a few conflicting signals about the restoration progress, as at one stage the company reported that services were beginning to recover, but then around 15 minutes later reverted to “continuing to investigate this issue.”

By 13:04 GMT, Cloudflare admitted that one of its fixes involved disabling WARP access in London entirely, temporarily cutting off users from its WARP performance-boosting and VPN service that helps secure and accelerate internet connections:

“During our attempts to remediate, we have disabled WARP access in London. Users in London trying to access the Internet via WARP will see a failure to connect.”

Cloudflare announced a fix five minutes later, but continued to receive “reports of intermittent errors” until close to 17:00 GMT.

Untimely Outage Exposes Weak Spots in Online Payments

While the broken pages and error messages got the immediate attention, the real pain from such outages often comes from the disruption to payment flows. Failed transactions, repeated payment attempts, and unclear confirmations create a backlog of problems that merchants have to untangle later.

As Monica Eaton, Founder and CEO of Chargebacks911 and Fi911, said, “When major websites hiccup, users notice. When payment processors flicker, the ripple effects get messier—and much less visible.”

When customers are unable to complete payments, or worse, the system wobbles cause duplicate payments, the chaos continues beyond the initial outage.

“What actually happens during an outage like this is messy. Customers retry purchases, cards get hit twice, confirmation pages stall, and suddenly you have a wave of confusion that turns into disputes. By the time the dust settles, merchants are left cleaning up charges they never intended to send in the first place.”

And the timing of this particular outage, during the shopping days leading up to Black Friday, caused further headaches, as Charlie Jackson, Executive Director of Gumpo Digital Marketing, pointed out:

“This is not just a typical server blip, this is a multi-million pound algorithm disruption hitting the digital marketing world at the worst possible time. With major e-commerce brands down and around 80% of our clients relying on Cloudflare, we had no choice but to immediately hit the pause button on high-spending PPC and paid social campaigns.

That will not only affect revenue on the day, but will have a knock-on effect on retailers’ performance over the Black Friday period, Jackson said, because advertising platforms like Google and Meta use machine learning. “When you interrupt high-performing campaigns, you essentially disrupt the algorithms’ constant flow of data needed to optimize budgets and target audiences effectively.”

The hours-long outage could cost the retail sector millions in disrupted campaigns and lost momentum during the biggest shopping event of the year.

“We’re in the most critical 10-day scaling window before Black Friday and this outage has once again flagged the impact CDN outages can have and that though they bring benefits on the whole, they do leave sites vulnerable and at the mercy of Cloudflare to resolve these issues,” Jackson said.

Repeated Cloud Outages Are Exposing Systemic Weaknesses

Cloudflare’s stumble, coming shortly after massive outages in the past month at AWS and Microsoft Azure that caused their own waves of disruption, has given more fuel to warnings over the dependence on a small number of global infrastructure giants. As Eaton noted:

“Cloudflare going dark today should snap every merchant back to reality. We keep building bigger online businesses, yet so much of that growth depends on a few invisible services holding everything together. When one of them goes down, even for a moment, the internet feels like a house with loose wiring. Lights flicker everywhere. Payments included.”

Mike Hoy, CTO at Pulsant, has warned that the concentration of workloads in the hands of so few providers creates systemic risk. His concern is twofold: the technological fragility and the lack of practical recovery planning among businesses. “Encouragingly, many organizations are already moving away from dependence on a single public cloud provider. Recent research from Pulsant reveals that 87% of businesses plan to partially or fully repatriate workloads over the next two years—up from 43% in 2021, according to Barclays.”

But that shift isn’t simple, as regulatory constraints, data transfer costs and platform lock-in all slow the transition. These outages expose the vulnerabilities of the current model and why a more competitive and distributed cloud ecosystem is needed, Hoy said.

“True resilience requires workloads to span colocation, private infrastructure, and public cloud. Colocation sites provide critical support when primary facilities fail. They offer regional diversity, robust physical security, and the connectivity needed to bridge private systems with cloud platforms.”

But this only works if recovery strategies stay consistent and coordinated. Otherwise, the slowest backup system becomes the bottleneck, Hoy added. As enterprises plan for the year ahead and beyond, they need to build recovery into their digital architecture.

Eaton stressed that businesses shouldn’t view infrastructure faults as rare surprises that leave them scrambling. Instead they should account for them as operational realities that need structure and preparation.

“Treat outages like this as part of normal operations instead of strange one-offs.

Practical steps can prevent minor glitches from turning into major financial cleanups: “Track failed and duplicate transactions. Talk to customers before they start guessing what went wrong. Make a quick log of what happened today so you are not trying to piece it together weeks from now when chargebacks start landing.”

Financial services have been especially rattled by the repeated outages. After the recent AWS outage disrupted several major UK banks, the Financial Conduct Authority warned that the UK needs to “strengthen” its oversight of foreign tech providers.

“The FCA’s latest warning underlines how heavily the UK’s financial system now relies on a small number of foreign companies to deliver the core digital services it depends on,” Vivek Dodd, CEO at Skillcast, said.

“Such disruptions expose not just technical faults but broader challenges around operational resilience and business continuity in a hyperconnected economy.”

While many financial institutions have made progress in digital transformation, their contingency strategies often still assume the reliability of third-party partners, Dodd noted. But “even the most sophisticated global tech firms are not immune to outages or cyber-attacks, and the consequences for customers and markets can be significant.”

Enterprise continuity and recovery plans should map critical dependencies and identify single points of failure, Dodd said. They should include layered contingency measures such as multi-cloud or hybrid hosting strategies, and proactive communication.

“Ultimately, resilience isn’t just about protecting systems; it’s about preserving customer trust and safeguarding organizational reputation in an increasingly digital world,” Dodd said.

Indeed, the underlying concern is bigger than a single provider’s bad day. Between AWS, Azure, and now Cloudflare, outages are coming more often, and the consequences are hitting more critical services.

The goal is to stay grounded and tighten the parts of the process that businesses can actually influence, Eaton said.

“None of this is about panic. It is about owning the risks you can control. Cloudflare had an outage today. Another provider will have one tomorrow. What matters is whether businesses learn from these moments or keep hoping luck will cover the gaps.”

Businesses need to wake up to the fact that the internet’s backbone rests on fewer pillars than most customers realize, and those pillars are wobbling more often.

The division brings together the company’s Partners, CX Customer Success & Services, Marketing, Global Business Operations, IT, and Corporate Security departments under a single organizational umbrella.

According to NiCE, the new structure is designed to enhance its operations while accelerating its AI-first approach to customer experience. By integrating technology, process, and customer-facing teams, NiCE aims to create a more seamless and responsive experience for its clients.

“NiCE continues to advance its mission to redefine customer experience through AI-orchestrated business outcomes, uniting human empathy and intelligent automation at scale,” the company said in announcing the new structure.

Arun Chandra is joining NiCE in the newly created role of Chief Operating Officer to lead the Global Customer Operations division, reporting to CEO Scott Russell. Chandra brings leadership experience from Disney, Meta, and Hewlett Packard Enterprise, where he built a track record of driving operational innovation and customer-centric growth, NiCE said. At Disney, Chandra modernized the $24 billion streaming business’s customer experience for over 195 million subscribers, using AI and automation to enhance engagement and reduce friction.

“I have a deep understanding of the significant impact NiCE delivers for leading organizations, and I’m excited to build on that foundation, scaling global operations, deepening partnerships, and ensuring every customer interaction reflects the innovation and integrity that define NiCE.”

NiCE’s new customer-focused division fits within a broader trend in which IT, security, and business operations are increasingly intertwined with customer service functions. Companies are investing in technology-driven customer experience strategies that rely on data, automation, and AI, while still emphasizing the human element in service interactions.

Supporting Integrated Customer Operations

IT and security teams are increasingly tasked with supporting customer service operations, making sure that AI tools and a patchwork of third-party apps and integrations run securely and reliably.

That requires a more integrated organizational approach, where teams that were previously siloed have to work together more closely. In turn, those teams need unified platforms and processes that allow data and insights to move across departments more freely, enabling proactive issue resolution and faster decision-making.

While few CX software vendors have explicitly launched a global customer operations division in the same way NiCE has, several are taking similar steps to integrate their customer success, service, IT, and operational functions.

For example, ServiceNow has been aligning its customer service management and front-office operations with its IT workflows, creating a more unified, AI-driven platform for service delivery and operational efficiency. Cisco recently merged its CCaaS and CPaaS teams into a single Webex Customer Experience organization, bringing together engineering, operations, and customer-facing teams with a view to accelerating innovation and streamlining AI-powered service. Meanwhile, SAP’s CX suite consolidates marketing, commerce, sales, service, and customer data with back-end systems, allowing cross-functional teams to collaborate more seamlessly.

By bringing together CX, IT, operations, and security under a single division, NiCE is positioning itself to make use of automation and AI more effectively across all touchpoints, while still preserving the human empathy central to customer interactions. The new structure should make it easier for the company to turn data and intelligence into actionable insights that drive operational efficiency and more personalized, responsive customer experiences.

Such integrated approaches could become a standard model for enterprise customer operations, as organizations increasingly blend technology, data, and human expertise to meet the demands of modern customers.