# Data Sovereignty

> Sovereignty enforced at the key layer, not the contractual layer. Providers cannot access, reconstruct, or disclose keys they do not hold. Sovereignty becomes technical, not dependent on trust.

## The Contractual Sovereignty Problem

Most "sovereign cloud" or "data residency" arrangements are contractual: the provider promises not to access data, and may be legally able to access it nonetheless under foreign jurisdiction. The data subject's protection depends on trusting the provider and the provider's home jurisdiction.

## Technical Sovereignty

With Phantom Secrets™ the keys controlling sovereign data do not exist for the provider to disclose. Threshold shares are held by parties under the data subject's jurisdiction. The provider operates the infrastructure but cannot reconstruct the keys, and cannot be lawfully compelled to disclose what it does not possess.

## Use Cases

- Government and public-sector data hosted on commercial cloud
- Cross-border financial data subject to multiple jurisdictions
- Healthcare and biometric data subject to strict residency rules
- Sovereign AI training data and model weights

## Related

- Critical Infrastructure: /api/md/solutions/critical-infrastructure
- Enterprise Security: /api/md/solutions/enterprise-security
- Architecture: /api/md/architecture