Data Sovereignty
In a world where your data passes through foreign servers, Adlibo guarantees that your sensitive information remains under Swiss jurisdiction - the most protective in the world.
Why Switzerland?
Switzerland offers a unique légal framework: outside EU, outside NATO, outside Five Eyes, with a data protection law aligned with GDPR.
Recognized Neutrality
Permanent neutrality recognized since the Congress of Vienna (1815). Switzerland is neither a NATO nor an EU member, preserving its légal independence.
nDSG: Solid Légal Framework
The new Data Protection Act (nDSG, Sept. 2023) provides a GDPR-equivalent framework, with individual criminal penalties up to CHF 250,000.
Outside CLOUD Act
As a Swiss company with no US subsidiary, we are not subject to the CLOUD Act. US authorities have no légal basis to demand your data.
Outside Five Eyes
Switzerland is not a member of Five Eyes, Nine Eyes, or Fourteen Eyes. No obligation to share intelligence with these alliances.
100% Swiss Infrastructure
Servers in Swiss datacenters (Geneva and Zurich). No replication to foreign jurisdictions. Encrypted backups on Swiss territory only.
EU Adequacy
Switzerland benefits from an EU Commission adequacy decision, allowing EU-Swiss data transfers without additional contractual clauses.
The "Nexus" Principle
US authorities use the "nexus" principle to justify their extraterritorial jurisdiction. This link can be extremely tenuous.
USD Transaction
A single USD transaction is sufficient
Email via US server
An email passing through a US server
US Cloud provider
Using AWS, Azure, GCP (even EU datacenter)
US customer
A single US customer among thousands
Correspondent bank
Payment via a US correspondent bank
Adlibo: Zero Nexus with USA
To guarantee full sovereignty, Adlibo categorically refuses customers of American nationality (citizens, residents, US companies). This decision eliminates any nexus with the United States.
- CHF billing only
- 100% Swiss Confederation infrastructure
- No US subprocessors
- Swiss bank without US correspondent
The Risks of US Providers
US companies are subject to laws that allow the US government to access your data - even if you are in Europe.
CLOUD Act (2018)
Allows the US government to demand access to data stored by American companies, even if servers are abroad.
FCPA (Foreign Corrupt Practices Act)
Allows prosecution of any company with US ties for foreign corruption. Billions in fines (e.g., Alstom, Airbus).
Sanctions OFAC
US secondary sanctions prohibit foreign companies from trading with embargoed countries, under penalty of financial system exclusion.
FISA Section 702
Authorizes warrantless surveillance of non-US persons' communications, including through US cloud providers.
National Security Letters
The FBI can demand data without judicial oversight and prohibit the company from disclosing this request.
Patriot Act
Gives fédéral agencies broad powers to access data in terrorism investigations.
Adlibo: Your Swiss Shield
By choosing Adlibo, you choose a 100% Swiss company, not subject to the CLOUD Act, FISA, or any foreign data access law. Your prompts, analyses, and results remain exclusively in Switzerland.
Beyond CLOUD Act: The Real Dangers
The CLOUD Act is often cited, but laws like FISA 702 and Executive Order 12333 represent a much greater threat to your data.
CLOUD Act
2018Allows US authorities to demand access to data stored by US companies, even on foreign servers. Requires a judicial warrant.
Judicial oversight
Yes
Target notification
Possible
Scope
Data stored by US companies
FISA Section 702
2008/2024MASS surveillance without warrant of all non-US persons' communications. FISA Court approves entire programs, not individual targets. Renewed in April 2024 with expanded powers.
Judicial oversight
No
Target notification
Never
Scope
All non-US persons communications
Executive Order 12333
1981Authorizes NSA to collect data IN BULK from foreign networks without any judicial oversight. Covers undersea cables, internet exchange points, and datacenters outside USA.
Judicial oversight
No
Target notification
Never
Scope
Bulk collection outside USA
National Security Letters
1986+FBI can demand metadata, connection logs and financial records WITHOUT warrant. Company CANNOT inform the target (permanent gag order).
Judicial oversight
No
Target notification
Never
Scope
Metadata and records
CALEA Act
1994Requires US network equipment manufacturers to integrate interception capabilities into their products. Every Cisco or Brocade router, every Palo Alto or Juniper firewall MUST contain legally mandated backdoors.
Judicial oversight
No
Target notification
Never
Scope
Mandatory backdoors in network equipment
Why FISA 702 and EO 12333 Are More Dangerous
• CLOUD Act requires a judicial warrant and allows contestation. FISA 702 and EO 12333 operate without any judicial oversight for targets.
• FISA 702 was renewed in April 2024 with EXPANDED powers, allowing more companies to be compelled to cooperate.
• EO 12333 authorizes BULK collection on undersea cables and exchange points - your data can be intercepted without anyone knowing.
• With these laws, the NSA can collect your communications WITHOUT ever notifying you, unlike the CLOUD Act.
Your AI Prompts: An Invisible Data Leak
Every request sent to ChatGPT, Claude or Gemini passes through US servers - and may contain your most sensitive data.
What your employees send to AI
- •Source code with hardcoded credentials
- •Client emails for rephrasing
- •Contracts and légal documents
- •Financial data and internal reports
- •Patient information (healthcare)
Légal Consequences
- •GDPR violation: unauthorized transfer to USA
- •Data accessible via CLOUD Act / FISA
- •Loss of professional secrecy (lawyers, doctors)
- •Model training on your data
- •Fines up to 4% of global revenue (GDPR)
The Adlibo Solution
Our AI security suite intercepts and analyzes requests BEFORE they reach AI providers:
Injection and attack détection
Sensitive data blocking
Real-time browser protection
Jurisdiction Comparison
Where are the main AI security solutions based and what are the implications for your data?
| Company | Country | CLOUD Act | Data Location |
|---|---|---|---|
🇨🇭AdliboRecommended | Switzerland | Not subject | 🇨🇭 Switzerland |
🇨🇭Lakera HQ CH, AWS infra, IL owner | Switzerland (Israeli owner) | Subject | AWS (USA/EU) |
🇺🇸HiddenLayer | USA | Subject | USA |
🇺🇸Robust Intelligence | USA | Subject | USA |
🇺🇸Protect AI | USA | Subject | USA |
🇮🇱Cybereason | Israel/USA | Subject | USA/Israel |
🇮🇱SentinelOne | Israel/USA | Subject | USA |
Concerned Industries
Data sovereignty is critical for many regulated sectors.
Finance & Banking
Banking secrecy, FINMA compliance, client data protection
Healthcare & Pharma
Patient data, clinical research, intellectual property
Légal
Professional secrecy, client files, defense stratégies
Government
Classified documents, official communications, citizen data
Protect Your Data with Swiss Security
Join the companies that have chosen data sovereignty. With Adlibo, your information never leaves Switzerland.