# Redis Sovereignty: Why Your Cache Layer Is a Sovereignty Risk

Redis often holds session tokens, user preferences, cached PII, authentication state, and real-time event streams. This data transits and persists in memory and in backups, making your cache layer subject to the same jurisdictional risks as your primary database.

Major managed Redis services (Amazon ElastiCache, Azure Cache for Redis, Google Cloud Memorystore, Redis Cloud) run on US-owned infrastructure under US law. Your cached data is accessible under the [CLOUD Act](https://en.wikipedia.org/wiki/CLOUD_Act) without Swiss judicial process, regardless of which region you select.

Running Redis on Swiss infrastructure solves the data residency question, but sovereignty is more than where data is stored. The EU Cloud Sovereignty Framework defines eight dimensions that determine whether your provider is truly sovereign.

## Redis and the license question

Redis changed its license from BSD to a dual license (RSALv2 + SSPLv1) in March 2024, restricting how cloud providers can offer Redis as a managed service. With Redis 8 (May 2025), Redis added AGPLv3 as a third licensing option alongside RSALv2 and SSPLv1, making an OSI-approved open-source license available again.

## Managed Redis sovereignty compared

| Dimension | AWS ElastiCache | Azure Cache for Redis | GCP Memorystore | VSHN Managed Redis |
|-----------|----------------|----------------------|-----------------|-------------------|
| **Ownership** | Amazon (USA) | Microsoft (USA) | Google (USA) | VSHN AG (Switzerland) |
| **Governing law** | US law | US law | US law | Swiss law |
| **CLOUD Act** | Exposed | Exposed | Exposed | Not exposed |
| **Licence** | Proprietary service layer | Proprietary service layer | Proprietary service layer | Redis 8+ (RSALv2 / SSPLv1 / AGPLv3) |
| **Key custody** | AWS KMS | Microsoft-managed | Google-managed | Encrypted at rest via cloud provider; optional [Swiss HSM](https://cloud.securosys.com/cloudhsm) |
| **Operations team** | USA | USA | USA | Switzerland ([Swiss-only option](https://products.vshn.ch/support_plans.html#_option_switzerland_only_support)) |

## VSHN sovereignty self-assessment

We applied the EU's [Cloud Sovereignty Framework](https://commission.europa.eu/document/09579818-64a6-4dd5-9577-446ab6219113_en) (v1.2.1, October 2025) to our own services. This framework was used to score providers in the EU's [EUR 180M sovereign cloud tender](https://ec.europa.eu/commission/presscorner/detail/en/ip_26_833) in April 2026. Three pure-European providers achieved SEAL-3, while a consortium involving Google Cloud scored only SEAL-2.

*This is a self-assessment, not a formal SEAL certification. We publish it for transparency so customers can evaluate our sovereignty profile using the same structured criteria the EU uses.*

| # | Dimension | Weight | Assessment | Evidence |
|---|-----------|--------|-----------|----------|
| SOV-1 | Strategic | 15% | **Strong** | Swiss AG, no foreign parent, all shareholders Swiss citizens ([Commercial Register](https://zh.chregister.ch/cr-portal/auszug/auszug.xhtml?uid=CHE-275.566.226)) |
| SOV-2 | Legal | 10% | **Strong** | Swiss law ([GTC](https://products.vshn.ch/legal/gtc_en.html)), no CLOUD Act, [EU adequacy decision](https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en) |
| SOV-3 | Data & AI | 10% | **Strong** | Swiss DCs by default. [Managed Redis](https://www.managed-redis.ch) on cloudscale.ch, Exoscale, or customer infrastructure. Sovereign key management via [Managed OpenBao](https://www.openbao.ch) + [Swiss HSM](https://cloud.securosys.com/cloudhsm) |
| SOV-4 | Operational | 15% | **Strong** | Swiss 24/7 ops, [Swiss-only support option](https://products.vshn.ch/support_plans.html#_option_switzerland_only_support). All services on vanilla Kubernetes |
| SOV-5 | Supply Chain | 20% | **Strong** | Infrastructure-agnostic — [customer chooses provider](https://servala.com/providers/). Open-source software |
| SOV-6 | Technology | 15% | **Strong** | 100% open source. VSHN contributes to [K8up](https://github.com/k8up-io) (CNCF), [Crossplane providers](https://github.com/vshn), [Project Syn](https://github.com/projectsyn) |
| SOV-7 | Security | 10% | **Strong** | [ISO 27001](https://www.vshn.ch/wp-content/uploads/2025/12/ISO-27001-certificate-VSHN-2024.pdf), ISAE 3402 Type II, Swiss SOC. [FINMA-regulated customers](https://www.vshn.ch/en/solutions/solutions-for-banks-and-financial-service-providers/) |
| SOV-8 | Environmental | 5% | **Moderate** | DC operators: Green Datacenter AG (ISO 22301/27001/27701), [Exoscale sustainability](https://www.exoscale.com/sustainability/). [VSHN CSR policy](https://handbook.vshn.ch/corporate_social_responsibility_policy.html) |

**Overall: SEAL-3 equivalent**, the same level achieved by the winners of the EU's own sovereignty tender. No provider worldwide achieved SEAL-4: it requires fully EU/EEA-sourced hardware supply chains and open-source foundations, structural gaps shared by every cloud provider.

Try Swiss infrastructure: [Servala](https://www.servala.com) (managed services, free trial), [Exoscale]({{partner:exoscale.signup_url}}) (Swiss IaaS). Want help choosing? [Contact us](#contact).

## Get a sovereignty assessment for your caching layer

Running ElastiCache, Azure Cache, or Memorystore and concerned about jurisdictional risk? We assess your sovereignty profile against the EU framework and plan a migration to Swiss-hosted Redis. Pricing starts at CHF 60 per month with up to 99.99% SLA.