A new survey from Proton has put hard numbers on something the security community has long suspected: European consumers are increasingly factoring data privacy into their purchasing decisions, and US cloud and software dependencies are becoming a commercial as well as a security liability for businesses.
The research, which surveyed 3,000 people across the UK, France, and Germany, found that 45% would actively avoid companies that store their data with US-based firms, citing privacy and security concerns. Meanwhile, 83% said they are worried about society’;s dependence on Big Tech; a concern that has historically been treated as a political talking point, but is now translating into consumer behaviour.
The data protection angle
For IT security professionals, the findings are a useful reminder that consumer-facing data risk is not purely a technical problem. The tools most businesses rely on, US cloud storage, email platforms, and collaboration suites, are the same ones consumers flagged as their primary privacy concerns. Respondents were most worried about social media, email, and messaging apps, precisely the category of services that dominate enterprise IT stacks.
The implications of US data residency have sharpened considerably since 2018, with CLOUD Act provisions, evolving transatlantic data transfer frameworks, and growing uncertainty around the stability of EU-US Data Privacy Framework adequacy decisions. Against that backdrop, 45% consumer avoidance is less surprising than it might first appear.
A commercial risk, not just a compliance one
What the Proton research adds to the conversation is the commercial dimension. Businesses that have treated US tech dependencies as primarily a compliance question, manageable through DPAs and SCCs, may now need to consider reputational and revenue risk alongside legal exposure.
80% of respondents said it matters to them that the companies they buy from use European technology. 65% said European small businesses specifically should prioritise European-based tools over US alternatives. Proton’s own growth figures bear this out: the company has seen double-digit sign-up growth across Europe as consumers and businesses seek alternatives.
Raphael Auphan, COO at Proton, said, “Buying tech from the US used to seem like a no brainer. But geopolitical tensions, privacy concerns and mistrust of Big Tech are changing the situation. European consumers are already signing up to European alternatives in droves. And this research shows that this is not just an issue for their personal lives: whether or not a company uses US tech is shaping their buying decision as well. Relying on US tech, whether that’s cloud storage from AWS or Microsoft’s office suite, is becoming a commercial liability for businesses too. Whether you’re a huge household name, or a startup with a handful of employees, it’s increasingly clear that consumers care about digital supply chains, and US tech is becoming a weak link.”
The broader picture
Proton has also published a risk report, US Tech Dependence: A Risk Report for European Businesses, which details real-world examples of disruption caused by US tech dependencies and provides a checklist of mitigation strategies. For security teams looking to make the business case for data sovereignty investments, it may serve as useful supporting evidence.
The full survey findings are available at proton.me/business/blog/european-digital-independence-survey-2026
