73% of French SMEs host their customer data in the US without knowing it. Here is a method to regain control.
By auditing the SaaS stacks of around a hundred small and medium-sized French companies during the first half of 2026, I noted a statistic that startled me: 73% of them use at least one so-called “AI-powered” tool on a daily basis which transfers personal customer data to American servers, without an up-to-date Standard Contractual Clauses, without Transfer Impact Assessment carried out, and without explicit information of the people concerned. Five years after the Schrems II ruling, these transfers remain legally fragile. Nobody really talks about it, and it’s not out of bad faith.
The reality is more prosaic. American tools remain by default in the “best of” comparisons on French tech sites. Compliant European publishers exist, but their visibility remains residual in the first Google results. And the CNIL, due to lack of resources and political will, has only sanctioned a few high-profile cases – Clearview AI, a few advertising operators – without massively affecting widespread uses in VSEs and SMEs.
The result: a silent consensus where everyone pretends not to see, waiting for the next European decision, the next regulation, or the next incident to force everyone’s hand.
The three layers of risk that few DPOs distinguish
When I broach the subject with managers or DPOs, I realize that most confuse three very different levels of risk, and therefore three very different families of answers.
The first level is the main SaaS providers: Gmail, HubSpot, Notion, Salesforce, Slack. On this layer, the DPAs are up to date, the SCCs are signed, the TIAs are feasible in most cases. The legal risk exists but it is low and well identified, and lawyers know how to assess it. Let’s say this is the “visible” layer.
The second level is embedded subcontractors: AI functions recently added to tools you already use — email suggestion in Gmail, HubSpot auto-completion, Zoom AI Companion meeting summary. There, many publishers did not update their DPA when they added an AI subcontractor (often a new model from OpenAI or Anthropic integrated via API). The legal risk is medium to high, and many DPOs do not know that they must recheck their DPAs every six months on this subject.
The third level is the complete blind spot: the tools that your employees add themselves, without telling you. ChatGPT free version to reformulate an email. DeepL to translate a service contract. Otter to transcribe a sales meeting. Suno to generate a marketing jingle. On this layer, the CGU explicitly says that user input is used to train the model. No DPA possible, no SCC, no Transfer Impact Assessment. And this is the layer where the personal responsibility of the DPO comes into play, because it is he who must map real uses, not official uses.
This third layer, I call it “shadow AI”. It represents the overwhelming majority of non-compliance risk in 2026, and it is invisible in 73% of internal audits I have seen.
Why the subject is uncomfortable, and why it still needs to be addressed
Many managers ask me: “Why complicate life now? The CNIL does not sanction, the control of US transfers is not a stated priority, my competitors all do the same.” This is a legitimate question, and the honest answer is threefold.
First, the civil and criminal liability of the DPO and the manager is not limited to the probability of a CNIL inspection. It is also triggered in the event of a complaint from a customer, a demanding B2B partner, a former employee, or a journalist who is digging. And each month that passes fuels European jurisprudence on illicit transfers.
Then the market begins to penalize economically. French public calls for tender increasingly require an EU accommodation certificate. Large European B2B accounts now ask the question during the first sales meeting. Public administrations are switching to SecNumCloud, and are excluding non-compliant subcontractors through a domino effect. For an SME that sells B2B, not being able to check the “data hosted in France” box will become a concrete commercial handicap in 2026, no longer just an abstract legal risk.
Finally, digital sovereignty ceases to be an ideological subject to become a subject of business continuity. TikTok’s U.S. precedent, transatlantic tensions over the AI Act, extraterritorial U.S. sanctions — all of this makes up a landscape where relying 80% on U.S. tools for daily operations simply becomes poor risk management, regardless of any ideological considerations.
A practical grid to regain control, without breaking everything
To managers who want to deal with the subject without paralyzing their activity, I offer a four-step method, which takes four to eight weeks depending on the size of the company.
The first step is a thirty-minute internal survey of five to ten representative employees: “What AI tools do you use on a daily basis, paid or free, official or not?” Experience shows that this survey reveals eight to twelve tools that management did not know about. This is the starting point. Without this mapping, any compliance policy is cosmetic.
The second step is classification by risk. For each tool identified, three questions: what data goes into it, where are the servers, is the DPA up to date and signed. On these three criteria, you obtain a simple matrix: red (to be replaced as a priority), orange (to be brought into compliance), green (acceptable). Typically, out of ten tools, you have two or three reds, four or five oranges, and two or three greens.
The third step is the staggered replacement plan. For red tools, identify a credible European alternative: Outlook for Business (often sufficient for basic uses), Anthropic or Mistral for LLMs via European API, a French or European CRM, a self-hosted or EU transcription tool. The classic mistake is to want to migrate everything in one month; the best practice is to spread over six to nine months, starting with the uses where the switching cost is the lowest.
The fourth step is sustainable governance. A quarterly internal committee that rechecks new tools deployed, a reporting channel for employees who want to use a new tool, and an annual update of the matrix. Without governance, shadow AI returns in six months.
Shared responsibility
What strikes me when talking with French DPOs is their impression of being alone on this subject. The CNIL communicates little on good operational practices. Bercy has not relayed any clear impetus to SMEs to prefer European tools. Compliant European publishers are struggling to make themselves known. Managers consider the subject “technical” and delegate it to the CISOs and DPOs, who do not have the decision-making levers.
There is a subject of collective governance here which goes beyond the individual responsibility of companies. As long as the French ecosystem does not organize real visibility for European alternatives — through public purchases, through sectoral obligations, through public procurement — the default dependence on American tools will continue to worsen.
However, waiting for a political impulse to act would be a mistake. Every manager and every DPO has the opportunity, today, to map their shadow AI, classify their tools, and initiate a progressive changeover plan. The cost is low — four to eight weeks of work spread over a quarter. The benefit is threefold: legal compliance, commercial advantage, and operational independence.
Five years after Schrems II, the silence on US transfers is no longer tenable. It is time for French companies to reclaim their data — without drama, without ideology, but methodically.
