In February 2025, U.S. President Donald Trump imposed sanctions on the International Criminal Court (ICC) and its Chief Prosecutor, Karim Khan. This decision came after the ICC issued arrest warrants for Israeli officials accused of war crimes in Gaza.

As a result, these ICC sanctions have had serious consequences. The Court’s ability to operate has almost come to a standstill. NGOs have withdrawn, key investigations are on hold, and even basic internal systems are under strain – including Khan’s bank accounts and access to his Microsoft’s email services.

Consequently, this situation highlights a larger concern: U.S.- based cloud and technology providers have too much control over global institutions. At vBoxx, we have always emphasized the importance of data sovereignty and GDPR compliance. In this post, we explain what happened, why it matters, and how European businesses can protect their digital assets.

What are the ICC Sanctions and What Happened?

The ICC, based in The Hague, investigates serious international crimes such as genocide and war crimes. After it issued arrest warrants for Israeli Prime Minister Benjamin Netanyahu and former Defense Minister Yoav Gallant, the United States imposed sanctions in response.

According to a report by AP News, these sanctions had immediate effects. Chief Prosecutor Karim Khan lost access to his Microsoft email account and found his bank accounts frozen.

In addition, the sanctions also included financial restrictions and travel bans for anyone supporting ICC investigations involving U.S. citizens or allies. Many NGOs and legal partners, fearful of U.S. reprisals, suspended their cooperation with the court. As a result, ongoing investigations – including those into war crimes in Sudan – have stalled.

Geert-Jan Knoops, a lawyer involved with the ICC, told NOS that he was shocked by how quickly and deeply the sanctions disrupted the court’s work. He urged the Dutch government to step in and offer legal protection to European banks working with the ICC.

Meanwhile, European leaders have expressed concern over these developments. Dutch Prime Minister Dick Schoof described the sanctions as a “disturbing signal,” emphasizing the importance of the ICC’s independence. 

UPDATE! :

A Shift Toward European Alternatives

30 October 2025

In response to the challenges caused by the U.S. sanctions, the International Criminal Court (ICC) has taken concrete steps to reduce its dependence on North – American technology providers.
According to Handelsblatt, the Court is now replacing Microsoft’s software suite with a German open-source solution named OpenDesk.

This transition marks a significant move toward digital sovereignty within one of the world’s most important legal institutions. The decision was motivated by the realisation that relying on U.S.-based providers left the ICC exposed to the effects of U.S. political decisions – exactly the vulnerability the sanctions crisis made visible.

By adopting a European-built and hosted alternative, the ICC aims to ensure that its communication and data systems remain independent from foreign jurisdictional pressures. This step demonstrates how global institutions are starting to turn lessons about data sovereignty into action, seeking autonomy not just in law but also in technology infrastructure.

What This Means For You

This incident shows how vulnerable your data can be when it is stored or managed by U.S.- based providers.

Companies like Microsoft must follow U.S. law, even when that means restricting access to important tools or services. In other words, if the U.S. government can cut off access for an international court, the same could happen to your business – especially if your data relates to sensitive or political issues.

Therefore, for European businesses, this is a reminder to think carefully about where and how their data is stored. Using services based outside the EU may mean your information is subject to foreign laws, not the protections offered by GDPR.

What You Should Do Now

Here are a few steps you can take to reduce the risks:

1. Review your service providers: Check where your email, hosting, and cloud services are located. If they are subject to U.S. law, consider making a change.
2. Classify your data: Identify which parts of your data are sensitive and ensure they’re stored securely.
3. Switch to European providers: Choose companies like vBoxx that store all data in Europe and follow strict GDPR rules.
4. Update internal policies: Make sure your team understands the importance of data sovereignty and builds it into your business processes.

The sanctions against the ICC are more than just a political move – they show the risks of depending on foreign technology. European organizations must take this moment seriously and look for alternatives that guarantee independence, privacy, and legal protection.

At vBoxx, we offer secure, GDPR-compliant cloud solutions hosted entirely in the EU. With us, your data remains private and protected – always under European law. Contact us today to learn how we can help your business stay secure, independent, and compliant.