- Microsoft, wary of EU penalties, abruptly suspended Nayara’s access to cloud-based tools, paralysing communications and essential business operations overnight, forcing the company to migrate to Indian platforms as an emergency workaround.
- Microsoft wasn’t compelled by Indian or U.S. law to suspend Nayara but did so due to EU sanctions via its Irish subsidiary, exposing the absence of clear rules for cross-border tech disputes in critical sectors.
- India’s growing reliance on global cloud giants puts its digital backbone under foreign control, risking sudden disruption despite domestic laws like the Digital Personal Data Protection Act, 2023.
- The Nayara blackout shows that foreign corporate decisions can impact crude imports, supply chains, and fuel availability, posing risks comparable to cyberattacks against critical infrastructure.
The recent confrontation between Nayara Energy and Microsoft is about much more than a blocked email system. It’s a wake-up call for India’s future in an era where energy and digital infrastructure are deeply intertwined. For India, digital dependence is a problem. The bubbling reminder that the rapid growth story of India’s progress is not gelling well within Western power corridors, and the selective targeting means won’t just stop at tariffs. The dispute, sparked by Microsoft’s decision to suspend services for Nayara Energy in response to EU sanctions, has exposed not only the operational fragility of one of India’s largest refiners but also the urgent need to rethink where and under whose control critical data resides.
The Shock: How the Crisis Unfolded
Picture a workday suddenly silenced; one moment, thousands of Nayara Energy employees are collaborating on Outlook and Teams, and in a heartbeat, they are all locked out. Microsoft had blocked Nayara without any prior intimation whatsoever!
What triggered this? The EU had sanctioned Nayara’s Vadinar refinery because of Russian ownership links. Russian crude accounted for about 35% of India’s total crude imports in FY25, up from almost negligible levels (below 2%) before 2022. Microsoft, wary of EU penalties, abruptly suspended Nayara’s access to cloud-based tools, paralysing communications and essential business operations overnight. With no warning, Nayara found itself scrambling, forced to enlist Rediff.com to maintain operation, an imperfect, emergency workaround at best.
For the engineers, managers and on-ground staff at Nayara Energy, the situation was dire: decisions stalled, refinery runs reduced and critical daily functions ground to a halt, all because of a policy made continents away.
Legal Limbo: The Policy Maze Exposed
This entire episode unfolded in a legal grey area: Microsoft wasn’t compelled by Indian or U.S. law to suspend Nayara, but did so due to EU sanctions and its Irish subsidiary’s oversight of global cloud contracts. Indian courts were left to pick up the pieces, as Nayara, which owns 8 per cent of India’s total refining capacity, called out “dangerous corporate overreach” and the need for urgent policy clarity. The lack of crystal-clear rules for cross-border tech disputes, especially in vital sectors, shows India’s digital regulatory framework is still catching up to global realities.
Data Sovereignty: Who Owns India’s Digital Future?
This incident spotlights one of the biggest modern dilemmas: data sovereignty. When Indian businesses depend on global cloud giants, their digital backbone rests on foreign entities with the risk of sudden disruption. India’s public cloud market size has been forecasted to surpass $21.4 billion by the end of 2025, and explode as high as $191.7 billion by 2033, with an annual growth rate above 22.3%. The stakes are enormous, especially as more sensitive sectors move core functions onto the cloud.
While domestic legislation (such as the Digital Personal Data Protection Act, 2023) insists that sensitive data should stay within Indian borders, the reality is murkier. Most cloud contracts invisibly shuttle data overseas, making it all too easy for foreign governments or companies to flip the off switch and close the tap, if and when the global winds shift.
Cloud Infrastructure: Battleground of the Global Power Play
Cloud infrastructure has rapidly emerged as the battleground of global power play, driven by intensifying geopolitical rivalries and the growing strategic importance of data. In 2025, the United States holds a staggering 51% of the world’s data centres, underpinning dominance in the digital economy and exposing other nations to potential leverage or surveillance risks. Cloud computing is now an industry worth $912.8 billion globally, expected to grow at a CAGR of 21.2% to exceed $5.1 trillion by 2034, with Asia-Pacific led by China and India, showing the fastest expansion. The top three cloud providers, AWS, Microsoft, and Google, together command 63% of market share, heightening concentration risk and making cloud services critical nodes in international relations.
It’s no exaggeration that the Nayara-Microsoft dispute turned cloud infrastructure into a Data War theatre. The worrying factor standing out is that the foreign tech providers, under the garb of regulation compliance, can disrupt the heartbeat of vital Indian industries. The current battle isn’t just server uptime versus downtime; it’s about whether external actors controlling data from foreign soil should have the power to compromise the energy security of a billion people. This digital dependency echoes in other sectors as well. Being too reliant on U.S. or European platforms risks eroding both business agility and broader national autonomy, especially as sanctions become a rather more frequent tool of Western foreign policy.
Cloud Outage Risks: Operational and Financial Impact
Incidents like the Nayara-Microsoft lockout are not rare accidents; they are data-backed risks faced by any organisation heavily reliant on cloud services. As per Uptime Intelligence’s 2022 Data Centre Resiliency Survey, 80% of data centre managers have experienced an operational outage within the past three years, with 20% classifying at least one as “serious” or “severe.” A whopping 60% of reported failures now result in losses exceeding $100,000, and the share of those costing over $1 million has jumped from 11% to 15% in recent years. In manufacturing and energy, cloud outages can halt production lines and disrupt supply chains, forcing companies to revert to manual, error-prone processes that further amplify financial losses and reputational damage.
The top three cloud providers, including AWS, Microsoft and Google, control 63% of the market, making cloud services critical geopolitical assets that can be leveraged to disrupt vital industries like energy.
What’s at Stake: National Data Security and Energy Reliability
The blackout at Nayara proves that such actions are not abstract anymore, impacting crude imports, supply chains, and affecting millions at the fuel pump, and are just a push of a button away for Big Tech. For India, losing control digitally or physically over energy infrastructure is akin to ceding ground in a new kind of hybrid tech war. The possibility that corporate decisions from overseas can stall refineries at home is alarming.
And Nayara isn’t alone. As India upgrades its power grid and defence systems with digital technologies, its reliance on foreign cloud and data infrastructure introduces risks comparable to cyberattacks or classic espionage. In 2025, the country’s power sector experienced a 42% surge in cyber attacks, especially targeting SCADA and IoT-linked relay systems controlling transmission and grid operations. Large-scale cyber-attacks, such as the Chinese Red Echo attacks on India’s grid and ongoing DDoS hits in 2025, underscore the vulnerability of digitalised infrastructure. The Data Security Council of India notes the growing sophistication and volume of cyber threats targeting utilities and sensitive sectors. With most major transmission equipment and data flows routed via global providers, disruptions from cyber incidents or regulatory interventions can trigger cascading outages or compromise data security.
The Way Forward: Indigeneity, Resilience and Security
India needs to balance the advantages of global tech with homegrown resilience. Enterprise leaders are increasingly moving from “cloud-first” to “cloud-smart,” mixing public, private and sovereign clouds for agility and security. This hybrid cloud approach, combining Indian sovereign clouds with carefully vetted global providers, offers operational flexibility while maintaining control over sensitive data. Coupled with strict data localisation laws and robust encryption standards, these measures collectively reduce exposure to external shocks and foreign policy disputes.
Diversifying India’s data centres is a strategic necessity to strengthen digital resilience and safeguard national sovereignty. Relying heavily on a few foreign cloud providers for critical infrastructure introduces risks of operational disruptions, regulatory overreach and geopolitical vulnerabilities. To address this, India is expanding its static data centre footprint through initiatives like the government-led MeghRaj program, a GI-cloud initiative that has established several government-owned data centres to host vital public sector workloads internally. According to the JLL report, India’s data centre capacity is projected to reach 1.8 gigawatts (GW) by 2027, marking a 77% surge from current levels, driven primarily by demand from cloud service providers and the burgeoning AI sector. This expansion follows a strong growth trajectory, with the industry having surpassed 1 GW in 2024 and registering a compound annual growth rate (CAGR) of approximately 24% since 2019.
India’s journey will require tough negotiations, vigilant legal frameworks, and a paradigm shift in how digital and energy security are fused. It’s about building a system where no outside entity can single-handedly pull the plug on the country’s essential engines. To conclude, the Nayara-Microsoft episode is more than just a headline; it’s a vivid reminder that technology and geopolitics are woven into the fabric of modern life. For India, digital sovereignty isn’t about laws or servers, but safeguarding every citizen’s right to a sovereign, resilient and secured data future.
Abhinav is an accomplished Engineer, Technical Writer and consultant, who has worked for prestigious Navratna PSUs of India. He is an expert on matters related to Defense and Technology. Views are personal.
Samarth Tripathi 
Daljeet Singh 
Divyanka Tandon