For the first time since the Cold War, Denmark’s Defence Intelligence Service (FE) lists the United States as a “security threat” in its annual risk assessment. The classification is diplomatically neutral, but the timing is explosive: F-35 orders in limbo, Greenland rare-earth deals under scrutiny, and a Tech-30 index that has lost 8 % in three weeks. The U.S. Embassy in Copenhagen responded within hours, signalling that the trans-Atlantic partnership is “not in question” yet quietly warning that Danish firms could be cut out of next-generation R&D if trust erodes further.
Key numbers
• 67 % of Denmark’s cloud market is served by U.S. hyperscalers (Amazon, Microsoft, Google).
• DKK 38 bn in Danish exports to the U.S. last year – 21 % of total goods exports.
• 4.2 % of Denmark’s electricity grid is now controlled by U.S. private-equity owners.
What FE actually wrote (and what it did not)
The one-page passage on the U.S. appears in the “Foreign Economic & Technological Intelligence” chapter. FE does not claim Washington is hostile; it warns that “U.S. legislation gives American authorities extraterritorial reach into Danish data, supply chains and critical infrastructure.” The mechanism: the U.S. CLOUD Act, FISA 702 and the new Outbound Investment Screening regulations that take effect 1 January 2026. In plain language: if you run a wind-turbine control system on AWS, store patient data in Azure, or accept Y-Combinator capital, the U.S. Treasury or DOJ can in theory demand access – and Danish courts cannot veto.
Washington’s reply – decoded
Berlingske obtained a three-sentence statement from the Embassy. NBJ’s translation:
Sentence 1: “We share concerns and goals on tech and economics.”
→ We know you are nervous about CLOUD Act extraterritoriality; so are we about your upcoming GDPR-3 draft that could hit U.S. firms with 4 % revenue fines.
Sentence 2: “Deepen partnerships… combating state-sponsored overcapacity, overregulation…”
→ If Copenhagen joins Brussels in carbon-border tariffs or semiconductor subsidy regimes that disadvantage U.S. fabs, the chip-research MoU signed in May (Intel-TU Denmark) could be quietly shelved.
Sentence 3: “The U.S. remains Denmark’s closest ally.”
→ NATO Article 5 still stands, but the “closest ally” slot is now contested; Washington has opened a back-channel to Stockholm on Greenland logistics, bypassing Copenhagen.
Business fallout – scenario matrix
1. Cloud & Data
Risk: Danish health-insurer Tryg, shipping giant Maersk and vaccine-maker Bavarian Nordic all rely on U.S. cloud. FE recommends “sovereign cloud” by 2027. Cost: €400-600 m in migration, 3-4 % EBIT hit for SMEs.
Upside: Potential for Nordic providers (Tietoevry, Basefarma) to grab 15 % market share if EU creates GDPR-3 “data-franc” clause.
2. Defence & Dual-use
Risk: Terma A/S supplies F-35 components; 14 % of revenue is Lockheed-linked. FE report triggers clause in U.S. Defence Federal Acquisition Regulation (DFARS) that allows Pentagon to re-source if “foreign government classifies U.S. as threat.”
Upside: Saab and KNDS could localise production in Denmark, qualifying for EU €1.1 bn EDF fund.
Risk: U.S. Inflation Reduction Act (IRA) already diverts half of Ørsted’s 2026 capex budget to U.S. offshore wind. FE warning may push Folketinget to copy IRA tax credits, creating a subsidy race.
Upside: Danish suppliers of power-to-X (Topsoe, Vestas) can leverage “ally-shoring” language in U.S. State Dept. briefs to keep access to U.S. market if they store IP in EU-based entities.
What happens next – calendar watch
• 15 Dec: Danish Parliament’s Finance Committee votes on DKK 1 bn “digital sovereignty” envelope.
• 9 Jan 2026: U.S. Outbound Investment rules take effect; screening of Danish biotech & quantum start-ups begins.
• 21 Jan: EU-U.S. Trade & Tech Council in Pittsburgh; Greenland’s mineral portfolio tops agenda.
• 30 Jan: FE’s classified addendum leaked (expected); watch for Huawei-style “5G moment” on U.S. cloud.
Board-room checklist for Nordic CXOs
1. Map where your data sits – if >40 % in U.S. cloud, budget 18-month exit clause.
2. Insert “change-of-threat” termination right in every U.S. SaaS contract >DKK 10 m.
3. Dual-track R&D grants: apply simultaneously to Horizon Europe and U.S. DOE to keep optionality.
4. Scenario-plan a 25 % depreciation of the DKK if FE report escalates into FX-risk premium.
Bottom line
The FE report is not a diplomatic rupture; it is a regulatory early-warning system. Nordic companies that treat it as such – and re-wire supply chains now – will pay a 2-3 % margin premium today but avoid a 15-20 % revenue shock when (not if) the next extraterritorial U.S. statute lands.