You are working as a digital communications officer for the European External Action Service (EEAS). A junior colleague proposes a new initiative to use an external, non-EU cloud-based video conferencing tool for all sensitive diplomatic meetings involving classified documents, arguing that this tool offers better accessibility and that 'EU rules do not restrict the choice of technology for internal meetings.' They also claim that the tool's encryption is sufficient to meet all EU cybersecurity requirements without further assessment. Based on the EEAS mission to ensure coherence and coordination in international action, and general EU principles on data security and digital sovereignty, which of the following statements best identifies the primary flaw in this proposal?