Published by Emerging Technologies Laboratory · via ETL Newswire
World· 

EU Launches Tech Sovereignty Package to Curb Reliance on U.S. and Chinese Digital Infrastructure

The European Commission's sweeping legislative bundle targets cloud computing, semiconductors, and AI, and would bar non-EU providers from handling the bloc's most sensitive government data.

By Elke Vogel, Senior Correspondent · World Desk

BRUSSELS, The European Commission on 3 June presented what it described as the most far-reaching attempt yet to cut the bloc's dependence on foreign technology, proposing new rules that could effectively shut American cloud giants out of large portions of Europe's public sector.

The European Technological Sovereignty Package, as the Commission has named it, bundles two legislative proposals, the Cloud and AI Development Act and a revised Chips Act 2.0, alongside an Open Source Strategy and a digitalisation roadmap for the energy sector. The package must still be approved by all 27 member states before it takes legal effect.

The numbers underpinning it are stark. According to a Commission communication reviewed by ERP Today, the EU remains structurally reliant on non-EU providers for more than 80 percent of digital products, services, infrastructure, and intellectual property. Three U.S. hyperscalers, Amazon Web Services, Microsoft Azure, and Google Cloud, hold more than 70 percent of the European cloud market. Europe produces roughly 10 percent of global semiconductors.

The centrepiece of the package is the Cloud and AI Development Act, or CADA, which creates a four-tier sovereignty framework for public-sector cloud procurement. Member states would be required to assess how much of their infrastructure rests on non-EU firms and match workloads to the appropriate tier. At the highest levels, as The Next Web reported, providers must demonstrate EU-domiciled ownership, employ EU-national personnel, and prove independence from third-country legal jurisdictions, a requirement that would be difficult, if not impossible, for the big American platforms to meet as currently structured.

That final condition is a deliberate response to the U.S. Cloud Act, which allows American law enforcement to request user data from U.S. companies regardless of where it is stored. The practical implications for sensitive workloads in healthcare, finance, and judicial systems are considerable. Catherine di Lorenzo, partner at A&O Shearman, told CNBC the direction of the legislation "goes well beyond data residency and includes ownership structures, immunity from extraterritorial laws, operational control, and supply-chain transparency."

Commission President Ursula von der Leyen framed the package in the language of critical infrastructure. In a statement issued by the Commission, she said: "We cannot afford to depend on others for the technologies that keep our hospitals running, our energy grids stable and our services secure."

Part of the package's political context was provided, with uncomfortable clarity, by an episode earlier this year. According to The Next Web, when the Trump administration sanctioned the International Criminal Court's top prosecutor, Microsoft cancelled his email account. The incident was brief. For European policymakers, it was also a demonstration of precisely the kind of exposure the Commission is now moving to legislate against.

Chips Act 2.0 broadens the ambition of the original 2023 legislation, which was largely designed around pandemic-era supply-chain shortages. According to analysis published by techUK, the revised approach shifts emphasis toward demand-side tools, including public innovation procurement and so-called Demand Accelerators, to stimulate a market for chips designed and produced within the EU. The Commission has also said it will prioritise building a foundry for advanced semiconductor manufacturing within the bloc.

The package also sets a target, reported by EY's Geostrategic Analysis, to triple EU data centre capacity within five to seven years, alongside a commitment to launch a call for AI Gigafactories in July.

Critics are not scarce. Keegan McBride of the Tony Blair Institute for Global Change told CNBC that "a full retreat into a Europe-first tech approach will leave the continent weaker," arguing that great powers need global ambition to export technology, not just use it at home. Analysts also note that the original Chips Act promised €43 billion to double the EU's global semiconductor market share to 20 percent by 2030, a target that The Next Web described as one most analysts now consider unattainable.

What this package adds, its supporters argue, is regulatory compulsion that earlier initiatives lacked. CADA does not merely encourage European alternatives; it creates a compliance obligation that cannot be satisfied by simply routing American cloud services through servers on European soil. Whether Brussels can generate the industrial capacity to match that legal architecture is, as the Commission's own framing acknowledges, the question Europe has been asking itself for the better part of a decade.

Sources cited:
- European Commission press release (https://ec.europa.eu/commission/presscorner/detail/en/ip_26_1187)
- CNBC (https://www.cnbc.com/2026/06/03/europe-tech-sovereignty-us-tech-reliance.html)
- The Next Web (https://thenextweb.com/news/eu-tech-sovereignty-cloud-chips-act)
- ERP Today (https://erp.today/eu-tech-sovereignty-package-cloud-ai-chips-open-source/)
- techUK (https://www.techuk.org/resource/europe-s-technology-sovereignty-package-what-do-the-cloud-ai-development-act-and-chips-act-ii-mean-for-uk-tech.html)
- EY Geostrategic Analysis, June 2026 (https://www.ey.com/en_gl/insights/geostrategy/geostrategic-analysis)

Reporting by Elke Vogel, Senior Correspondent, for the World desk · ETL Newswire staff
Read more at the source

This release was originally distributed via ETL Newswire. Visit European Commission press release for the full story, related releases, and contact information.

Visit European Commission press release →