Action: The European Commission has proposed a European Technological Sovereignty Package to reduce Europe’s dependence on foreign providers in cloud, AI, semiconductors, open-source software, and digital energy infrastructure.1 The package includes the Cloud and AI Development Act (CADA), Chips Act 2.0, an EU Open Source Strategy, and related infrastructure initiatives. The Commission frames the effort as strengthening Europe’s digital resilience while keeping the EU market open.
Trusted Insights?for?What’s Ahead®??
- The package reflects a growing European emphasis on de-risking its international dependence in key sectors—a long-running concern amplified by Russia’s war in Ukraine, a rising China, and trade tensions with the US. The EU is not alone in its efforts—both the US and China have taken steps to harden its supply chains in certain sectors.
- The EU has taken several steps, including accelerating data center development, to help close a perceived technology gap.2 Several prominent European AI leaders also recently released “Europe 2031,” a scenario exercise urging Europe to accelerate its AI development efforts even as it has increased regulations through the EU AI Act.
- The Commission’s proposals seek to reduce reliance on US cloud, AI, software, and chip suppliers in sensitive public sector and critical-infrastructure uses. Of these, cloud policy is likely to be the most sensitive issue for US-EU relations. CADA would create a cloud and AI sovereignty framework based on assurance levels covering EU data location, independence from third countries, software supply-chain transparency, EU ownership and control, and protection from third-country interference. Because major US firms dominate Europe’s cloud market, US providers could face new compliance burdens even from facially neutral rules.
- The Administration has repeatedly criticized EU digital regulations and penalties that it believes unfairly target or burden US technology companies. In February 2025, for example, the Administration stated that EU rules such as the Digital Markets Act and Digital Services Act would face scrutiny and threatened retaliatory tariffs and other trade actions in response to foreign policies that impose restrictive obligations on US companies.
- That history makes the sovereignty package a potential new transatlantic flashpoint. Brussels is likely to argue that sensitive government and critical-sector workloads require infrastructure insulated from geopolitical and legal risks (as US policy itself often does). The US may view strict sovereignty requirements as a de facto preference for European-controlled providers, particularly if US firms are excluded from higher assurance levels or major public procurements.
- The semiconductor provisions may lead to both competition and cooperation. Chips Act 2.0 seeks to increase European chip demand, speed permitting, support strategic projects, and connect chipmakers with industrial users. This could compete with US efforts to build its domestic semiconductor sector, but it also aligns with shared US-EU goals of reducing excessive dependence on China and improving supply-chain resilience.
- Recent EU actions suggest the sovereignty agenda is already influencing procurement. EU institutions have advanced sovereign cloud procurement, and the European Parliament reportedly moved to make France-based Qwant the default search engine for lawmakers and staff, replacing Google in that role, a perhaps largely symbolic though notable change.
- What this means for business:?
- US technology firms should prepare for more detailed EU scrutiny of data location, operational control, subcontractors, software supply chains, cybersecurity, and exposure to third-country legal demands. European customers—especially governments and critical infrastructure operators—may increasingly ask vendors to demonstrate sovereignty alignment even before final rules take effect (which could take several years).
- Businesses should monitor debate and negotiations in the European Parliament and Council, forthcoming Commission guidance on cloud sovereignty, semiconductor demand programs, and procurement practices by EU institutions and member states.
- While the package may not be enacted quickly, it could feature in US-EU trade discussions this summer, along with the EU’s other digital legislation.