The European Commission has launched a new technology sovereignty package aimed at reducing Europe’s dependence on foreign suppliers in cloud computing, artificial intelligence, semiconductors and open-source software, as concerns grow in Brussels over the strategic risks of relying on US and Asian technology infrastructure.
The package, presented by the European Commission, includes proposals for a Cloud and AI Development Act, a Chips Act 2.0, an open-source strategy and measures intended to strengthen European technology capacity in public procurement and critical infrastructure.
The initiative comes as EU officials seek to move beyond regulation of large technology companies towards a more industrial policy-driven approach. Brussels has already imposed extensive rules on digital markets, data protection, online platforms and artificial intelligence. The new package is aimed less at controlling foreign technology companies and more at building European alternatives in areas where the bloc has limited strategic autonomy.
The immediate focus is cloud and AI infrastructure. The Commission wants to introduce sovereignty requirements for cloud services used in sensitive sectors such as healthcare, banking and energy. It also wants critical public contracts to include stronger consideration of European-made software and hardware.
That reflects a growing concern that Europe’s data, public services and AI systems depend heavily on companies headquartered outside the EU. Amazon, Microsoft and Google dominate the global cloud market, while advanced semiconductors are largely produced in Asia or designed by US firms. For Brussels, that dependency is no longer only a competition or consumer issue. It is increasingly being treated as a question of economic security, public-sector resilience and geopolitical leverage.
The Commission’s existing cloud policy states that the EU wants to at least triple its data-centre capacity within five to seven years and meet the cloud and AI needs of European businesses and public administrations by 2035. The new package is intended to give that ambition a legislative and procurement framework.
The semiconductor element is also politically significant. The original European Chips Act, adopted in 2023, set a target of doubling Europe’s share of global semiconductor production to 20 per cent by 2030. That target remains difficult. Europe has strengths in semiconductor equipment, automotive chips and research, but it continues to depend on external suppliers for many advanced components.
The proposed Chips Act 2.0 is expected to focus on demand, procurement and faster authorisation for strategic projects. Reuters has reported that the Commission wants governments to support EU-made chips, including from start-ups, in order to stimulate domestic demand and reduce reliance on US and East Asian products.
The issue has become more urgent as AI development places heavier pressure on computing infrastructure, energy supply and advanced chips. Large AI models require data centres, specialised processors, secure cloud services and reliable power. Without domestic capacity in these areas, Europe risks applying rules to technologies that are built, trained, hosted or operated elsewhere.
The Commission is not presenting the package as an exclusionary measure against foreign providers. Officials have repeatedly framed technology sovereignty as the capacity to develop, control and scale key technologies in Europe while keeping markets open. In practice, however, the proposals will be read by US technology firms as a signal that Brussels wants more public-sector contracts, sensitive data and critical digital infrastructure to move towards European or Europe-controlled providers.
US companies have already tried to respond to those concerns. Microsoft, Amazon and Google have developed local or “sovereign cloud” offers for European customers, often through partnerships or separate governance structures. These arrangements are designed to address fears that data held by US-based companies could be exposed to foreign legal orders, including under US law.
Whether those structures satisfy European policymakers remains uncertain. The Commission’s proposal points towards a tiered model in which the sensitivity of data and services would determine the level of sovereignty required. That could allow foreign providers to continue operating in many commercial areas while facing stricter conditions in public administration, defence-adjacent services, energy, finance and health.
The political challenge will come in negotiations with the European Parliament and the Council. Some member states are likely to support stronger preference for European providers. Others may be cautious about measures that increase costs, reduce competition or provoke retaliation from Washington at a time of wider EU-US trade tension.
There is also an economic question. Europe cannot achieve technological sovereignty by procurement preference alone. It will need capital, skilled labour, power infrastructure, commercially viable cloud platforms and stronger demand from companies as well as governments. Public contracts may help create a market, but they cannot by themselves close the gap with US hyperscalers or Asian semiconductor manufacturing.
The package is therefore both an industrial policy initiative and an admission of vulnerability. Brussels is seeking to reduce strategic dependence after years in which Europe regulated digital markets more effectively than it built digital infrastructure. The test will be whether the new measures produce competitive European capacity, or merely add another layer of procurement rules to a market still dominated by non-European firms.
