A digital illustration of Europe.
(Getty Images)
A digital illustration of Europe.

The European Union's push to reduce strategic technology dependencies on foreign suppliers may further strain relations with the United States and sharpen trade tensions with China, while leaving European businesses to absorb additional competitiveness costs; internal EU divisions and the bloc's limited industrial capacity will also likely constrain the tech sovereignty package's near-term impact. On June 3, the European Commission unveiled its European Technological Sovereignty Package, a comprehensive digital and industrial policy initiative to cut the bloc's dependencies on foreign suppliers in semiconductors, artificial intelligence, cloud computing and open-source infrastructure. The strategy introduces two central legislative proposals. The Chips Act 2.0 aims to accelerate domestic manufacturing of cutting-edge AI hardware by streamlining permitting, funding advanced research and linking manufacturers with commercial users through binding purchase agreements. It also seeks to expand state aid to strategic value-chain projects, introduce regional excellence labels, launch a risk-monitoring platform, and grant the European Commission emergency powers to centrally purchase chips and require the prioritization of orders during shortages. Meanwhile, the Cloud and AI Development Act (CADA) establishes a regulatory framework to triple European data center capacity over the next five to seven years, including through an accelerated approval process that grants preferential network access and reduced grid charges to facilities that use European-made chips and meet energy-efficiency standards. CADA also seeks to pool public buyers under a common procurement framework. Additionally, it introduces the European Union's first de facto cloud and AI sovereignty definition by ranking providers across four assurance levels, ranging from European location to full EU ownership free of foreign interference, which effectively bars member state governments from hosting sensitive financial, health or judicial records on non-EU cloud platforms. All of these proposals will now pass to the European Parliament and the European Council for negotiations before being submitted for formal approval by both institutions. The European Commission also plans to open a call for AI Gigafactories in July and consult member states and the European Investment Bank on a large-scale equity vehicle to fund the effort.

  • Complementing the two draft laws are two non-binding measures. The Open Source Strategy directs public administrations toward European open-source solutions to prevent vendor lock-in and scale alternatives across cloud computing, AI, cybersecurity and chips. The Strategic Roadmap for Digitalisation and AI in Energy addresses the electricity demand implications of tripling data center capacity by mapping how AI can manage grids more efficiently and by ensuring that new facilities are sustainably integrated into the energy grid.

Addressing Europe's structural dependencies in cloud computing and semiconductors has gained new urgency as deteriorating relations with the United States and growing Chinese assertiveness in leveraging critical supply chains increasingly expose these vulnerabilities as major strategic risks. The initiative reflects longstanding concerns about the European Union's structural overreliance on foreign technology, evident across its cloud infrastructure and semiconductor supply chain. In cloud computing, U.S. tech giants hold over 70% of the EU market, concentrating European public sector and critical infrastructure data on U.S.-controlled platforms subject to U.S. legal jurisdiction. In semiconductors, the bloc's 2023 Chips Act fell well short of its ambitions after a string of flagship manufacturing projects collapsed or stalled, leaving Europe dependent on external suppliers at every node of the value chain — from Taiwanese and South Korean foundries for advanced manufacturing, to U.S. firms for chip design and Japanese suppliers for critical materials. The changing geopolitical landscape has now added urgency to these structural vulnerabilities. U.S. President Donald Trump's return to the White House in January 2025 has deepened concerns that the United States could leverage its dominance over essential digital services for political ends. These fears are fueled by worsening transatlantic relations, from trade tensions to U.S. threats over Greenland, and are grounded in part in the 2018 U.S. Cloud Act, which requires U.S.-based providers to grant authorities access to data stored anywhere in the world, including in sensitive sectors such as banking, energy and healthcare. The European Union has also moved to exclude Chinese network equipment from core telecoms infrastructure over concerns about embedded surveillance capabilities and potential remote disruption, and flagged Chinese-owned data centers as a parallel vulnerability, since Chinese intelligence law compels companies to cooperate with Beijing's security services on demand.

  • The European Commission estimates that over 80% of the European Union's digital products and services originate outside the bloc. A European Court of Auditors special report from April 2025 found the European Union was on course to reach only 11.7% of global semiconductor production by 2030, marginally above its current share of roughly 10% and well short of the 20% target set by the original Chips Act.
  • Three flagship manufacturing projects underpinning the 2023 Chips Act have collapsed or stalled since approval. Intel canceled its planned facility in Magdeburg, Germany, in July 2025; STMicroelectronics and GlobalFoundries froze joint plans to expand their chipmaking factory in Crolles, France, in early 2025; and Wolfspeed-ZF put its silicon-carbide plant in Ensdorf, Germany, on indefinite hold in late 2024. 
  • The European Court of Auditors found in its 2025 Special Report that the European Commission directly controls only around 4.5 billion euros of the Chips Act's 86 billion euro investment ambition — roughly 5% — with the remainder managed by member states and private companies. 
  • In May 2025, the Trump administration sanctioned International Criminal Court officials after the court issued an arrest warrant for Israeli Prime Minister Benjamin Netanyahu, severing their access to payment services including Visa, Mastercard and Amazon. The move raised alarm in Brussels, providing a concrete illustration of how U.S. digital infrastructure could serve as a coercive instrument against European institutions. But concerns over U.S. leverage predate Trump. Days before leaving office in January 2025, President Joe Biden introduced a tiered AI chip export framework under which a majority of EU member states found themselves in a restricted-access tier — indicating that Washington's willingness to constrain allies' access to technology is not unique to the current administration.
  • China's October 2025 restriction on chip exports severely disrupted German automotive supply chains, illustrating Beijing's readiness and capacity to leverage industrial dependencies for strategic ends. Chinese ownership of European semiconductor assets has also become an increasingly pressing security concern. In October 2025, the Dutch government took administrative control of Nexperia — a major chip supplier to European automotive manufacturers, owned by the Chinese group Wingtech — over technology-transfer and supply-chain security concerns, following Washington's addition of Wingtech to its Entity List in December 2024. 

Despite the ongoing push, constrained European alternatives, contested budget negotiations and an effort to avoid friction with the United States will limit the package's impact to incremental market restructuring. The Chips Act 2.0 adds demand-side instruments to a still largely supply-side framework, with binding purchase commitments, joint procurement and a structured manufacturer-user matching platform. The proposal targets the demand gap that the original act mostly ignored, but it depends on unproven demand mobilization and funding contingent on EU budget negotiations, which are still underway and likely to prove protracted and contested, with near-term allocations limited to existing grant programs until 2028. The European Commission estimates that the initiatives will attract 120 billion euros in combined public-private semiconductor investment by 2035, but Brussels can only incentivize private co-investment, not mandate it, leaving the figure contingent on market dynamics that it can influence but not control. The structural constraint runs deeper still: the global chip industry operates through a geographically concentrated division of labor, with near-monopoly positions at critical nodes — i.e., advanced logic fabrication in Taiwan, memory in South Korea and chip design tools in the United States — that Europe cannot realistically replicate. Pushing localization too aggressively would also risk undermining the competitive strengths Europe actually does hold, such as lithography equipment, advanced materials and niche chip design. And the European Commission has implicitly conceded this by pivoting to an indispensability framing, positioning European chokepoints as the strategic objective and stepping back from any ambition of full-stack self-sufficiency. In cloud computing, the package's actual scope is narrower than its ambitions suggest: the commission's own impact assessment finds 70% of EU government workloads only require that data sit on European servers, a threshold U.S. hyperscalers already meet through their existing European infrastructure, with only 9% demanding EU-ownership criteria that would genuinely exclude them. This reflects both a conscious effort to keep U.S. hyperscalers within the framework and the recognition that EU public institutions cannot sustain a rapid break from incumbent providers. 

  • Under the September 2025 Semiconductor Coalition Declaration, EU member states shifted the bloc's framing from self-sufficiency to indispensability, accepting that Europe will not reclaim leading-edge fabrication share and instead positioning its equipment, materials and design strengths as global chokepoints.
  • The Chips Act 2.0 introduces several mechanisms absent from the 2023 law. It adds faster permitting (capped at 12 months), emergency European Commission powers to override private contracts and prioritize orders during chip shortages, a Semiconductor Regions of Excellence label, and a mandatory B2B supply-chain platform. These measures — together with the Semiconductor Coalition Declaration — signal a more pragmatic approach. European Tech Sovereignty Commissioner Henna Virkkunen, who presented the Chips Act 2.0 package, reinforced this by declining to specify a production target and acknowledging results are unlikely before 2030.
  • CADA's four assurance levels define a tiered sovereignty framework that public bodies apply based on data sensitivity. Level 1 requires only that data be processed and stored on EU-located infrastructure — a threshold U.S. hyperscalers already meet through their European data centers. Level 2 requires providers to demonstrate independence from third-country legal jurisdiction and supply chain transparency. Level 3 requires EU ownership and operational control, including personnel-citizenship criteria, and allows the European Commission to recognize compliant third-country providers on a case-by-case basis. Level 4 requires full transparency over the software supply chain and zero third-country interference — a bar that, in practice, only fully EU-owned providers can clear. 
  • In April 2026, the European Commission awarded a 180 million euro sovereign cloud contract to S3NS, the Google-Thales joint venture, at one of the lower sovereignty levels, meaning it remains legally reachable from Washington under the Cloud Act. This marked the first EU procurement to apply CADA's sovereignty criteria. European cloud associations criticized the outcome, warning that the framework risks formalizing U.S.-backed joint ventures as substitutes for genuine EU ownership, as it is currently applied. On the other hand, the European Parliament's decision in June to adopt French search engine Qwant as its default — made independently of any regulatory requirement — reflects a broader institutional shift to actively preferring European alternatives when available.

The package will advantage EU cloud providers and well-positioned EU-U.S. joint ventures while imposing competitive costs on European businesses and public institutions caught between sovereignty mandates and a performance gap in cloud infrastructure that procurement rules alone cannot close. Overall, the package will directly benefit EU cloud providers and semiconductor equipment makers. Automotive and industrial chip users will gain supply-chain resilience and emergency priority access through the Chips Act 2.0's monitoring and crisis mechanisms, though likely at the cost of new compliance obligations and reduced procurement flexibility. In cloud computing, major U.S. players are already restructuring their European offerings around lower sovereignty tiers through EU partner joint ventures, leaving U.S. hyperscalers exposed to real pressure only at the narrow top tier of government contracts — a comparatively limited market segment. The main adjustment burden will thus likely fall on EU public institutions, which will have to absorb the cost premium of mandated alternatives and switching costs from incumbent providers. The capability gap between EU and U.S. providers compounds this onus. EU cloud providers hold roughly 13% of the EU market, compared with U.S. hyperscalers' 70%. Rather than bridging this divide, procurement mandates merely redirect demand toward EU firms unable to meet it at scale. The divergence is sharpest in AI, where frontier model services and GPU-accelerated inference run predominantly on U.S.-built platforms that EU-compliant alternatives cannot yet match, meaning sovereignty mandates would constrain access to best-in-class AI tools at precisely the moment when AI capability is becoming the most consequential competitive differentiator. That said, the demand-side instruments included in Brussels' new technological sovereignty package could, over a longer horizon, seed the scale effects and investment cycles that have historically enabled domestically backed alternatives to close capability gaps in both semiconductors and cloud computing, even if the near-term competitiveness costs remain significant.

  • Amazon Web Services launched its European Sovereign Cloud in January 2026, opening its first region in Brandenburg, Germany. The initiative is backed by a 7.8 billion euro investment commitment through 2040, and is physically isolated from global AWS infrastructure. Microsoft also operates analogous structures through Bleu (a joint venture between Orange and Capgemini serving France's public sector) and Delos Cloud (an SAP subsidiary handling Germany's equivalent requirements). Both signal U.S. hyperscaler repositioning around European sovereignty demands, though neither fully resolves Cloud Act exposure, since AWS's European entity remains a 100% Amazon subsidiary
  • The European Commission's own AI Factories program depends in practice on suppliers of U.S.-built chips, as no European firm offers comparable AI accelerators at scale. Some prospective Gigafactory builders have also threatened to withdraw their bids, reflecting the broader infrastructure gravity the package aims to counter. 
  • The European Union captures only 5% of global venture capital, compared with the United States' 52%. Additionally, high-growth firms frequently reincorporate in the United States or sell to non-European buyers during the growth stage, further widening the investment gap that procurement mandates cannot close.

The package's proposals may be further diluted during the negotiation process amid internal political divisions and U.S. pressure, though the China-facing provisions are likely to hold and draw retaliation from Beijing. While the package frames China as a structural technology risk, CADA leaves U.S. companies largely free from binding constraints — an asymmetry that more hawkish voices in the European Parliament and more protectionist member states like France have criticized as incoherent. To preserve its fragile trade truce with Washington, Brussels likely calibrated the package to avoid any appearance of directly targeting U.S. companies. And the pressure to maintain that posture will likely result in the most confrontational provisions being further diluted through negotiations, as member states with significant U.S. economic exposure resist aggressive enforcement. By contrast, the China-facing provisions are more likely to survive the legislative process intact, as they come amid a broader protectionist turn in Europe toward China. This trend is further evidenced by the European Union's parallel decision to join Pax Silica, the U.S.-led strategic framework for securing AI and semiconductor supply chains recently launched by the Trump administration. The move reflects Brussels' growing appetite for technology coordination with Washington, which Beijing will read as alignment against its own technological ambitions. This portends Chinese retaliation, which will most likely take the form of anti-discrimination and supply-chain probes targeting high-value EU exports. Such measures could significantly impact EU sectors where China remains a critical and hard-to-replace market, including the luxury goods, chemicals and automotive industries. China could also reimpose restrictions on rare earth and critical mineral exports, a tool Beijing deployed primarily against the United States in 2025 but whose effects fell heavily on EU industry as well, with the current suspension expiring in November 2026.

  • The European Union is also preparing tougher measures on subsidized Chinese imports, including a new cross-sector resilience tool that would enable duties and quotas on national security grounds, alongside local-content requirements advancing through the Industrial Accelerator Act. Beijing has already pledged to retaliate against these measures. 
  • Immediately after the EU tech sovereignty package was published, the Information Technology Industry Council — whose members include U.S. tech giants Amazon, Google and Microsoft — criticized the package's provider selection criteria as discriminatory and protectionist, echoing Washington's prior complaints about EU digital regulation. The United States has previously threatened retaliation over EU digital rules, including the Digital Services Act and the Digital Markets Act, and further friction is likely as CADA advances through negotiations.
  • The package's ultimate scope will be determined by divisions between harder-line EU governments and groups in the European Parliament pushing for more explicit exclusion of foreign providers from sensitive EU infrastructure, and more cautious governments prioritizing U.S. economic ties. The legislative process, based on the first Chips Act's 18-month trajectory, will likely not conclude before late 2027 at the earliest.
RANE
SUBSCRIBERS ONLY

Expert analysis when it matters most.

Get access to RANE's decision-grade geopolitical intelligence.

Subscribe now