thenextweb.com web signal

European Commission Curbs US Cloud in Public Sector

eu ai act regulation chips amazon microsoft google ai-business

Key insights

  • Chips Act 2.0 shifts from factory subsidies to demand stimulation, adding crisis powers and €300,000 fines for companies withholding supply-chain data.
  • The Cloud and AI Development Act restricts EU member states from using US providers for public-sector workloads in healthcare, finance, and judicial systems.
  • All 27 member states must approve the package unanimously; France and Germany back stricter rules while the Nordics and Ireland want softer requirements.

Why this matters

The Cloud and AI Development Act's four sovereignty tiers would force any vendor supplying cloud or AI infrastructure to EU public-sector clients to meet strict data-residency and supply-chain-control standards, reshaping procurement across 27 nations. The US CLOUD Act's reach, which can compel American firms to hand over data regardless of storage location, structurally bars US providers from the highest sovereignty tier, handing a competitive opening to European cloud alternatives. Chips Act 2.0's emergency powers to override existing contracts and centralize chip procurement for member states introduce sovereign-buyer risk that semiconductor vendors and AI chip customers across the EU must now factor into long-term supply agreements.

Summary

The European Commission unveiled a four-part tech sovereignty package on Wednesday, targeting the bloc's reliance on US and Asian technology across chips, cloud, AI, and open source. The two instruments with real weight are Chips Act 2.0 and the Cloud and AI Development Act. Chips Act 2.0 pivots from the 2023 act's factory-subsidy model, which fell short when Intel scrapped plans for two mega-fabs in Germany, to demand stimulation and crisis powers: Brussels could override chip contracts during shortages and fine companies up to €300,000 for withholding supply-chain data. The EU produces under 10 percent of global semiconductors. The Cloud and AI Development Act would restrict member states from using US cloud providers for sensitive public-sector workloads in healthcare, finance, and judicial systems, while leaving private-sector use untouched. Commission Vice-President Henna Virkkunen cited the risk of providers holding a 'kill switch' over European data and noted that US firms would likely struggle to reach the highest sovereignty tier because of the US CLOUD Act. Essentially: (European Commission, 27 member states) are now in a political standoff over how strict the rules get. - France and Germany are pushing for stricter European-preference rules, while the Nordics and Ireland, where US firms base much of their EU operations, want a softer line. - The Draghi competitiveness report cited by Brussels found the EU relying on non-EU suppliers for over 80 percent of its digital products, services, and infrastructure. The package also delivers the EU's first formal legal definition of 'digital sovereignty,' a phrase Brussels has used for years without pinning it down.

Potential risks and opportunities

Risks

  • If Nordic states and Ireland block or dilute the Cloud and AI Development Act during the unanimity vote, US providers retain access to EU healthcare, finance, and judicial systems indefinitely, neutralizing the package's core restriction.
  • Chips Act 2.0's contract-override powers could deter semiconductor vendors from making long-term supply commitments to EU customers, potentially deepening the very reliance on non-EU chips the act is designed to reduce.
  • Member states that have already signed multi-year contracts with US cloud providers for public-sector workloads face costly renegotiation or non-compliance liability once the Cloud and AI Development Act tiers take effect.

Opportunities

  • European cloud providers not subject to the US CLOUD Act gain structural access to public-sector contracts in healthcare, finance, and judicial systems across 27 nations that US competitors cannot win at the highest sovereignty tier.
  • Chip design firms and demand-side vendors targeting EU government procurement benefit from Chips Act 2.0's pivot away from fab subsidies toward demand stimulation and centralized member-state procurement.
  • Open-source software vendors and public-administration consultancies gain direct tailwinds from the package's third instrument, which funds European open-source alternatives and pushes public administrations toward open-source tools.

What we don't know yet

  • No timeline is given for when the Cloud and AI Development Act's tier restrictions would apply to existing long-term public-sector contracts with US providers.
  • Whether US cloud providers are exploring restructuring European subsidiaries to comply with the sovereignty tier requirements, given the stated CLOUD Act incompatibility, is not addressed.
  • The article notes more than €52bn has been committed to semiconductor goals with 'limited movement' on the EU's global production share, but Chips Act 2.0 sets no specific demand target or timeline.

Originally reported by thenextweb.com

Read the original article →

Original headline: EU Unveils Tech Sovereignty Package: Chips Act 2.0 and Cloud and AI Development Act Would Bar US Hyperscalers From Sensitive EU Public-Sector Data in Healthcare, Finance, and Judicial Systems