Table of Contents
The European Union is taking decisive action to address its overwhelming dependence on American cloud providers. In October 2025, the European Commission announced a €180 million tender for sovereign cloud services - a clear signal that digital sovereignty is now a strategic priority.
The Problem: 70% US Control#
European organizations face a stark reality: approximately 70% of EU cloud infrastructure is controlled by US hyperscalers - primarily Amazon Web Services, Microsoft Azure, and Google Cloud. This creates significant concerns:
- Legal jurisdiction conflicts - US laws like the CLOUD Act can compel American providers to hand over data, regardless of where it’s stored
- Economic dependence - Billions of euros flow to US tech giants annually
- Strategic vulnerability - Critical European infrastructure depends on foreign providers
- Data protection uncertainty - The EU-US Data Privacy Framework could be invalidated by courts, as happened with Safe Harbor and Privacy Shield
The EU’s Response: SEAL Framework#
The EU has developed the Sovereignty, European values, Autonomy, and Locality (SEAL) framework to classify cloud services by their sovereignty level:
| Level | Description |
|---|---|
| SEAL-0 | No sovereignty requirements |
| SEAL-1 | Basic EU data residency |
| SEAL-2 | EU-headquartered provider, EU data processing |
| SEAL-3 | No foreign ownership, EU jurisdiction only |
| SEAL-4 | Full sovereignty - EU owned, operated, and controlled |
This framework gives organizations a clear way to assess their cloud providers and make informed decisions based on their sovereignty requirements.
€180 Million Investment#
The European Commission’s tender targets several key objectives:
- Develop EU-native cloud capacity - Fund European cloud providers to scale their infrastructure
- Create interoperability standards - Ensure portability between European providers
- Support public sector migration - Help government agencies move to sovereign cloud solutions
- Build skills and expertise - Develop European cloud engineering talent
European Alternatives Growing#
Several European cloud providers are positioning themselves as sovereign alternatives:
France:
- Scaleway - Part of Iliad Group, focused on developer experience
- OVHCloud - Europe’s largest cloud provider, strong on data sovereignty
Germany:
- Hetzner - Known for competitive pricing and strong infrastructure
- IONOS - Business-focused cloud from United Internet
Nordic:
- Elastx (Sweden) - Kubernetes-native, GDPR-compliant
- UpCloud (Finland) - High-performance European cloud
- NetNordic (Norway) - Regional provider with sovereignty focus
Cloud and AI Development Act#
Alongside the funding initiative, the EU is advancing the Cloud and AI Development Act, which aims to:
- Establish common standards for cloud services in the EU
- Create certification schemes for sovereign cloud providers
- Define requirements for public sector cloud procurement
- Address AI training data sovereignty
What This Means for Organizations#
European organizations should:
- Understand your SEAL requirements - What level of sovereignty do you actually need?
- Evaluate European alternatives - Many can match hyperscaler capabilities for common workloads
- Plan for hybrid approaches - Use sovereign cloud for sensitive data while maintaining flexibility
- Monitor regulatory developments - Requirements are evolving rapidly
- Consider multi-cloud strategies - Avoid trading one vendor lock-in for another
The Bigger Picture#
The EU’s investment signals a long-term commitment to digital sovereignty. While European providers may not match the scale of AWS or Azure today, the combination of funding, regulation, and growing demand is creating conditions for a more competitive European cloud market.
For organizations in regulated industries, government, or those handling sensitive data, the question is no longer whether to consider sovereign cloud options - it’s how quickly to move.