New Regulations for U.S. Tech Giants
The European Commission has drawn up fresh restrictions targeting American IT corporations, which currently control more than 60% of the global cloud computing market. This initiative seeks to introduce mandatory non-price criteria for public procurement, requiring that software and hardware for sensitive sectors be developed within the EU. The primary trigger for these changes is the U.S. Cloud Act, which compels companies registered in America to hand over user data upon request—even if their servers are located abroad.
Key Criteria for Evaluating Providers
The new supplier evaluation criteria rest on three main pillars:
- the actual level of protection for personal and corporate data,
- full immunity from legal or political interference by third countries,
- the degree of openness of these providers' domestic markets to European cloud services.
As part of the new initiative, the European Commission proposes establishing a single Central Procurement Authority. This body would handle the purchasing of data center services, software licenses, and artificial intelligence systems for European institutions and member states.
Additionally, Brussels is launching an internal support mechanism under Chips Act 2.0, which offers bonuses to European data centers that switch to European-made microchips or achieve significant reductions in energy consumption. The draft law guarantees expedited approval processes, preferential access to power grids, and reduced tariffs.
U.S. tech giants like Amazon, Microsoft, and Google have already begun taking steps to comply with the new rules. Amazon has launched a separate, autonomous service isolated from its American global infrastructure. Microsoft has formed consortia and introduced locally controlled clouds: Bleu (with Capgemini and Orange) and Delos Cloud (with SAP). Google, for its part, has delegated work with sensitive data to the joint venture S3NS, controlled by Thales, and has formed an alliance with OVHcloud. These moves demonstrate how major technology companies are adapting to Europe's evolving regulatory environment.
These new restrictions could significantly reshape the cloud services landscape in Europe, particularly by increasing competition among providers that can meet the new criteria. Implementing such rules may mark a first step toward greater EU oversight of technology companies operating within its borders, ensuring stronger data protection for European citizens. It could also spur growth for European tech firms and drive innovation in cloud computing.
As the EU moves to tighten its grip on cloud services, it's essential to understand the broader implications for data security and governmental operations. The shift aims to reduce dependency on foreign platforms, particularly for sensitive data. For a deeper insight into how these regulations will reshape the landscape of cloud computing in Europe, you can read more about the EU's plans to limit reliance on American cloud services for critical government information here.