"There are decades when nothing happens, and there are weeks when decades happen."

The tech cold war between the EU and US is entering a new phase, as the latest moves in Washington push European companies to confront their deep addiction to American cloud services.

With the EU's ±€100bn services trade deficit becoming a political football, companies face an existential choice: keep running on AWS and Azure and hope for the best, or embark on a messy divorce with US tech.

Let’s map out how to thread that needle - maintaining access to best-in-class cloud services while building genuine technological sovereignty. It won't be easy or cheap, but the alternative is worse.

The current landscape: trade wars and tech dependencies

Rising tariffs and retaliatory measures

Trump's tariffs aren't just about physical goods - they're triggering a deeper battle over who controls Europe's digital backbone. With a €100bn services trade deficit (mostly tech), the EU should finally getting serious about digital sovereignty. Brussels' Anti-Coercion toolbox could hit back where it hurts: digital taxes, market access restrictions, even IP rights.

The real question: can Europe use trade warfare to bootstrap its own tech stack? Could this be the kick in the butt the EU needed to take their destiny into their own hands?

Cloud sovereignty concerns

Here's a fun puzzle: Europe runs on American cloud tech. Not just a bit - we're talking the entire digital backbone of the continent. Microsoft and AWS's EU data centers are like digital embassies - they fly the EU flag but answer to Washington.

This arrangement works well when a US administration supports a strong Europe, but becomes problematic when the opposite is true. Indeed, the CLOUD Act means US authorities can grab EU data whenever they want, no matter how many sovereignty stickers you slap on the box. As Nextcloud's Frank Karlitschek puts it, the US essentially holds a "kill switch" on Europe's digital economy. It's like running your entire business on your neighbor’s computer.

Regulatory and strategic shifts

The EU's response to US tech dominance feels a bit like trying to recreate the iPhone in 2025 - you're not just late to the party, you're trying to organize a competing party after everyone's already gone home.

Sure, the DMA and Data Act sound impressive, and throwing €3bn at IPCEI-CIS to build a "sovereign cloud" ticks all the political boxes. But here's the real question: what exactly does "digital sovereignty" mean when your entire tech stack is basically a remix of American open source?

The Open Services Cloud interoperability push is nice, but it's a bit like standardizing the design of horses just as the Model T rolls off the production line. Some seem to think sovereignty means having your own cloud servers, when really it's about having your own cloud companies.

A progressive plan for de-risking cloud dependencies

The pessimist complains about the wind,
the optimist expects it to change,
and the realist adjusts the sails.
— William Arthur Ward

So here's the trillion-euro question: how does Europe—its public services, its businesses, and even private consumers—thread the needle between "we need American cloud tech" and "we can't let America control our tech anymore"?

It's like trying to reduce dependence on imported energy while running an economy at full speed - you need a plan that's both ambitious enough to matter and practical enough to actually happen.

Most European CTOs already know this playbook by heart - it's the standard set of cloud sovereignty talking points that show up in every white paper on this side of the Atlantic. But geopolitics has a way of turning thought experiments into urgent priorities, and what was once aspirational architecture is rapidly becoming tomorrow's migration plan.

Short-term: Risk assessment and hybrid transition

1. Audit existing dependencies

• Map all cloud services, data flows, and third-party vendors under U.S. jurisdiction.
• Identify mission-critical workloads (like GDPR-sensitive data and AI training environments) that need immediate localization.

2. Consider hybrid cloud architectures

• Use hybrid models that combine public cloud efficiency with on-premises or EU-hosted private clouds. For instance, keep U.S. providers for non-sensitive analytics while moving regulated data to sovereign platforms.
• Deploy encryption and zero-trust frameworks to protect sensitive workloads.

3. Engage sovereign cloud pilots

• Test EU-based alternatives like Deutsche Telekom's Open Telekom Cloud or Gaia-X compliant providers. Choose platforms that offer GDPR-aligned services without CLOUD Act exposure.

Mid-term: Strategic investment in EU alternatives

Participate in sovereign tech initiatives

• Partner with IPCEI-CIS and OSC projects to shape Europe's next-generation cloud infrastructure. These consortia use open-source solutions like OpenNebula to reduce vendor lock-in and improve interoperability.
• Push for public-private funding to expand EU cloud capacity, using the U.S. infrastructure investment model as a blueprint.

Build multi-cloud resilience

• Distribute workloads across multiple EU providers (such as OVHcloud and Scaleway) alongside U.S. platforms that maintain localized infrastructure.

Upskill teams on open-source tools and boost STEM education upstream

• Stay up to date with open-source alternatives to Office and Google Workspace, such as Nextcloud for collaboration and Kubernetes for container orchestration. Training programs should highlight both cost savings (up to 40% compared to licensed software) and regulatory compliance.

Long term: Ecosystem leadership

While politicians debate tariffs and regulations, the real change will come from large organizations voting with their workloads. SMEs aren't going to map their own cloud journey - they will follow where the big players lead. Give them clear paths and pre-baked architectures, or they'll just stick with Azure because "no one ever got fired for buying Microsoft".

Just as AWS grew from Amazon's internal needs, Europe's next cloud champions will emerge from the real-world requirements of its biggest players. This has already begun: when Deutsche Telekom moved sensitive workloads to sovereign platforms, it created a blueprint for others to follow.

Large EU private and public organizations should take the lead on putting sovereign cloud on the map, not just as customers but as architects. Their scale, regulatory influence, and technical expertise make them natural catalysts for building Europe's cloud future.

Lastly, those data centers will require talent as much as they’ll need power. And while traditional STEM programs are great, what we really need is a generation of builders who see sovereignty as an engineering problem to solve (and optimize for), rather than a policy paper to write. Think Erasmus program, but for digital innovation.

The critical role of open source in sovereignty

Open source is not just code, it's leverage. While proprietary systems are like renting an apartment where you can't even change the lightbulbs, OSS hands you the keys to the building... and redo the entire plumbing if you want to.

Think about what OSS really enables:

• Trust through transparency: When you can read the code, you don't need to trust—you can verify. No more wondering if that "routine update" is actually a backdoor.
• Cloud freedom: think of those “open cloud services” APIs as divorce insurance from vendor lock-in. Suddenly, multi-cloud gets elevated from hashtag to a real option.
• Economic gravity: Every € saved on licenses is a € that can build local talent. On top of cost-cutting, it's ecosystem building.

Think of the billions flowing into IPCEI-CIS as seed funding for a different kind of cloud future. And maybe, just maybe, that's how Europe sidesteps the whole "sovereignty washing" theater of American clouds with European accents.

So what now?

You can't uninvent AWS, and you probably shouldn't try. But you also can't run a continent's worth of critical infrastructure on someone else's operating system.

Digital sovereignty has graduated from “if” to “when”. How to do it without shooting ourselves in the foot?

Look, you're already running half your core systems on Azure or AWS and that's fine—no one's suggesting you should throw away perfectly good infrastructure just to make a political point. In tech, as in geopolitics, the smart play is usually to work with reality rather than against it.

The path forward looks something like this:

1. Start where it matters: move your crown jewels first. The sensitive data, the strategic workloads. This is less about nationalism than about basic risk management.
2. Build collective leverage: European tech won't happen by accident or through the petty squabbles that member states indulged in during the past. It needs concentrated buying power and shared technical standards. Think SWIFT for the cloud.
3. Embrace the open source advantage: The beauty of open source is that it is free, but it also gives you options. And in a trade war, options are currency.

As von der Leyen says, “It may be too late to replicate hyperscalers, but it is not too late to achieve technological sovereignty.” But maybe that's okay.

The next wave of cloud computing won't look like the last one, and Europe's pragmatic, standards-based approach might turn out to be perfectly timed for whatever comes next. Sometimes being second mover means you get to learn from everyone else's mistakes.

—

If you enjoyed this article, consider subscribing to Beyond the Prompt, our newsletter at Agilytic about AI, business, and everything in between. Anything interesting that doesn't make the cut there, ends up here.