Bottom line: Europe’s new tech sovereignty package with four-tier certification for government IT remains vague in practical enforcement against US giants and depoliticizes the core problem of strategic dependency.
The European Commission has unveiled a package to reduce digital dependency on US tech, which lawmakers criticize as both insufficient and too hesitant. Meanwhile, American companies complain about discrimination.
The European Commission presented a package of measures on Wednesday aimed at limiting Europe’s dependency on foreign tech providers. The initiative was triggered by concerns that such dependencies—possibly exploited by the USA—could be weaponized. The centerpiece is the “Cloud and AI Development Act,” which establishes a four-tier certification system enabling government agencies to classify digital tools according to their vulnerability to foreign interference. In certain cases, public institutions must replace foreign services with European alternatives.
However, critics remain dissatisfied. Kim van Sparrentak, Green MEP in the European Parliament, said the package acknowledges the scale of European digital dependency but falls short: “I am skeptical that this is sufficient to secure long-term independence from the USA.” French lawmaker Christophe Grudler (centrist) accuses the Commission of being “too lenient” and allowing foreign companies to continue serving sensitive sectors of the European economy. The actual problem, critics argue, is that much of the European market could remain open to US tech giants like Google, Microsoft, and Amazon—the enforcement of sector bans ultimately depends on the political willingness to provoke Washington.
The Commission attempted in its communications to present the package not as a direct action against the USA. Nevertheless, American companies are already expressing concerns. The IT industry association Information Technology Industry Council (whose members include Amazon, Meta, Google, and Microsoft) criticized that “geography- and nationality-based criteria do not lead to effective sovereignty outcomes.” Amazon spokesperson Harry Staight countered: European organizations deserve access to the best available technologies “based on security, performance, and verifiable controls.”
EU Tech Commissioner Henna Virkkunen emphasized during the presentation: “Technological sovereignty does not mean protectionism. Europe remains rooted in openness, partnership, and fair competition.” She pointed out that Europe will not act in isolation or produce everything itself. However, parallel to the presentation, EU ambassadors agreed to a Commission proposal that the EU join the US-led “Pax Silica” club for securing AI supply chains—a symbolic signal of ongoing entanglement.
For Chief Data Officers, this means legal and operational ambiguity: while the four-tier certification creates a framework for risk assessment, it remains unclear what consequences the Commission or national governments will actually enforce. Pressure from both sides—critical lawmakers on one hand, US industry lobbies on the other—suggests that final implementation could be significantly weaker than currently envisioned.
Source: www.politico.eu · Published June 3, 2026
Lumi AI News — AI-assisted curation in accordance with Article 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.2.9.