Gwénaëlle Hervé notes, "Over the past years and even more in 2026, the role of technology has evolved from being a commodity to serving as a strategic lever of power. This transition is not merely theoretical; it is actively influencing boardroom agendas, public policy, and the daily decisions made by IT leaders."
Across the technology stack, Europe’s exposure is clearly visible: over 80% of Europe’s digital technologies are imported*, and the EU spends over €260 billion per year on US cloud and software**. Most advanced AI models used in Europe originate outside the continent.
The role of technology has evolved to serve as a strategic lever of power.
Gwénaëlle Hervé, Digital Sovereignty Lead at Proximus NXT
Defense requires unique considerations regarding sovereignty
These dependencies are amplified by growing uncertainty over long‑term US tariffs commitments and an increasingly unpredictable American defense strategy, which pushed the European Commission to allocate €800 billion toward rearmament under a renewed “Made in Europe” focus.
Meanwhile, China–Taiwan tensions threaten to disrupt the global semiconductor ecosystem—Europe’s most critical hardware dependency—accelerating EU and US efforts to reduce reliance on Taiwanese chip supply chains.
“Technology is essential across all sectors, including specific applications for defense purposes.” Military drones, for instance, increasingly integrate AI applications. Algorithms, updates, and telemetry may be controlled outside the EU, thus creating lockin, killswitch and export control risks.
Some concrete disruptions have made these risks tangible. “The Starlink outage during the Ukraine war last summer was a wake‑up call,” Hervé notes. “If we’re not in control, a single decision outside Europe could impact operations and the Ukrainian Defense - this is what dependence on non‑European infrastructure looks like.”
“But consider how fast Europe has reacted: three months after the Starlink- disruption, a MoU was signed between Leonardo, Thales, and Airbus to strengthen European sovereign satellite and defense capabilities. It shows that while Europe may start from a position of dependency, it retains the capacity to organize collective actions when sovereignty is at stake.”
Europe is mobilizing from principles to platforms
Today, Europe is not standing still when it comes to digital sovereignty. It is actively developing rapid response strategies and structuring concrete solutions.
First, European companies are progressively diversifying their ecosystems in order to reduce dependency and mitigate risk. We are seeing stronger requirements around data control, regulatory compliance, and a clear willingness to avoid vendor lock-in. More customers are requesting local solutions aligned with European standards and values.
Second, European service providers are delivering credible technological answers. They offer solutions that fully comply with EU regulations, particularly in terms of GDPR and data residency. These alternatives are becoming increasingly mature and competitive, with performance, scalability, and innovation levels comparable to those of leading non-European providers. The objective is clear: enable innovation, reduce dependency, and get back control.
On the supply side, ecosystems are maturing: OVHcloudOpens a new window
, IONOSOpens a new window
, STACKITOpens a new window
, ExoscaleOpens a new window
, and sovereign AI providers like Mistral AIOpens a new window
represent valuable European alternatives. “We also see fully disconnected, EU‑operated models for the most sensitive workloads. The point is: it’s no longer all‑or‑nothing—these days, we have a spectrum and freedom of choice.
Finally, at the institutional level, Europe is actively supporting this shift. It strengthens regulatory frameworks to build trust, enhance security, and harmonize compliance across member states. Recent initiatives, including the emerging European Sovereign Cloud framework, demonstrate a coordinated effort to structure a unified ecosystem at the EU level.
Policy has become a catalyst. “NIS2 and DORA strengthen resilience, the AI Act raises governance and transparency, and many other initiatives and schemes at national levels such as SecNumCloud in France or C5 in Germany have been initiated,” Hervé explains. Companies, service providers, and public institutions are moving in the same direction — toward building a practical and operational European digital sovereignty.
-
“The framework published by the European Commission in November 2025 will provide a blueprint for cloud strategies.” Hervé affirms. “Organizations now have a guide with which to conduct assessments based on eight different objectives.”
|
Sovereignty type |
How |
Objective |
| 1 |
Strategic Sovereignty |
Check the strategic roadmap of the cloud supplier, challenge the contract models |
Alignment of cloud services with the EU’s legal, financial and strategic interests |
| 2 |
Legal & Jurisdictional Sovereignty |
Ensure strict contractual guarantees: observe local regulations, contract adaptations, SLAs, and non-data disclosure |
Protect against extraterritorial laws and ensure that EU legal jurisdiction prevails |
| 3 |
Data & AI Sovereignty |
Request data storage and access (encryption), certifications (C5, ISO27001…), governance |
Ensure control, security, and autonomy over data and AI services |
| 4 |
Operational Sovereignty |
Set up exit plans, diversify to reduce vendor lock‑in, and prioritize autonomous/local operations |
Enable operations and evolution of the technology independently from sovereign control |
| 5 |
Supply Chain Sovereignty |
Request hardware access, supply chain transparency, and control |
Ensure control and transparency over the supply chain |
| 6 |
Technological Sovereignty |
Adopt open source and contingency planning |
Ensure technological independence and openness of technology by avoiding lock‑in to foreign systems |
| 7 |
Security & Compliance Sovereignty |
Ensure regular audits and access to SOC |
Ensure that security and compliance operations remain under EU control |
| 8 |
Environmental Sustainability |
Request certifications and ESG strategy |
Ensure long-term autonomy in energy use and reduce the environmental impact of cloud services |
US providers adapting to the European market
It is also important to acknowledge that U.S. service providers are actively adapting to Europe’s growing demand for digital sovereignty. Major hyperscalers are expanding their sovereign offerings to better align with European regulatory, security, and data residency requirements. For example, Microsoft has introduced an expanded sovereign cloud portfolio spanning both public and hybrid cloud models; Google has launched disconnected, air-gapped cloud solutions designed for highly sensitive environments.
These initiatives demonstrate that sovereignty does not necessarily imply exclusion. Rather, it reflects a market evolution in which global providers are tailoring their IT architecture and governance models to meet Europe’s expectations. In this context, U.S. providers remain valuable partners, offering viable and competitive solutions for a wide range of innovative use cases.
Sovereignty is no longer all-or-nothing. These days, it’s a spectrum offering freedom of choice.
Gwénaëlle Hervé, Digital Sovereignty Lead at Proximus NXT
What IT teams can do now
Navigating options is getting complex. Between the portfolios of hyperscalers, their rapidly evolving “sovereignty” offerings, and European providers maturing fast, it’s easy to get lost in claims, certifications and architectures. Hervé proposes a pragmatic path that balances innovation and control:
- Map critical workloads and legal exposure across identity, data, analytics/AI, runtime, and observability.
Set sovereignty targets per domain based on data sensitivity.
- Architect for exit and portability and define when local operations or disconnected modes are recommended.
- Adopt additional sovereign controls on public cloud where possible: confidential compute, external keys, independent attestation, and sovereign landing zones.
- Use private or disconnected clouds for the most sensitive data.
- For any sovereign solution, use procurement to shape the market: include switching/transparency clauses, clarify handling of extra‑territorial requests, and request evidence of controls—not just assurances.
“In practice, European organizations don’t need to reinvent their entire cloud strategy. They can use global platforms where they excel, without compromising on sovereignty, and turn to European options when the use case permits it. The key is to match each type of data with the right sovereign solution, make sure to apply additional controls supported by auditready evidence (such as reports or European certifications) when required and maintain both contractual and technical portability across ecosystems.”
Want more control over your digital sovereignty journey?
Our experts help you navigate cloud choices, reduce dependency risks and design architectures that balance innovation with European control.
Talk to an expert
Opens a new window
Gwénaëlle Hervé
Gwénaëlle Hervé leads the digital sovereignty strategy for Proximus NXT across the Benelux. Heading a cross-functional team, she shapes the strategic directions, investment priorities, and market approach that position Proximus NXT as a leading player in digital sovereignty.
Sources
* Bertelsmann Stiftung — EuroStack: A European Alternative for Digital Sovereignty (2025). “>80% of Europe’s digital technologies imported; 70% of global foundation models from the US; EU firms 7% of global software/internet R&D.”
** Cigref / Asterès (Apr 2025): Technological Dependence on American Software and Cloud Services — An Assessment of the Economic Consequences in Europe — “€264 bn per year (~1.5% EU GDP).”
*** CIO / Computerwoche (Feb 2025), citing Synergy Research Group: “~70% of European cloud market held by AWS, Microsoft, Google (2022).”
**** Cloud Temple summary of the Cigref/Asterès report (Jul 2025) — accessible recap of the same figures.
***** PAC / SITSI (2024–2025): Cloud Platforms by Segments — Market Figures — Belgium — “Belgian cloud platform shares (Microsoft 31%, AWS 15%, Google 6%).”
