Europe votes to tackle deep dependence on US tech in sovereignty drive

European lawmakers on Thursday adopted a comprehensive report on technological sovereignty and digital infrastructure that directs the European Commission to reduce the bloc’s heavy reliance on foreign technology providers across semiconductors, cloud infrastructure, software, and AI systems.

The report passed 471-68 in the full Parliament, with 77% voting in favor and support from major parties including the European People’s Party, Social Democrats, Liberals, and Greens. While non-binding, it directs the European Commission to map critical technology dependencies across the board, then develop policies reducing reliance on foreign providers.

The vote comes as geopolitical tensions drive technology strategy changes across European enterprises.

According to the parliamentary document, the EU relies on non-EU countries for over 80% of digital products, services, infrastructure, and intellectual property, a dependency analysts say will require a decade-long transformation to address.

Broad technology dependencies

The depth of European reliance on foreign technology providers varies across sectors but remains substantial throughout the stack. In cloud infrastructure alone, Amazon, Microsoft, and Google command 70% of the European market, while local providers including SAP, Deutsche Telekom, and OVHcloud collectively hold just 15%.

However, cloud represents just one dimension of the technology sovereignty challenge. The report addresses the entire digital stack, from semiconductor supply chains to AI model development.

“Recent geopolitical tensions show that the issue of Europe’s digital sovereignty is of the utmost importance,” Michał Kobosko, the Renew Europe MEP who negotiated the report text, said in a statement. “If we do not act now to reduce Europe’s technological dependence on foreign actors, we run the risk of becoming a digital colony.”

The report calls for developing a “Eurostack,” a foundational layer of European public digital infrastructure spanning semiconductors, cloud infrastructure, software, and AI systems built on open standards. It also advocates for “Open Source first” policies in government procurement.

Dario Maisto, senior analyst at Forrester, noted the Commission’s recent momentum: “In a ‘Call for Evidence’ published two weeks ago, the European Commission stated that the EU’s reliance on non-European tech suppliers has become a strategic liability. This activism at this level is unprecedented.” The Commission’s open-source initiative, announced earlier this month, focuses on wider adoption in public and private sectors.

Decade-long transformation

While the parliamentary vote signals political commitment to reducing technology dependencies, analysts warn that the shift will require sustained effort over many years. Enterprise response to these dependencies is already evident: 61% of Western European CIOs and IT leaders plan to increase reliance on local or regional cloud providers due to geopolitical factors, while 53% said these factors will restrict future use of global providers, according to a November 2025 Gartner survey of 241 technology leaders.

“The subject of sovereignty used to be dominated by data residency because the main driver was data protection,” said Nader Henein, VP analyst at Gartner. “Due to geopolitical tensions, the driver has shifted to reducing foreign digital dependency across the entire technology stack. European CIOs are now tasked with redesigning their approach to semiconductors, cloud, software, and AI, upending two decades of established strategy. It’s not going to be easy, it’s not going to be cheap, and it’s going to span multiple generations of CIOs.”

When asked whether European enterprises will see viable sovereign alternatives across core technology areas, Henein said: “The answer is yes, but the time horizon is potentially more than a decade. Europe has been supporting US technology providers through licensing agreements for the better part of the last two decades. Reversing that trend will not happen in one or two years.”

Sanchit Vir Gogia, chief analyst at Greyhound Research, emphasized that while the vote represents “arguably the most comprehensive political signal yet that Europe no longer sees digital dependency as tolerable,” it remains “not legislation, not procurement reform, not enforceable. Not yet.”

For enterprise IT leaders, Gogia said digital sovereignty must be defined by operational control rather than hosting location. He outlined five critical controls: jurisdiction, key management, identity governance, operational command, and reversibility. “If data is in Europe but the keys are not, you do not have sovereignty,” he said.

Can procurement shift market dynamics?

A key question is whether the report’s proposed preferential procurement policies can actually change market realities, given the massive scale advantages of established technology providers.

Gogia said procurement policies “can influence the market, but only in domains where public sector demand is large, coordinated, and backed by providers who can meet sovereignty thresholds without compromising capability.” However, he warned that success requires member state alignment: “If France certifies a sovereign cloud and Germany refuses to recognize it, we enter patchwork territory.”

Maisto noted market convergence across the technology landscape. “US technology providers are getting closer to the sovereignty needs of their clients, while European players are granting more interoperability. In the short term, we are not going to see complete migrations away from established providers. This will be revolutionary long-term change that happens incrementally, workload by workload,” Maisto said.

An IDC survey found that 64% of European organizations have adopted risk mitigation approaches to either hold or migrate GDPR-governed data to datacenters in Europe, while 69% agree that digital sovereignty initiatives enhance trust. The debate over how sovereign hyperscaler cloud offerings actually are continues among analysts.

Maisto recommended a “Minimum Viable Sovereignty” approach that minimizes change and budget while achieving necessary sovereignty. “Data residency is a false friend of data sovereignty,” he said. “It really depends on the organization’s sovereignty needs.”