Google Cloud urges changes to EU tech sovereignty plans

Google Cloud has urged EU policymakers to revise parts of the European Commission’s Tech Sovereignty Package, arguing that some proposed cloud sovereignty measures could unintentionally isolate the European digital market.

In a policy statement, Giorgia Abeltino, Head of Government Affairs and Public Policy for Google Cloud in EMEA, said Europe requires significant investment in digital infrastructure to strengthen competitiveness, security and technological sovereignty. She said the EU is considering how to expand its digital footprint across chips, cloud adoption, and AI data infrastructure.

Google Cloud said it supports the Commission’s emphasis on openness, partnerships and fair competition, particularly measures aimed at interoperability and reducing vendor lock-in. It welcomed measures on interoperability, efforts to address vendor lock-in, an open source strategy for the public sector, and faster data centre deployment.

However, the company said certain elements of the proposed Cloud and AI Development Act should be changed to avoid unintended market isolation. Google Cloud said trusted global partners should be able to continue supporting Europe’s security and scaling goals under an open framework.

The company said its vision of technological sovereignty is based on verifiable technical controls, customer choice and continued investment in European digital infrastructure. It pointed to its sovereign cloud services, including standard public cloud configurations with European data boundaries, independently operated regional cloud services, and air-gapped solutions for sensitive public-sector operations.

Google Cloud also highlighted partnerships with European companies, including S3NS in France; Thales, Schwarz Group, and T-Systems in Germany; PSN in Italy; Clarence in Luxembourg; and Telefónica in Spain. It said these partnerships support operational resilience and jurisdictional controls under existing national tech sovereignty frameworks.

The company said the S3NS offering in France has been qualified under SecNumCloud 3.2. It also said Clarence and S3NS, together with Mistral, offer services approved by the EU Directorate-General for Digital Services for use by EU institutions with sovereign cloud needs.

Google Cloud also raised concerns about the proposed Union Assurance Levels within the Cloud and AI Development Act. It said harmonising sovereignty criteria across Member States is useful, but argued that the proposed criteria could limit or exclude global providers regardless of the security safeguards they offer.

The company said EU rules should allow technical approaches to sovereign control rather than relying too heavily on geographic criteria. The company cited its Cloud External Key Manager as an example of a technical sovereignty mechanism that allows customers to retain control of encryption keys outside Google’s infrastructure.

Google Cloud also called for the Cloud and AI Development Act to follow a more balanced approach similar to the proposed Industrial Accelerator Act. The company said trusted non-EU partners should be able to operate as EU-origin under clear conditions, backed by trade rules and safeguards.

The company also backed the package’s goal of promoting interoperability and reducing vendor lock-in. It said tech sovereignty should increase user choice and argued for reforms allowing users to move software licences freely, ensuring fair pricing for legacy software, and guaranteeing that software runs equally well on any cloud platform.

Google Cloud said physical compute infrastructure is central to digital tech sovereignty. It welcomed the ambitions of Chips Act 2.0 and the proposed €30 billion investment in European semiconductor research and development, but said Europe also needs regulatory conditions that attract large-scale compute infrastructure investment.

The company said it operates 13 European cloud regions and has recently invested in Germany, Belgium, and Sweden. It welcomed proposed special project status for data infrastructure projects to streamline permitting, grid access, and power purchase agreements.

Google Cloud said fast-track permitting should prioritise highly sustainable infrastructure projects. It also called for national sustainability criteria to align with the upcoming EU-wide rating scheme and said acceleration zones should not artificially restrict where new data centres can be built.

The company said Europe has an opportunity to build a resilient, competitive and open digital future. It said global innovation and European values can be advanced together through open source software, sovereign cloud partnerships and collaboration with European policymakers and regional partners.

Why does it matter?

The debate highlights a central challenge in Europe’s digital policy agenda: how to strengthen technological sovereignty without undermining openness, competition and access to global innovation. As the EU seeks greater control over critical digital infrastructure, cloud services and AI capabilities, policymakers must decide whether sovereignty should be defined primarily by ownership and geography or by technical safeguards and operational control.

The outcome could have significant implications for the future European cloud and AI market. Rules governing sovereign cloud services, data infrastructure and assurance standards will influence investment decisions, public-sector procurement, competition among providers and Europe’s ability to develop advanced AI capabilities. The discussion also reflects broader tensions between strategic autonomy and international technology partnerships that are increasingly shaping digital policy worldwide.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!