The EU Wants Its Own Tech Supply Chain The European Commission introduced a Tech Sovereignty Package on 3 June to reduce Europe's dependence on foreign technology, particularly from the U.S., citing concerns over security and liability. The package includes the European Chips Act 2.0 and the Cloud and AI Development Act, along with strategies for open-source software and grid resilience, aiming to boost European tech supply chains. It’s little secret that Europe is dependent on foreign technology—particularly U.S. tech—for office software, cloud services, AI, and more. This may have been easy to accept just several years ago, but when the United States https://spectrum.ieee.org/tag/united-states government now openly threatens https://euobserver.com/19745/eu-rejects-us-claims-of-censorship-over-tech-rules-after-visa-bans/ European countries with military action, there is growing anxiety in Europe that technology dependency is a liability https://spectrum.ieee.org/tag/liability . One 3 June, the European Commission https://spectrum.ieee.org/tag/european-commission , the European Union’s executive branch, introduced a sprawling package https://digital-strategy.ec.europa.eu/en/policies/eu-tech-sovereignty that seeks to shift the tech supply chain https://spectrum.ieee.org/tag/supply-chain in Europe’s favor. This Tech Sovereignty Package contains four parts. Two are proposed laws—the European Chips Act 2.0 https://digital-strategy.ec.europa.eu/en/policies/chips-act-2 and the Cloud and AI Development Act https://digital-strategy.ec.europa.eu/en/policies/cloud-and-ai-development-act . The other two are broader strategies—one to promote open-source software https://digital-strategy.ec.europa.eu/en/policies/open-source-strategy and one to shore up the EU’s electric grid https://energy.ec.europa.eu/topics/eus-energy-system/digitalisation-energy-system en strategic-roadmap-for-digitalisation-and-ai-in-energy . Before the first two can become law, they must go through a long process involving the EU’s other two lawmaking bodies: the Parliament and the Council. The Commission’s vision places European governments and crucial industry at the forefront of change, encouraging them to fund and buy European tech. Some analysts, however, are unconvinced the measures go far enough to change the status quo. Part 1: Chips Act https://spectrum.ieee.org/tag/chips-act 2.0 As indicated in the name, the Chips Act 2.0 https://digital-strategy.ec.europa.eu/en/policies/chips-act-2 follows the EU’s original Chips Act https://spectrum.ieee.org/eu-chips-act-imec , adopted in 2023 and not to be confused with its similarly named U.S. counterpart https://spectrum.ieee.org/chips-act-map . The first European Chips Act encouraged investment in EU semiconductor production, aiming to reach a 20 percent share in the world market for “cutting-edge and sustainable” microchips https://spectrum.ieee.org/tag/microchips by 2030. It supported pilot lines in areas like sub-2-nanometer chips and photonics https://spectrum.ieee.org/tag/photonics , in addition to both large fabs and small startups https://spectrum.ieee.org/tag/startups . Early results have been mixed— a 2025 audit https://op.europa.eu/en/publication-detail/-/publication/d4bc75a6-2574-11f0-ac85-01aa75ed71a1/language-en found that the first Chips Act had created progress in areas like chip design https://spectrum.ieee.org/tag/chip-design and pilot lines, but deemed it “unlikely to be sufficient” to reach an “overly ambitious” target. One criticism of the first Chips Act was that it did little to cultivate demand for European-made semiconductors https://spectrum.ieee.org/topic/semiconductors/ . The Chips Act 2.0, then, includes demand-boosting measures that encourage governments and industry to use European chips, in addition to retaining its supply-side funding. There are new supply-side elements, too. The Chips Act 2.0 allows the Commission to fund certain fabs as “strategic projects” and fast-track them through permitting. The Commission has proposed an open-access foundry https://spectrum.ieee.org/tag/foundry to manufacture chips at 3-nm-process nodes or lower, which could start pilot production between 2030 and 2033. If successful, European semiconductor manufacturers could take over the supply for industrial firms in automotive, defence, and advanced manufacturing https://spectrum.ieee.org/tag/advanced-manufacturing . Today, these firms are especially vulnerable to global supply-chain disruptions. At the same time, some analysts still question whether the Chips Act will create enough demand. “The Commission clearly recognizes this in the revision and devotes considerable attention to demand-side levers,” says Tillman Schenk, researcher at Bruegel https://www.bruegel.org/ , a Brussels-based think tank. “However, these instruments currently strike me as somewhat underdeveloped.” Some analysts write https://eurostack.eu/blog/the-commissions-tech-sovereignty-package-is-nearly-here-early-thoughts/ that to raise demand, the EU must explicitly require, not merely encourage, governments to “buy European.” Part 2: Cloud and AI Development Act The accompanying Cloud and AI Development Act https://digital-strategy.ec.europa.eu/en/policies/cloud-and-ai-development-act CADA focuses on cloud services and data centers https://spectrum.ieee.org/tag/data-centers . The EU trails both the U.S. and China https://www.iea.org/data-and-statistics/data-tools/energy-and-ai-observatory?tab=Energy+for+AI in total data-center capacity, and European leaders say they need to close this cloud gap if both EU governments and industry are to make the most of cutting-edge AI. Therefore, CADA calls for a tripling of EU data-center capacity by the early 2030s. Michael Winterson https://datacentre.me/newsletter/the-eudca-announces-board-of-directors-for-2025-27/ , Secretary General of the European Data Centre Association, calls the goal “achievable in principle” and says that “demand alone could justify a tripling of capacity.” Achieving this goal will require dramatically speeding up data-center projects that today might get stuck in permitting or waiting in a queue for electrical supply, he says. CADA stipulates that member states should designate particular projects and “acceleration zones” for fast-tracked approval. It also stipulates that, by 2030, data-center operators should be able to obtain the necessary permits and grid access—often a years-long process today—in 18 months. But in Europe, there are some rather large elephants in the cloud https://spectrum.ieee.org/europe-cloud-sovereignty . Today, four U.S. hyperscalers—AWS, Google https://spectrum.ieee.org/tag/google Cloud, IBM https://spectrum.ieee.org/tag/ibm Cloud, and Microsoft https://spectrum.ieee.org/tag/microsoft Azure—account for over two-thirds of EU cloud services https://www.ceps.eu/disk-backup-to-the-cloud-is-a-gaping-vulnerability-in-the-eus-security/ . This troubles some Europeans because U.S. law https://en.wikipedia.org/wiki/CLOUD Act authorizes U.S. authorities to compel U.S. firms to hand over data even if stored abroad. To ensure that more sensitive European data stays within Europe, CADA lays out a sliding scale of four “assurance levels.” Higher levels require more EU-located data, infrastructure, staff, and supply chains. However, national authorities can choose assurance levels as they see fit, so the same application might use different levels in different countries. Some analysts like EuroStack’s Stéfane Fermigier note https://eurostack.eu/blog/the-commissions-tech-sovereignty-package-is-nearly-here-early-thoughts/ that this leaves the door open for the assurance levels to be applied unevenly. American hyperscalers could locate data centers in the EU, claim sovereignty compliance, and avoid ceding ground to their smaller European counterparts. Part 3: EU Energy System Road Map The announcement of a threefold increase in the EU’s data-center capacity is unlikely to comfort the many Europeans who oppose their construction, citing concerns https://algorithmwatch.org/en/infrastructure-intrusion-conflict-data-center/ about their environmental footprints or their potential to strain the electrical grid https://spectrum.ieee.org/tag/electrical-grid . Partly in response, the EU’s tech sovereignty package includes a “strategic roadmap” https://energy.ec.europa.eu/news/commission-presents-measures-digitalise-europes-energy-system-while-ensuring-sustainable-2026-06-03 en for Europe’s electrical grids. The Commission has proposed https://energy.ec.europa.eu/news/rating-scheme-data-centres-eu-commission-launches-call-feedback-2026-03-27 en a rating system that would grade data centers based on their efficiency and environmental footprint, but this scheme has reportedly been delayed https://www.theregister.com/on-prem/2026/06/10/brussels-datacenter-efficiency-scorecard-may-come-with-a-credit-warning/5253297 under pressure from data-center operators and some EU member states. The road map includes support and research projects for smart grids https://spectrum.ieee.org/tomorrows-power-grid-will-be-autonomous and for AI models https://spectrum.ieee.org/tag/ai-models in the energy sector. It also plans to enable EU electric grids to more easily exchange data across borders. Unlike the Chips Acts or CADA, the road map is not a proposed law. In many cases, its measures are research projects or promises to introduce future legislation https://spectrum.ieee.org/tag/legislation by the end of 2027. Part 4: Open Source https://spectrum.ieee.org/tag/open-source Strategy European public administrations spend an estimated €264 billion https://www.cigref.fr/wp/wp-content/uploads/2025/05/TECHNOLOGICAL-DEPENDENCE-ON-AMERICAN-SOFTWARE-AND-CLOUD-SERVICES-AN-ASSESSMENT-OF-THE-ECONOMIC-CONSEQUENCES.pdf per year on proprietary IT, with 80 percent going to American companies. In the past several years some European bodies have made sporadic moves https://techcrunch.com/2026/04/27/whats-behind-europes-efforts-to-ditch-u-s-software-in-favor-of-sovereign-tech/ toward open-source alternatives, perhaps most notably the French civil service’s migration https://www.zdnet.com/article/france-leaves-windows-for-linux-desktop/ from Windows to Linux https://spectrum.ieee.org/tag/linux . Now, the European Commission has unveiled an expensive strategy to promote open source in the public sector https://digital-strategy.ec.europa.eu/en/policies/open-source-strategy . In theory, open source could at once save on costs, phase out non-European software, and benefit European open-source developers. The Commission’s plan stretches beyond office software and operating systems https://spectrum.ieee.org/tag/operating-systems . It envisions public services partaking in a “vibrant” open-source ecosystem for everything from AI to RISC-V https://spectrum.ieee.org/tag/risc-v semiconductors to Web 4.0 architecture. It plans to fund open-source startups and developers in key sectors. Although this strategy is not in itself a law, CADA includes some open-source measures, like a provision to “encourage” public-sector bodies to use open-source cloud and AI. In theory, this could establish a precedent for governments to choose “open source first.” Jordan Maris https://opensource.org/blog/author/jordan-maris , EU Policy Analyst for the Open Source Initiative, is optimistic about the package. He particularly believes it could be a boon for maintainers of core software. “They will likely receive recognition and opportunities for funding,” he says. “My guess is it will predominantly serve individual developers but some community-led projects could also benefit.” Maris also says it can benefit developers of crucial enterprise software https://spectrum.ieee.org/tag/enterprise-software like Collabora Online, Euro-Office, and Nextcloud. Other open-source advocates, however, argue https://eurostack.eu/blog/ecs-tech-sovereignty-package-update/ that the open-source measures in CADA do not go far enough. In particular, since CADA’s articles “encourage” public-sector bodies to prioritize open source rather than “require” it, the public sector may instead let inertia take its course. This package is not final. The Chips Act 2.0 and CADA will now proceed through further European lawmaking, involving the European Council and European Parliament https://commission.europa.eu/law/law-making-process en , a process that inevitably changes the content. There’s also pressure from U.S. tech firms https://www.theguardian.com/technology/2026/apr/17/microsoft-us-tech-firms-lobbied-eu-secrecy-rules-datacentre-emissions and some of the EU’s own member states https://subscriber.politicopro.com/article/eenews/2026/06/03/eu-delays-data-center-sustainability-label-after-heavy-criticism-00946716 to water down some of the requirements, as already happened with some of the open-source measures https://eurostack.eu/blog/ecs-tech-sovereignty-package-update/ .