EU digital infrastructure package seeks to cut reliance on US and China with data rules, chip boost and new AI centers
EU Commission unveils a digital infrastructure package to reduce dependence on US/China, triple data‑center capacity, and push European chips and AI hubs.
Europe’s push to secure EU digital infrastructure took a concrete step as the European Commission presented a broad legislative package aimed at reducing dependence on digital services and hardware from the United States and China. The proposals would raise demand for European semiconductors, promote native cloud and AI solutions, and require public authorities to prefer services that keep sensitive data on servers located in the EU. The measures still require approval from member states and the European Parliament before they can take effect.
Commission sends legal framework to bolster technological sovereignty
The Commission framed the package as an integrated effort to convert Europe’s research and industrial strengths into technological sovereignty. Officials said the rules are designed to ensure that hospitals, energy grids and emergency services do not rely on foreign-controlled technology that could be switched off or manipulated remotely. The initiative includes regulatory, procurement and investment measures to steer public and private demand toward European suppliers.
The proposals are positioned as a long-term industrial strategy rather than immediate trade protectionism, with funding and incentives intended to scale capacity across the continent. Implementing the plan will depend on negotiations in Brussels and national capitals, where member states will weigh security, costs and market access.
Public sector required to keep sensitive data on European servers
Under the draft rules, national governments, police forces, hospitals and other public bodies would be expected to use cloud services and AI models that store and process sensitive data on servers within the EU. The Commission differentiates by data sensitivity and allows third‑country providers to qualify if they meet strict assurances, but it explicitly signals reservations about providers subject to foreign intelligence regimes.
The measure aims to tighten standards around data governance and contractual control, making it harder for non‑EU authorities to compel access to European citizens’ data. Authorities would be required to document risk assessments and choose suppliers that can demonstrate legal and operational guarantees for data residency and access controls.
Ambitious target to triple European data‑center capacity in five to seven years
A central technical target in the package is to increase the capacity of European data centers threefold within a five‑to‑seven‑year window. The Commission says expanding local compute capacity is critical to support domestic AI development, cloud resilience and the growing needs of industry and public services. Officials propose a mix of regulatory streamlining, targeted investments and incentives for green, energy‑efficient facilities.
Industry analysts note that achieving such a scale-up will require accelerated permitting, grid upgrades and substantial private investment, alongside incentives for semiconductor and cooling technologies. Member states will be asked to coordinate infrastructure plans and align national funding with EU objectives.
Semiconductor demand and new AI centers to strengthen the supply chain
The package includes measures to stimulate demand for European‑made semiconductors and to foster new AI competence centers across the bloc. By prioritizing domestic procurement in public‑sector projects and supporting joint procurement initiatives, the Commission hopes to create predictable orders that justify increased production capacity. The aim is to link compute capacity expansion with chip supply to avoid bottlenecks for AI and critical infrastructure applications.
Support for AI hubs is designed to concentrate expertise, provide shared high‑performance compute, and accelerate commercialization of research. The Commission describes the approach as a way to capture economies of scale while preserving interoperability and open standards.
Tighter rules for non‑EU providers and promotion of open‑source options
The draft rules flag limitations for providers based in countries whose intelligence services have broad extraterritorial access, citing concerns over legal reach rather than nationality alone. U.S.-based services face particular scrutiny because of the scope of American intelligence powers, according to Commission guidance, while other non‑EU providers could be assessed and cleared under strict conditions. At the same time, the package contains explicit support for open‑source solutions and operators whose code and governance are transparent.
Technology Commissioner Henna Virkkunen framed these constraints in security terms, warning of the operational risk from remote shut‑offs or “kill‑switch” capabilities that could disrupt essential services. The Commission wants contractual and technical controls that ensure European authorities retain the ability to operate and audit critical systems independently.
European Parliament to adopt Qwant as default search in browsers
In a symbolic move reflecting the broader push, the European Parliament announced it will set the French search engine Qwant as the default in browsers used by MEPs and staff, replacing Google in that role. The change is presented as an example of how institutions can shift procurement and default settings to favor European alternatives where suitable. Parliament and other EU bodies still rely in part on established outside services, and the transition is expected to be phased to manage operational continuity.
The Qwant decision underscores a wider emphasis on procurement, defaults and institutional practice as levers for market change, rather than relying solely on subsidies or mandates.
The Commission package marks a clear effort to reshape market signals and public procurement so European suppliers can scale, while embedding stricter data‑locality and control rules for public services. Approval by member states and the European Parliament will determine the scope and timing of the measures.
Implementation will require coordination on financing, regulation and infrastructure planning, and officials acknowledge tradeoffs between security, costs and openness. As negotiations unfold, stakeholders across industry and government are expected to engage closely to refine technical standards and the criteria for acceptable non‑EU providers.
