Exactly. So long as that is true, the idea that an EU datacenter run by Microsoft can be "sovereign" is nonsense. Having an in-EU owned cloud becomes a national security issue.
Tech independence is a long way off though. I wonder if, like the carbon transition, it will require an announced phaseout date to concentrate minds.
Microsoft could just bluescreen every Windows device in the USA with a message "Call your legislator at 555-9999 and tell them to repeal the CHUM Act"
Call it cynical if you like, but I see it as a plain statement of fact that as of May 2025:
- A cloud platform riddled with security vulnerabilities.
- Two major breaches that exposed customer data to other customers.
- Widely disliked by seasoned cloud professionals who are forced to use it.
And yet...it’s thriving....Microsoft’s earnings yesterday showed Azure and other cloud services up 33% year-over-year, and the stock jumped 9% in after-hours trading.
I wonder how much difference would there be between a European company running a DC or Microsoft running a DC under a Microsoft European entity.
Windows itself has had backdoors via viruses. But even the Linux kernel has been vulnerable in the past to backdoors, so there is also that.
So I imaging there’s no reason this same approach can’t have done in Europe, and Microsoft already has development centers all over Europe, so they already have the necessary employees to run this, to some degree anyways.
This behavior is peak willful ignorance. Its sold as risk planing by EU entities but after all its just liability planing.
What I mean by that is, for convenience reasons everyone goes along with US Clouds knowing it is technically absolutely possible to access the data but as long the contracts are clean and state they are following EU law its fine. Just in case you can make the point the contract was broken the paper is of relevance.
The new worry is different; denial of service. Your bank can just Go Away one day. Like what happened to Amsterdam-based, but Russian owned, ATB bank. Its cloud resources were blocked and even the Dutch bankruptcy court had trouble getting access to the data to wind down the bank.
That's an existential threat. One you can ignore if your values are aligned with the US administration, but the administration is completely unpredictable, not to say nihilistic. This is making companies very (very) nervous, even without the regulator saying anything to them.
Long way indeed, but how knows it could be the year of SuSE desktop or something like that.
And naturally Siemens and Nokia could have another go at phones, or maybe everyone should get a Jolla one.
The trade war shows that "sovereign" computing is a spectrum, and to be fully sovereign you need to be able to create everything yourself, from end user software, through services, operating systems, bootloaders, firmware, programming languages, datacentres, network, board layouts, processor designs, board assembly, processor fabs, processing rare earth minerals, mining ore etc, plus everything you need to do that.
The only way out is to split all of those tech companies, which frankly isn't a bad idea at all.
Suppose I'm a US company and I rent some storage space from a US cloud provider and put some data on their service using the APIs they provide their customers, and I rent some storage space from an EU cloud provider and put some data there using the APIs they provide their customers.
I'm the one who controls that data. The cloud providers just provide storage space for me.
If the US government wants to get that data using the Cloud Act they don't ask the US cloud company and the EU cloud company for it.
They ask me for it. I have to retrieve it, which I do using the exact same APIs I would use if I were retrieving it for my own use. To the cloud providers it just looks like a normal case of a storage client of theirs retrieving data.
Who actually needs hyperscalers? Is it a whole company or just a single app of that company which needs hyperscaling along a certain requirement (storage, processing, bandwidth)?
And if you go into a US vs Europe comparison, SAP seems to be scaling fine. And datacenters used by netflix, cloudflare, etc. are all over the place.
If the EU stepped in to block the acquisition or corporate move, in order to keep their tech homegrown, it would be seen as government overreach and not respecting the free markets.
Why are we sacrificing our sovereignty to an abstract ideology?
AFAIK, Spotify doesn't have any presence in SV, but the US part is in NYC, besides the presence in Stockholm (obviously) and the holding company in Luxembourg.
The EU's would seem to vibe more with open source than privately-owned hyperscalers. Maybe host it for free for EU persons and companies.
Europe and other parts of the world should reduce their dependency on American tech, or any other tech that locks them in - regardless of it is geopolitical or something else (SAP?). They're not going to be able to do it soon, so will wait out the next four years. Governments do have a serious problem though, but are going to struggle to get the investment together.
Re: investment, there's long been a solid set of EU open source contributors, from Torvalds himself through SUSE etc. I think if we identified the right 100 people and gave them money and a sense of civic mission, the EU could achieve a lot in this area. However, the EU's own anti-subsidy rules trip it up here.
The history of Munich is very interesting here: https://www.zdnet.com/article/linux-not-windows-why-munich-i...
Of course it's also political. If you want an alternative to US megacorps you have to put up with reds and greens.
More like realize it wasn’t safe even before Trump
For B2B solutions, it’s more about implementation, workflows and support. Of course scaling and core platform maintenance and support is a challenge with self-hosting.
Making those in power realize that it is not acceptable to be totally dependant on and locked-in to US tech.
As it stands, getting into kernel development or working on something like a desktop environment (or adjacent software like Firefox or Chromium) is quite difficult in a way that supports you financially.
I mean, as individuals, we still invest personal time into public domain projects because we love to tinker and build stuff - but sadly we can't afford to do that full time.
https://lwn.net/Articles/997959/ https://github.com/fossjobs/fossjobs/wiki/resources
Igalia is probably the best option for getting into core browser/etc work, they are hiring for WebKit/Chromium and are also working on Servo.
ps: just in time for https://old.reddit.com/r/linux/comments/1kc074t/linux_us_mar...
https://nlnet.nl/ https://www.sovereign.tech/ https://github.com/fossjobs/fossjobs/wiki/resources
In other words, if I were an EU startup, who should I compete with/try to clone?
From a public interest point of view I would say AWS, GCP and Azure
From the likelihood of a business being successful probably less well entrenched services, and ones politicians understand - so probably things directly used by consumers and very visible. Probably SaaS of some kind.
Also, its not just the EU (which is what the article is about). Non EU European countries, and the rest of the world too also have a problem with this dependence. I think the best approach would be broad collaborations on development, with deployment at a national level so every country could have sovereign data centres.
Going back to the old ways, where software was shrink wrapped, fast and local. So if that's where we end up I think we failed to make use of the potential in this forced decoupling event.
I would prefer that, but the GP was asking what a startup should try to do, and I think trying to get people to go back to using their own machines would be an additional barrier.
One could market strongly with the data privacy / sovereignty angle that resonates a lot more in Europe than the US.
I think its partly a cultural change with regard to privacy and partly learned helplessness.
As for services/products - cloud and MS. From MS - Active directory, Exchange, Outlook, Word, Excel and probably Powerpoint in no particular order. The key is not to have something basic cca working, we have those for decades and they are pretty fringe. Walking the last mile, the hardest part of smoothing integration, ironing UI, responsiveness. This would be a massive task, but worth it.
You have this, you don't need to look back at questionable US products anymore, at least not until they ship as bunch of code that you build and review locally. Goodbye NSA, back to cutting fiber optic cables on the bottom of the sea.
A lot of FOSS and other non-US software has at least as good UI and often better responsiveness.
However for many people particular apps they need are Windows only. Lots of industry vertical stuff.
With regard to marketing and branding, a lot of people use AWS because of the brand. Its not a particularly good provider of VPSs but I have lost count of how many people use AWS as a VPS provider (not using other services) and even worse most of them buy and instance plus storage rather than saving money by using Lightsail. I have had people argue that potential acquirers might be put off by using smaller providers.
Thankfully, it seems that a movement from inside governments is really starting, with more and more project funding demanding e.g. avoiding vendor lock-in. This helped push one of my projects from MSSQL to Postgres. One step at a time...
I'd envision building a plug-in replacement to facilitate switching.
But what really would rock the boat would be a MS 365 competitor, since that's currently suffocating everything, because everything is included: email, files, office suite, chat... None of these have to be the Same Product (and I'd prefer specialization), but the integration between different apps should be painless. So, protocols.
If nation states could onshore that package, it would even out the playing field for the other, more optional applications
Think everyone knows US spy agencies will just help themselves to the data anyway regardless of the legal details. Thats just the reality of today’s world. And beyond that with how DOGE seems to be raiding whatever data they want under questionable circumstances I don’t think the issue is limited to NSA and friends.
On that basis the only choice seems to be to move away from US providers
The EU absolutely should try to stand up their own tech infrastructure. Entire supply chain. chips, software, everything. Absolutely needs to happen eventually.
The problem with the EU is singlular; there has been loads of anti-microsoft folks attempting to beat them for basically forever. Unsuccessfully. They dont have anyone who can; if they did they could just me like hey XYZ here's a trillion $, make us independent.
All the EU really has is regulation. Which by itself will prevent investment from ever giving them independence. The irony that their future of independence depends on extreme deregulation.
Mind you, they absolutely do need to, so get started right away.
This should be very clear to everyone involved. IMO, the plan should be to disallow US cloud providers this side of the pond.
These days internet services are essential infrastructure. Much like you don't want a hostile foreign nation controlling your water supply or electricity, you also don't want them controlling your internet.
And without the ability to produce their own GPUs, Europe can't become independent of the USA.
This is GCP run in an independent, non-google-owned air-gapped data center, operated by local employees in France. No US connection at all - Google just license their software from what I understand, and have no remote or physical access, so even if they did get a secret order to do something, they couldn't.
This sort of thing is the way to go
philipallstar•9mo ago
noosphr•9mo ago
jeffrallen•9mo ago
graemep•9mo ago
ekianjo•9mo ago
jajko•9mo ago
And worse than fool in case of said dictatorship which already enslaved half of said continent for decades in the recent past, infecting those societies with their corrupt ways of life, terror and ruling that still affect those places to this day very negatively.
I know about this a bit since I was raised in one such place and saw it all before, during and after fall of Iron curtain. Russians/Soviets were feared even when they were liberating these lands from nazis - they stole everything they could from common folks (soldiers carrying many watches on their hands that needed to be removed in propaganda photos later) and raped whom they could. Not all of them just to be clear, but many many (stories of my grandparents).
ta1243•9mo ago
toxicunderGroov•9mo ago
philipallstar•9mo ago
Well of course. Just as Europe wants American businesses to spend more money on the EU through fines.
ta1243•9mo ago
America does not want Europe to have its own defence industry, as this makes Europe less reliant on America.
Now I would argue that Europe needs to treat IT services (cloud etc) as a strategic importance like Food and Defence, and America has shown - not just over the last few months, but increasingly over the last decade, that it may not be the reliable partner Europe once thought it was.
That would mean subsidising IT in Europe and increasing barriers to non-european services -- i.e. artificially increasing costs of AWS and Azure, but Europe hasn't done that yet.