€180 Million for Sovereignty

What Europe’s Sovereign Cloud Tender Actually Buys, in a Year When the US and China Will Spend $700 Billion Between Them on AI Compute

By Thorsten Meyer — ThorstenmeyerAI.com

On April 17, 2026, the European Commission announced that it had awarded its Sovereign Cloud tender. Four European provider groups will share contracts worth up to €180 million over six years — that’s roughly €30 million a year — to supply sovereign cloud services to EU institutions. The framework behind the award, developed specifically for this procurement, introduces a graded sovereignty scale called SEAL (Sovereignty Effectiveness Assurance Levels), running from SEAL-0 (no sovereignty) to SEAL-4 (full EU supply chain, from chips to software). Three of the four winners reached SEAL-3. One — Proximus, leading a consortium that includes a Thales / Google Cloud joint venture — reached SEAL-2.

The Commission framed the result as a milestone for European digital sovereignty.

I want to agree. There’s genuinely something new here, and dismissing it would miss the point. But I also want to put the number next to two other numbers that have been reported in the same month:

The big five US hyperscalers are projected to spend between $600 and $700 billion on capex in 2026, with roughly 75% — around $450–520 billion — going specifically into AI infrastructure. Amazon alone has guided to about $200 billion. Google $175–185 billion. Meta $115–135 billion. Microsoft $110–120 billion. Oracle $50 billion.
China’s four largest internet companies — Alibaba, Tencent, ByteDance, and Baidu — have committed a combined $84 billion to AI infrastructure by 2027, with Alibaba alone running a three-year $52 billion buildout and reportedly considering expanding that to $69 billion.

Put crudely, the US is spending roughly $700 billion a year on compute. The EU Commission just awarded €30 million a year on procurement of sovereign cloud services. That’s a ratio of about 20,000 to 1. Even if you compare the full annual capex of US hyperscalers to the total annualized EU investment in AI compute infrastructure — the €10 billion already committed across 13 AI Factories, plus the €20 billion public component of the InvestAI programme for AI Gigafactories, plus the €230 billion of expressions of interest that programme has attracted from 76 consortia across 16 member states — you still get a ratio of roughly 20 to 1 in the US’s favour on annual capex, and that’s counting the European private expressions of interest that may or may not materialize.

This is not the framing the Commission’s press release uses. It should be.

The €180 million tender is a procurement rule, not an investment. Conflating the two makes the whole thing look smaller than it is. But the €20 billion InvestAI number, even generously interpreted, sits roughly one order of magnitude below annual US hyperscaler capex. That is the context the Commission declined to provide, and it is the context an exec reading the news needs.

The question isn’t whether the SEAL framework is a good idea. It is. The question is whether a governance-first sovereignty strategy can hold its ground when the other side is spending a hundred times more on the underlying compute, every single year.

Let me walk the whole thing carefully.

€180 Million for Sovereignty — Europe’s Sovereign Cloud Award in Global Context

Beyond the Public Cloud: Architecting Private, Secure, and Sovereign AI for the European Enterprise

Implementing Cellular IoT Solutions for Digital Transformation: Successfully develop, deploy, and maintain LTE and 5G enterprise IoT systems

I. What the Tender Actually Did

The Commission’s Cloud III Dynamic Purchasing System tender, launched October 2025, concluded on April 17, 2026 with four awards:

Post Telecom (Luxembourg), partnering with French operators OVHcloud and CleverCloud
STACKIT (Germany), the cloud brand of Schwarz Digits — the technology arm of the retail group that owns Lidl and Kaufland
Scaleway (France), part of the Iliad Group (also owner of Free and serving Mistral AI’s workloads)
Proximus (Belgium), leading a consortium that includes S3NS (a joint venture in which Thales holds a controlling stake and Google Cloud provides the underlying infrastructure), Clarence, and Mistral AI

The first three consortia reached SEAL-3. Proximus-S3NS reached SEAL-2 — the minimum eligibility threshold.

These are not vendor rankings. They are sovereignty grades. And that’s where the framework becomes interesting, because nothing like it existed six months ago.

The SEAL framework, in plain terms

The Cloud Sovereignty Framework assesses providers on eight criteria: strategic, legal, operational, environmental, supply chain transparency, technological openness, security, and compliance with EU laws. Those scores aggregate into a graded level:

SEAL	What it means
SEAL-0	Complete lack of sovereignty.
SEAL-1	Basic compliance with EU law, but with significant exposure to non-EU legal regimes or supply-chain interference.
SEAL-2	Data sovereignty. The provider abides by EU law without requiring additional customer-side technical measures.
SEAL-3	Digital resilience. Service, technology, or operations are immune from non-EU supply-chain disruption.
SEAL-4	Full EU supply chain, from chips to software.

Here is the single most important fact about the award, and the one neither the Commission’s press release nor most of the coverage emphasised: nobody reached SEAL-4. Not one of the four winners. Not one of the losing bidders. Zero out of all respondents.

That’s not a failure of the tender. It’s the framework telling you something true: there is no fully-European cloud supply chain today, chip to software, because there is no European frontier-class AI chip manufacturer. Not at the frontier. Not even close. The best the EU can build right now, with its best providers, is a stack that uses non-European silicon at the bottom layer and compensates through EU-controlled operation at the layers above.

SEAL-4 is the tendon the framework exposes. SEAL-3 is the best Europe currently ships.

Why the Commission thinks this is a win

The framing is that before SEAL existed, sovereignty was an abstract principle. You couldn’t procure against it because you couldn’t measure it. Different member states, different institutions, different procurement officers all meant different things by “sovereign.” SEAL gives them a shared vocabulary, a scoring rubric, and a defensible procurement process. That’s real, and it’s exportable — the Commission has already said it will publish an updated framework and that other public-sector bodies are welcome to reuse it.

This is genuine policy innovation. It may also be the only governance instrument Europe has that can move fast enough to matter. The AI Act is big, slow, and contested. CADA (the Cloud and AI Development Act) is still being debated. SEAL is a procurement rubric that already produced four awards and a concrete ladder that providers can climb. In that sense, it’s the most operational piece of European AI policy shipped in 2026 so far.

II. The Proximus-S3NS Signal

The most politically significant thing about the award is not that three consortia hit SEAL-3. It’s that one consortium hit SEAL-2 — the eligibility floor — and that consortium is anchored on Google Cloud technology operated by a Thales joint venture.

The Commission addressed this directly: “non-European technologies, when operated within a strict and appropriate framework, can meet the minimum level of sovereignty required.”

Read that sentence twice. It is doing a specific kind of work. It separates sovereign operation from sovereign technology, and it concludes that the former can stand in for the latter under a sufficiently strict governance structure.

This is the line that European cloud providers were warning about six months ago.

CISPE — the Cloud Infrastructure Service Providers in Europe, a trade association of 38 European providers — published a sharp critique of the SEAL framework in October 2025, before any award was made. The central claim, from CISPE secretary general Francisco Mingorance: you are either sovereign or you are not. There can be no 75% organic food, and there should be no 75% sovereign cloud. The weighted-average scoring system, CISPE argued, would let providers accumulate enough points across auxiliary criteria to score well on sovereignty overall, even while failing the one that actually decides whether a foreign government can compel access to your data: legal jurisdiction. That criterion, under the Commission’s weighting, accounts for roughly 10% of the total score.

The April 17 outcome is a vindication of the CISPE critique. A consortium built on Google Cloud infrastructure — technology ultimately owned by a US company and therefore subject to the US CLOUD Act, which allows American authorities to compel data access from US-headquartered providers anywhere in the world — qualified as a sovereign provider under the framework. It reached the floor, not the ceiling, but it qualified.

A Microsoft executive admitted under oath in a French Senate inquiry in July 2025 that Microsoft could not guarantee data sovereignty to European customers because of the CLOUD Act. That admission did not change under the Sovereign Cloud Framework. What changed is that a model was invented — sovereign operation of non-sovereign technology by an EU-controlled entity — that lets the framework treat the same underlying stack as acceptable when it’s wrapped correctly. Whether that’s a useful compromise or a sovereignty-washing exercise depends on which side of the argument you sit.

Both views are defensible. The Commission’s view is the pragmatic one: if you reject every provider that touches non-EU technology, you procure nothing, because SEAL-4 is currently a null set. CISPE’s view is the structural one: if the framework lets the biggest US hyperscalers qualify by restructuring their legal ownership through European joint ventures, it becomes sovereignty as a compliance exercise rather than as an actual supply-chain independence.

The evidence right now suggests the Commission chose the pragmatic path deliberately. It will take several years to see whether that was the right call.

III. The Scale Context the Press Release Doesn’t Provide

Here is the part I want to do carefully, because the scale mismatch is real and the comparison is easy to botch in either direction.

The US: an industrial-scale compute buildout, debt-funded

The big five US hyperscalers — Amazon, Google, Meta, Microsoft, and Oracle — have collectively guided to $600 to $700 billion in capex for 2026. Credit Suisse’s Epoch AI modelled their combined quarterly capex from Q2 2023 to Q4 2025 and found it growing at 72% per year; if that trajectory held, 2026 would hit around $770 billion. Roughly 75% of this capex is AI infrastructure — servers, GPUs, networking, data centre shells, and the power capacity to run them.

The largest single programme inside that total is Stargate, a $500-billion, four-year, 10-gigawatt infrastructure venture announced at the White House in January 2025 by OpenAI, SoftBank, Oracle, and MGX. Stargate has now expanded to at least seven announced data centre sites totalling nearly 7 GW of planned capacity, with more than $400 billion in stated investment over the next three years. The programme has had real delays — The Information reported in February 2026 that OpenAI, Oracle, and SoftBank had been arguing over project structure for months, and that Stargate had effectively operated as a badging exercise for projects OpenAI and Oracle signed bilaterally — but even with the delays, the pace of US AI infrastructure buildout in 2025-2026 has no historical precedent.

To fund it, hyperscalers raised $108 billion in debt in 2025 alone. Projections suggest $1.5 trillion in debt issuance over the coming years. Capital intensity — capex as a share of revenue — has reached 45–57% for the big four. Goldman Sachs has flagged that hyperscaler AI capital deployment could exceed $500 billion in 2026. Morningstar noted that the 2026 combined capex of these five companies will be more than four times what the publicly traded US energy sector spends to drill for oil and gas, deliver gasoline to stations, and run large chemical plants.

China: smaller in absolute terms, structurally different

China’s top four internet companies — Alibaba, Tencent, ByteDance, Baidu — have committed a combined $84 billion in AI infrastructure by 2027, per Goldman Sachs projections, a 60% jump from 2025 levels. Alibaba alone announced a 380 billion yuan ($52 billion) three-year commitment in February 2025, and according to reports was considering raising that to around $69 billion. Tencent plans to double its AI investment in 2026 versus 2025. ByteDance is reportedly planning $14 billion on Nvidia chips alone in 2026.

Chinese spend is smaller than US hyperscaler spend — roughly one-eighth the scale — but it sits inside a more coordinated state-industrial structure. The Chinese government has committed to a “National Integrated Computing Network” pooling public and private data centre capacity. State AI investment funds have deployed billions into domestic chip development, LLMs, and start-up ecosystems. Export controls on advanced chips have created real constraints — Tencent stated publicly that its 2025 capex came in below internal plans because it couldn’t source enough AI accelerators — but Beijing has also recently granted ByteDance, Alibaba, and Tencent permission to collectively buy up to 400,000 Nvidia H200 chips, and domestic alternatives from Huawei’s Ascend series and Alibaba’s own T-Head chips continue to mature.

The structural point: China’s compute strategy is a state project with private execution. The EU’s cloud strategy, so far, is a market project with state procurement.

Europe: an order of magnitude below, with structural gaps the numbers can’t fix

Now put Europe in the picture. There are three relevant numbers, and they belong to different layers of the same strategy:

€180 million over six years — the Sovereign Cloud tender just awarded. This is procurement of services, not infrastructure spending. ~€30 million a year.

€10 billion — total committed to the 13 AI Factories launched across EU member states under EuroHPC JU since 2024, with implementation running through 2026-2027.

€20 billion — the public component of InvestAI, the EU programme announced by Ursula von der Leyen in February 2025 to build four to five AI Gigafactories across the bloc. Each gigafactory is estimated at €3-5 billion. The formal call, originally expected late 2025, was pushed to early 2026 after receiving 76 expressions of interest — indicating cumulative intended investment of more than €230 billion over the next three to five years from participating consortia.

The €230 billion number is the one that most forcefully closes the scale gap, at least on paper. If — and it is a significant if — that private capital materializes alongside the public contribution, Europe would be in the same order of magnitude as the US and China on AI infrastructure investment by the end of the decade. Not at parity. But not irrelevant.

The structural problem sits lower in the stack. None of the €230 billion, however much of it actually arrives, addresses the fact that the highest SEAL level anyone reached in April was SEAL-3, and the reason nobody reached SEAL-4 is that Europe does not manufacture frontier AI accelerators. Not Nvidia-class. Not at the leading node. There are credible European semiconductor companies — ASML for lithography, Infineon and STMicroelectronics for various chip categories — but there is no European equivalent of Nvidia, AMD, or TSMC at the node density where frontier AI compute actually lives.

This is why the Proximus-S3NS structure exists. You can build sovereign operation on top of non-sovereign silicon. You cannot, today, build a sovereign stack from the silicon up.

IV. What This Means — Three Honest Scenarios

I don’t think this resolves into a single prediction. The range of plausible outcomes over the next three to four years is wider than the vendors and the Commission are each currently admitting. Here are three scenarios, each internally coherent.

Scenario A: The governance strategy compounds

The SEAL framework becomes the European procurement default. Member states adopt it, then public-sector organisations across the bloc adopt it, then regulated industries — financial services, healthcare, defence, critical infrastructure — are required by national regulators to match it. European providers that hit SEAL-3 today compound their position. By 2029, a defensible 20–30% of European cloud spend routes through sovereign-compliant providers, up from around 15% today. The CADA legislation lands with teeth, drawing a clearer line around what qualifies as sovereign for public procurement. The €20 billion InvestAI mobilizes enough private capital that three or four gigafactories actually get built, each one creating regional compute capacity for European AI startups, including Mistral and others. The US hyperscalers still dominate the overall European cloud market — they keep the 65–70% share they have today in non-sovereign-regulated workloads — but the sovereign slice has become large, regulated, and lucrative enough that it develops its own gravity. Europe does not catch up at the frontier. It builds a defensible middle tier of trusted infrastructure, on its own terms.

Scenario B: Sovereignty becomes a compliance wrapper

The Proximus-S3NS model generalizes. US hyperscalers restructure more aggressively to qualify as “operationally sovereign” under SEAL-2 or SEAL-3 — Microsoft’s recent partnerships with Orange and Capgemini for Bleu in France point in this direction, as does AWS’s European Sovereign Cloud unit headquartered in Germany. By 2028, sovereignty in European cloud procurement means “the infrastructure is Google Cloud or Azure, but the operating company is EU-incorporated and has contractual commitments to resist non-EU jurisdiction.” Most sovereign-cloud awards go to these hybrid structures because they offer both the sovereignty credentials procurement officers need and the actual capability — especially on AI — that smaller European providers still can’t match. Native European providers — OVHcloud, Scaleway, STACKIT, IONOS, and the like — remain viable but occupy a shrinking niche of workloads where the customer actively values the full European stack over capability. CISPE’s “sovereignty washing” warning turns out to have been accurate.

Scenario C: Fragmentation

Different member states read SEAL differently. National procurement officers score the same consortium to different levels. Some member states — probably France and Germany — tighten their national interpretations beyond the baseline framework. Others — probably the smaller eastern and southern states — lean on the flexibility that lets Proximus-S3NS-style consortia qualify, because those states don’t have native providers that can realistically bid. A patchwork develops. Each sub-market has its own definition of sovereignty. US hyperscalers navigate the patchwork with different legal structures in each jurisdiction. The cost of cross-border public-sector digital services rises. This is the outcome CISPE implicitly predicts by focusing on “fragmentation and confusion.”

The honest answer

Scenario A requires the political will to actually enforce sovereignty requirements even when it means paying more for less capability. Scenario B requires the hyperscalers to read the room correctly and lean into the operational-sovereignty structure — they have every reason to. Scenario C is the default if nothing else happens.

My personal forecast, for what it’s worth, is a blend: Scenario B for most workloads, with a genuine Scenario A island in specific regulated domains (defence, certain parts of financial services, some healthcare), plus Scenario C friction in the middle. That outcome doesn’t look heroic from Brussels’ perspective. It also may be the best realistic version of European digital sovereignty given where the starting line actually sits.

V. What an Exec Should Take From This

Three things, regardless of where your company sits in the landscape.

1. If you operate in Europe, SEAL is now part of your vocabulary whether you deal with public-sector customers or not. It will show up in private-sector RFPs within 18 months. It will show up in regulated-industry compliance checklists within 24 months. The framework is imperfect — CISPE is right about that — but it’s the first measurable sovereignty rubric Europe has, and imperfect shared rubrics beat unmeasurable abstract ones every time. If your company resells, integrates, or depends on cloud services in Europe, you should be able to name your provider’s SEAL score by this summer. If you can’t, a procurement officer somewhere will ask, and you won’t have an answer.

2. Don’t mistake procurement for investment. The €180 million number has been reported widely this week as if it were an EU investment in cloud sovereignty. It isn’t. It’s the EU buying services. The actual EU investment in sovereign AI compute sits in InvestAI (€20 billion public, €230 billion mobilized) and the AI Factories programme (€10 billion). That’s an order-of-magnitude bigger pile, with real uncertainty about how much of the mobilized private component actually shows up. When the numbers next show up in a news article, note which bucket they’re coming from.

3. The scale gap is not going away on the current trajectory. The US is building a continent-scale AI compute layer on debt-funded hyperscaler capex at a rate Europe cannot match, either publicly or privately, for the rest of this decade. China is doing the same at one-eighth the scale inside a state-coordinated structure. Europe is building a sovereignty framework that lets it regulate and procure against this environment without closing the compute gap. For the foreseeable future, European companies operating at the frontier of AI will continue to use US hyperscalers for most workloads, and the sovereignty conversation will be about which workloads to exempt rather than about wholesale substitution. That may change by 2030 if the gigafactories get built and if chip policy finds its feet. It has not changed yet.

VI. The One Line Worth Remembering

The Commission’s framing is that the Sovereign Cloud tender is a “digital sovereignty milestone.” That’s true inside a narrow definition of milestone — the first measurable sovereignty procurement in EU history, a template other member states can adopt, four European consortia sharing a six-year contract.

In the wider frame, the milestone reads differently. Europe just spent roughly €30 million a year to procure sovereign services while the rest of the world spent something close to twenty thousand times more on the compute those services will eventually have to compete against. The framework is good. The framework is not the answer to the problem. The framework is what Europe can ship right now, and it will work only if it’s paired with a compute-scale answer that has not yet been shipped.

The SEAL rubric is Europe’s policy innovation of 2026. The scale gap is Europe’s structural problem of the decade. Confusing the first for a solution to the second is the mistake the press release invites, and it’s the one serious execs and serious policymakers should not make.

Thorsten Meyer is the founder of ThorstenmeyerAI.com, covering AI infrastructure, market structure, and the governance patterns shaping how compute gets built and procured in the era of production AI.

Sources: European Commission press release (17 April 2026) · Sequoia Capital / Block “From Hierarchy to Intelligence” (for broader AI infrastructure context) · Dell’Oro Group 2026 data centre capex forecasts · Epoch AI hyperscaler capex trend analysis · CreditSights 2026 hyperscaler capex estimates · CNBC, Reuters, Financial Times, The Information, The Register, The Next Web, and ITPro coverage of the Cloud III tender · CISPE October 2025 critique of the Sovereign Cloud Framework · Goldman Sachs projections on Chinese AI infrastructure commitments · Synergy Research and CEPA data on European cloud market share · OpenAI Stargate announcements (January 2025 through March 2026).

€180 Million for Sovereignty

Up next

Author

Thorsten Meyer

Share article

What Europe’s Sovereign Cloud Tender Actually Buys, in a Year When the US and China Will Spend $700 Billion Between Them on AI Compute

Beyond the Public Cloud: Architecting Private, Secure, and Sovereign AI for the European Enterprise

Post Telecom, STACKIT, Scaleway, Proximus — and the SEAL score each reached.

Post Telecom + OVHcloud + CleverCloud

STACKIT (Schwarz Digits · Lidl/Kaufland parent)

Scaleway (Iliad Group · hosts Mistral AI)

Proximus + S3NS (Thales/Google Cloud JV) + Clarence + Mistral

Implementing Cellular IoT Solutions for Digital Transformation: Successfully develop, deploy, and maintain LTE and 5G enterprise IoT systems

From no sovereignty to full EU stack — what each level actually means.

cloud sovereignty compliance tools

Annual AI-compute spend — EU tender vs. Chinese BAT vs. US hyperscalers.

Observability in the AI-Native Era: Leveraging AIOps to build, observe, and operate resilient systems

None of them look like parity. One of them still looks like victory.

The governance strategy compounds

Sovereignty becomes a wrapper

Fragmentation