Given all the geopolitical and economic upheavals so far seen in 2025, concerns about U.S. tech dominance, and fear of services from (non-European) IT providers being withdrawn as a result of government executive orders, the big question we keep hearing in Europe is “What is Plan B”?
I can answer that.
Firstly though, it should be noted that Europe’s interest in digital sovereignty has always been high. Now, as geopolitical tensions escalate and regulatory uncertainty deepens, many organisations on the continent see this as a strategic imperative.
But…
Geopolitical risk has typically been a low-ranking market driver for those seeking sovereign solutions in Europe. Sure, IDC’s 2025 Worldwide Digital Sovereignty Survey shows that this has climbed up the rankings, now attracting more than a quarter of responses compared to last year when it was slightly less and even coming bottom of the list of drivers as it has done so in the years prior to 2024.
What’s more revealing is that Europe now has a new top sovereign cloud market driver: protection against extra-territorial data requests.
This reflects growing anxiety over foreign access to sensitive data and a clear signal that sovereignty is no longer just about compliance and control, but has a greater focus on autonomy.
The European provider’s response: “Plan B”
In what can be regarded as a largely unprecedented move, Europe’s service providers have reacted swiftly and have taken a proactive approach, joining forces to offer what they consider to be the “alternative” (and many also promote the idea of services, platforms and providers that can be labelled as “Made In Europe”).
Some examples here include EuroStack, which calls for a Europe-led digital supply chain spanning chips, cloud, AI and digital governance; virt8ra (pronounced virtoora), which is billed as Europe’s first sovereign edge cloud; and the EU-funded Sovereign European Cloud API (SECA) which is available to all European cloud providers for cloud infrastructure management.
These initiatives reflect a broader push to reclaim digital autonomy and reduce dependency on non-European tech giants.
The global cloud providers’ response: committed to Europe
The global cloud providers have not been standing still. And of course, none of them are about to walk away from their highly successful business operations in Europe.
In recent months, several big name providers, such as Google and Microsoft, have enhanced their sovereign offerings to emphasize how sovereignty and U.S. big tech can work provided the right controls and partnerships are in place.
And clearly, just as the global cloud providers are not planning to abandon Europe, Europe is not planning to abandon them.
For instance, despite all the media hype earlier this year around German authorities “ditching” Microsoft in favour of their own home-grown solutions (in June 2025, the German state of Schleswig-Holstein rolled out the OpenTalk videoconferencing solution, developed by Berlin-based Heinlein Support, across all state agencies), partnerships with U.S. providers continue to be announced.
These include the German Federal Office for Information Security’s (BSI) strategic cooperation agreement with AWS in the run-up to the launch of the AWS European Sovereign Cloud in Germany later this year.
Separately, the BSI has also teamed-up with Google Cloud to support the development and deployment of secure and sovereign cloud solutions for government agencies, including the German military that will use an air-gapped version of Google distributed cloud.
IDC’s response: Techxit? What techxit?
Despite their increased interest in sovereign solutions due to all the geopolitical turmoil, just 4% of European organisations say they plan to stop using cloud services and platforms from global public cloud vendors and only partner with local cloud providers.
Thus, reports of ‘techxit’ – the prospect of U.S. providers being forced out of Europe for whatever reason – are greatly exaggerated.
Instead, the dominant strategy is staying “glocal”: combining global innovation with local control by using both global and local providers, and many organisations in Europe say they will continue to depend on global cloud vendors.
What’s more, the idea of a full-scale “techxit” remains impractical, given the deep integration of global technologies in European IT environments.
Of course, it would be naïve to think that buyer expectations have remained unchanged in 2025 – far from it. The expanded interest in digital sovereignty in Europe is expected to account for a decrease in organisations using sovereign cloud from not only global providers but also their local counterparts, with managed providers seeing a slight increase. The changes here are not huge but significant enough for all providers to take not.
What all providers need to consider
To succeed in this evolving landscape, cloud providers must:
- Offer verifiable protections against extra-territorial data access
- Prioritize network sovereignty, including data in transit
- Invest in AI governance and compliance-first infrastructure
- Build regional partnerships to meet local expectations
- Embrace open standards to support interoperability and avoid vendor lock-in
So what is “Plan B”?
IDC has long maintained that a trusted ecosystem of partners is needed for sovereignty to work at scale, and we believe this should include a combination of using global and local providers.
For the global cloud players that means looking for the right regional and in-country partners to help boost local credibility and to deliver local services, local expertise and leverage local knowledge.
For the local service providers, it means partnering with global players to help deliver innovation and scalability.
And then the global SaaS providers need to be able to work across both to develop and deliver customized offerings within sovereign frameworks.
Europe’s vision for digital sovereignty is not about isolation — it’s about balance. The goal is to level the playing field, reduce dependency, and ensure that the continent can compete globally while retaining control locally.
Ultimately it’s about the sovereign aspect of digital self-determination and survivability and self-sufficiency. The latest geopolitical uncertainties indicate a recalibration of Europe’s cloud market, not a rejection of global providers.
So what’s Plan B? Our advice to organisations in Europe seeking sovereign solutions is to stick to Plan A.
For more information and to see what Rahiel is covering, look here: Digital Sovereignty.
Got a specific question? Drop it in here.