Global Financial Media
GFM
AI Energy

How can the EU ensure that AI sovereignty does not fall into the hands of tech giants?

—From Gaia-X and Sovereign Cloud to the European Experiment of "Hybrid Sovereignty"

By GFM Research Group
30 min

I. When " AI Sovereignty" Becomes a New Strategic Issue for Europe For Europe, "sovereignty" has never been just an abstract concept, but a collective memory repeatedly etched by war, energy crises, and financial turmoil. In the industrial age, sovereignty meant control over coal, steel, and ports; in the formation of the European Union, it meant finding a fragile balance between a common market, a common currency, and national autonomy.
Now that AI has become a new layer of general-purpose capabilities, "sovereignty" is being rewritten once again. If the most critical models, cloud platforms, and data centers are controlled by a few American or Chinese companies, then even the strictest GDPR and AI Act are merely "putting a European label on someone else's system." This is precisely the core meaning of "AI sovereignty" in the European context: it's not just about whether or not AI can be used, but about developing AI that aligns with one's own values and interests without being locked into the infrastructure of others.
Europe's AI sovereignty experiment is unfolding along several closely interconnected paths:

  • Embed European values into AI infrastructure through rules and standards (AI Act, etc.);
  • Rebuild controllable computing power and data infrastructure through "sovereign cloud" and federated architecture (Gaia-X, IPCEI-CIS, 8ra, etc.).
  • Combine energy and data center policies to ensure that computing power growth does not come at the expense of grid stability and climate goals.

The question is: are these arrangements sufficient to prevent the EU from falling into the trap of "subordinate intelligence" without closing its borders?

(Image caption) Gaia-X is the core of the EU's "federal cloud" vision, connecting different providers into an ecosystem that complies with EU regulations through a Trust Framework, identity and trust mechanisms, and sovereign data exchange.

II. How Europe defines " AI sovereignty": not complete self-sufficiency, but controlled dependence. Unlike the US's "market-led" and China's "state-led stacking" approach, the EU's definition of AI sovereignty has been characterized by "hybrid" and "compromise" from the beginning.
Policy and think tank documents typically divide AI sovereignty into several dimensions:

  • Infrastructure sovereignty: Possessing a cloud and computing power base governed by EU law, capable of supporting sensitive and high-risk AI applications;
  • Data and model sovereignty: Key data, model weights, and regulatory records remain within the EU jurisdiction, unaffected by extraterritorial laws (such as the CLOUD Act);
  • Rule sovereignty: Standards are set based on European values (privacy, antitrust, human rights, etc.) rather than being dominated by the self-regulatory frameworks of other parties after the fact;
  • Exit option: When a supplier's value conflicts with that of the EU, the supplier can truly switch and exit, rather than being locked into a single ecosystem.

The EU does not pursue complete self-sufficiency at all levels, but rather "controlled dependence." This explains why Europe has chosen a "hybrid sovereignty" approach: neither completely rejecting US hyperscalers nor abandoning the development of its own sovereign cloud and AI infrastructure.

(Image caption) The AI Act not only regulates models and applications, but also extends energy efficiency, traceability and auditing requirements to the infrastructure layer.

III. Gaia-X : From the Imagination of a "European Cloud" to the Reality of Federal Sovereignty
Gaia-X marks the starting point of this experiment. Led by Germany and France and supported by the European Union, this project aims to establish a "federal cloud ecosystem" that connects different vendors and users through standards and trust frameworks, thereby achieving data and cloud sovereignty within the EU legal domain.
The core of Gaia-X is not to create another European version of AWS, but rather:

  • Through a "trust framework" and a labeling system, services are required to comply with data sovereignty, security, and compliance standards.
  • This allows European businesses and the public sector to choose different "sovereignty levels," ensuring that sensitive data and metadata circulate only within the EU.
  • Multiple suppliers are integrated using a federal architecture, and anyone that complies with regulations and standards can be included in the ecosystem.

In 2025, Gaia-X released Trust Framework 3.0 "Danube," further enhancing interoperability and data space capabilities. However, its inherent contradictions are also evident: on the one hand, it challenges the dominance of non-EU cloud giants, and on the other hand, it incorporates these giants into its governance structure. This is known as "hybrid governance"—the advantage is that it can reshape compliance baselines using European rules, but the risk is that it may become a "compliance wrapper" for giants, failing to fully cultivate local infrastructure capabilities.
IV. IPCEI-CIS , 8ra , Virt8ra : From Standards to Entity Sovereign Cloud
In 2025–2026, the EU will shift from purely setting standards to directly investing in “sovereign cloud” and AI infrastructure.
Key projects include:

  • IPCEI-CIS (Important Projects of Common Interest – Next-Generation Cloud Infrastructure and Services): The EU is supporting 12 member states and more than 120 partners with over €3 billion in public and private funding to build sovereign cloud campuses and an interoperability ecosystem.
  • 8ra and Virt8ra : As extensions of Gaia-X, they emphasize a core architecture led by European companies, providing sovereign edge cloud and cloud services. Several European suppliers, including OVHcloud, Scaleway, and CloudFerro, have joined, focusing on developing AI-ready federated infrastructure.
  • Federal AI factories such as Fact8ra : AI-as-a-Service platforms based on a sovereign multi-cloud architecture that support the deployment of large-scale open-source language models.

These projects send a clear message: the EU is no longer content with simply having major companies "comply with GDPR in Europe," but is attempting to establish a hard infrastructure for computing power and cloud computing that it at least partially controls. For AI sovereignty, this means that critical workloads (especially in government, critical infrastructure, and high-risk sectors) can operate within a Europeanized environment, reducing reliance on external black boxes.

(Image caption) To avoid repeating the "Ireland Trap," the EU is closely linking its data center policy with the energy transition.

V. AI Act : Incorporating European Values into AI Infrastructure. If Sovereign Cloud and Gaia-X are "building walls and paving roads," then the AI Act is about establishing European traffic rules on those roads.
The AI Act not only sets risk levels at the model and application levels, but also takes some infrastructure issues into account:

  • Transparency and energy efficiency disclosure requirements are proposed for general purpose AI models (GPAI), and energy consumption and resource usage are incorporated into the compliance framework;
  • Promote energy efficiency optimization and environmental footprint recording to reserve space for stronger constraints in the future;
  • Emphasizing traceability and auditability provides the technical and compliance prerequisites for implementing AI on the sovereign cloud.

From a sovereignty perspective, the AI Act has done two key things: first, it institutionalized the energy costs and carbon footprints of AI services, making externalities no longer invisible; second, it enshrined auditability requirements in law, allowing EU regulators to review system behavior locally when necessary. In the long run, this will force giants to either accept deeper "local transparency and accountability" or give way to local solutions that offer greater sovereign protection.

(Image caption) From standards to real-world investment, projects such as IPCEI-CIS, 8ra, and Virt8ra have provided over €3 billion in funding to support European companies-led federal AI infrastructure.

VI. Energy and Data Centers: Avoiding the "Irish Trap"
The EU's shift in energy and data center policies is closely linked to AI sovereignty.
Ireland serves as a cautionary tale: data centers once accounted for over 20% of the nation's electricity consumption, triggering grid strain, emissions targets, and a crisis of public acceptance. In late 2025, Ireland's CRU introduced a new "LEU Connection Policy," requiring data centers to provide matching renewable energy (at least 80% of annual demand must come from Ireland's new renewable energy sources), configure dispatchable generation or energy storage, and prohibiting direct connection to fossil fuel power sources.
Progress is underway at the EU level:

  • In the first quarter of 2026, we will launch the "Data Center Energy Efficiency Package" in conjunction with the "Digitalization and AI Energy Sector Strategic Roadmap," with the goal of achieving near carbon neutrality for data centers by 2030.
  • Under the framework of "Digital Decade 2030", secure and sovereign cloud and data infrastructure is listed as a key investment area, emphasizing joint support from public and private funds;
  • Member states are encouraged to consider energy carrying capacity, grid resilience, and national AI sovereignty strategies when planning AI clusters.

The EU is trying to draw a red line between "attracting AI investment" and "preserving energy and infrastructure sovereignty" to avoid creating a new "energy dependency" by concentrating computing power in a few countries.
7. "Hybrid Sovereignty": Maintaining One's Own Soul on Another's Cloud Despite numerous efforts, Europe will find it difficult to completely break free from its dependence on the US's massive cloud infrastructure in the foreseeable future. Therefore, "hybrid AI sovereignty" has become a recent policy focus: in the context of global supply chains, how can institutional design ensure that, despite dependence, Europe retains decision-making and exit rights?
The main elements of the hybrid model include:

  • Federal infrastructure: Based on Gaia-X, 8ra, and Virt8ra, establish a workload architecture that can be labeled with different sovereignty levels;
  • Prioritize open-source and dedicated models: Support open-source AI and small models to reduce reliance on single closed frontier models, while also considering energy efficiency and local auditing;
  • Interoperability standards as a strategic tool: whoever controls the rules of "how to migrate from one platform to another" holds the real sovereignty.
  • Open but bounded international cooperation: expanding the community of rules through alliances, offsetting the pressure of a single great power ecosystem with "shared infrastructure" and "multilateral standards".

8. Can the EU really avoid being locked up by tech giants?

(Image caption) The EU does not pursue complete self-sufficiency, but rather "controlled dependence" and "hybrid AI sovereignty".



The EU's answer is neither optimistic nor pessimistic, but rather an "unfinished experiment":
At the level of rules and values, the AI Act and GDPR have embedded European philosophy into AI infrastructure; at the level of infrastructure, Gaia-X, IPCEI-CIS, Virt8ra, sovereign cloud, and the new energy policy are building a computing power foundation partially controlled by Europe; at the level of strategy, the EU has clearly proposed "hybrid AI sovereignty," attempting to transform dependence into a negotiable and adjustable cooperative relationship.
The real test lies in:

  • Whether sovereign cloud and AI infrastructure can approach the performance and cost of hypercloud remains to be seen; otherwise, "compliance" may not be able to withstand the pressure of reality.
  • Whether interoperability standards and exit strategies can be truly implemented, rather than remaining merely on paper;
  • Can China avoid repeating Ireland's mistakes in energy and data center policies—both attracting AI investment and maintaining grid stability and carbon neutrality goals?

In today's world, where AI is rapidly becoming "grid-like" and computing power is deeply intertwined with energy, the EU's sovereign experiment has far-reaching implications beyond Europe. If successful, it will provide a path for small and medium-sized countries and regions to maintain AI sovereignty under the shadow of giants; if it fails, the sovereign landscape of the AI era will become more concentrated in the hands of a few platforms and major powers.
Every choice the EU makes today regarding AI sovereignty is shaping the boundaries of the future global AI order—and who has the right to say "no" within that order.