Gaia-X was to become the prestige project of the European Union: its own European cloud for data storage, in which data is processed securely and sovereignly. Fear of espionage by the United States via American tech giants, but also of Chinese snooping around interesting company data, prompted a major European response.
But how difficult it is in practice to keep foreign providers out is apparent from the fuss around the annual meeting in Milan last week. The list of sponsors also featured the names of Huawei and Alibaba.
Of course you can think: oh well, if the Chinese are so eager to pay for lunch and coffee, there is nothing wrong, is there? But their involvement does not stop at sponsoring events. Non-European technology companies that are members of the cloud consortium are now so powerful that European companies are feeling increasingly uneasy. It was reason for the French Scaleway to withdraw. While it is not surprising that this company was initially given the impression that Gaia-X would be an EU-only project, the Union opted for an ‘open and inclusive’ approach.
That means that Google, Microsoft and Amazon are also joining in and expanding their software empires. Together they already own 70 percent of the global cloud as a service (software subscriptions and other services as a product, rather than storage space) market. The turnover in that sector has already passed the 300 billion dollar mark and the European Commission expects this to triple in the next three years. The largest European cloud provider, Deutsche Telekom, accounts for 2 percent of the global market.
It is not only relevant in which country the parent company of these large providers is located; essential are the criteria to guarantee that data of European citizens and companies is stored and processed securely. For example, data processed in the Union should not be used under non-European legislation, according to Brussels.
It is not clear exactly how this should be achieved. On the other side of the Atlantic, laws have been passed with a similar, but opposite goal: the US Cloud Act forces US providers to transfer data stored outside the US by court order. And China also has a national intelligence law that obliges companies to cooperate if the authorities want to collect information.
Gaia-X was presented two years ago as the European answer to precisely this foreign interference and dependence on market parties. During the same period, the United States began to decouple Chinese network technology.
It is now clear that in practice it is not possible to have a European cloud built by purely European companies. Stimulating and strengthening a European cloud industry will be difficult if the door is open to all at the same time. Even the controversial American company Palentir was involved with Gaia-X from day one. This makes the project actually a castle in the air.
What remains is an organization with a budget of 187 million euros – from the German government, provided through the stimulus fund of the European Commission – that can contribute to common standards so that cloud services are better aligned. The argument for this is that smaller companies can then join in more easily. For now, they are still in an overwhelming shadow of Silicon Valley.
Marietje Schaake writes a column on technology, policy and economics here every other week.
A version of this article also appeared in NRC in the morning of November 26, 2021