EU weighs restricting use of U.S. cloud platforms to process sensitive government data, sources tell CNBC

The European Union is considering rules that would restrict its member governments’ use of U.S. cloud providers to handle sensitive data, sources familiar with the talks told CNBC.

The European Commission — the EU’s executive branch — is expected to present its “Tech Sovereignty Package” on May 27, which will include a range of measures aimed at bolstering the bloc’s strategic autonomy in key digital areas.

As part of preparations for that package, discussions are taking place within the Commission around limiting the exposure of sensitive public-sector data to cloud platforms provided by companies outside of the EU, two Commission officials, who asked to remain anonymous as they weren’t authorized to discuss private talks, told CNBC.

As tensions with U.S. President Donald Trump’s administration have intensified, there have been calls for Europe to diversify away from U.S. cloud providers, which currently dominate the European market, and towards homegrown providers for its most critical workloads.

“The core idea is defining sectors that have to be hosted on European cloud capacity,” one of the officials said. They added that companies providing cloud solutions from third countries, including the U.S., could be impacted.