Brussels’ new Data Act is less a swipe at America than a shot at the tech giants’ walled gardens. The EU regulation, which came into force last week, promises to pry open Europe’s cloud market by stripping away the contractual tricks and technical hurdles that keep customers tethered to Amazon, Microsoft and Google. But the European cloud sector warns that without tough enforcers and political will to face down Washington, Big Tech could still find ways to keep its grip on Europe’s data economy.
By dismantling technical and contractual barriers that for long have tied customers to the largest providers, the Data Act seeks to make the European cloud market more open and competitive. Yet CISPE, an association representing the community of European cloud infrastructure service providers, warns that the law needs “strong sheriffs” in times when European enforcement fears American retaliation.
Less exit taxes
One of the clearest examples of the law’s influence is the recent retreat of “egress fees.” Over the past months, the largest global providers, such as Amazon, Microsoft and Google, began rolling back so-called egress fees. These are charges imposed on customers who want to move their data out of one cloud and into another.
Critics have long argued these fees acted as a digital “exit tax” discouraging switching and effectively locking customers into a single provider. For businesses transferring large amounts of information, the costs could run into tens of thousands of euros. As a consequence, multi-cloud strategies were prohibitively expensive.
However, in recent months, major providers have begun to adjust these practices. Google launched its Data Transfer Essentials service, which offers free inter-cloud transfers for qualifying workloads in the EU and UK. Microsoft announced it would charge only the actual cost of data transfers within Europe. At the same time, Amazon waived exit fees for certain customers transferring workloads.
You might be interested
For Francisco Mingorance, secretary general of CISPE, the timing is no accident. “Most European cloud infrastructure providers did not charge these fees and so bringing the largest players into line helps remove one set of barriers to portability that will benefit smaller providers”, he told EU Perspectives.
He stressed that the Data Act does not prevent providers from recovering genuine transfer costs. “The removal of unjustified egress fees should not limit any cloud provider’s ability to recoup the actual costs of exporting data”, Mingorance said. In practice, this reflects the law’s provisions. One of the key points of the Act is to “allow consumers to easily transfer data and switch between cloud providers”.
Delay could mean billions for Big Tech
The Data Act has sharpened a fragment within Europe’s cloud industry. Over the summer, industrial heavyweights including SAP, Siemens and Schneider Electric sent a joint letter to the European Commission urging a two-year postponement of the Data Act. They argued that the law’s broad obligations, combined with the technical work needed to adapt IT systems and contracts, could create serious compliance costs and disrupt investment.
Mingorance rejects this reasoning. “All players have had ample time to prepare for the full application of the Data Act”, he said, as the regulation’s adoption in early 2024. For him, calls for delay are more about preserving business models built on customer lock-in. “A delay in the Data Act helps them maintain and grow their ‘captive’ market share. A year of delay can represent billions of euros in revenues. No wonder delay is the preferred option”, he argued.
To support compliance, CISPE developed its Cloud Switching Framework. A set of guidelines and technical standards designed to help providers and customers move services and data without friction.
EuroStack or federated cloud?
The Data Act intersects with a broader debate on Europe’s digital sovereignty and dependence on US providers. To address this challenge, some policymakers advocate building a full-scale “EuroStack”, which is a European cloud infrastructure capable of rivalling big players. However, CISPE promotes an alternative solution. A federated model linking existing European providers so services can be combined like modular building blocks.
CISPE points to the Fulcrum project as a concrete example. The initiative allows customers to compose multi-cloud solutions by mixing services from multiple vendors. In Mingorance’s words: “We are calling for investment to be channelled towards these initiatives, which leverage and build on existing fragmented cloud capabilities, rather than building entirely new ‘EuroStacks’ capabilities from the ground up in 5 years, or longer”.
“EU governments are hesitant to go after large American companies”
“Regulations are only as good as their enforcement”, Mingorance warned. “In the current geopolitical context EU governments are hesitant to go after large American companies by fear of triggering retaliation and tariffs from the Trump administration”. He pointed to Brussels’ muted handling of a recent multibillion-euro fine against Google as evidence of regulatory shyness.
However, for Mingorance, “The Data Act is not anti-American but pro-competition.” He added that “The provisions of the Data Act, if policed by strong ‘Sheriffs’, will have the impact of highlighting these [“cloud cowboy”] actors and forcing them to change or driving them out of the market”.
Non-compliance can lead to fines of up to €20M or 4 per cent of a company’s total worldwide turnover. Other infringements are subject to national penalties that must be “effective, proportionate and dissuasive”. Yet some national authorities are not fully prepared. Business associations estimate that fewer than half of EU member states have legally empowered authorities to implement the law. This disparity leaves enforcement uneven across the bloc.
The Commission is working on tools to support the law implementation. It will set up a dedicated Data Act Legal Helpdesk and provide guidance on the use of data when it comes to protecting trade secrets.
