Weekly Backlog Week 20/2026

🧠Editorial

Europe has been discussing digital sovereignty for about as long as companies have been “briefly testing” Kubernetes clusters in production.

Yet much of the current debate still feels like an infrastructure remake of “We have no alternative”.

This week makes that particularly clear.

The new lobby map reveals how deeply Big Tech is now embedded in political and economic networks. Anyone talking about Cloud, AI, or platform regulation in Berlin is almost inevitably speaking in an environment shaped by the very corporations whose power they aim to limit.

At the same time, Europe suddenly discovers its love for the “Sovereign Cloud.” OVHcloud, STACKIT, and European providers are receiving genuine political backing for the first time.

And simultaneously, Vodafone is selling digital sovereignty based on AWS.

This encapsulates the entire European cloud debate in one sentence: Europe wants to become more independent — but preferably without leaving the infrastructure it depends on.

The problem is not just technological. It’s strategic.

Because whoever controls the infrastructure also controls dependencies, standards, and room for maneuver in the long term.

Meanwhile, the Europol investigation once again shows how quickly technical possibilities become reality before control can catch up.

Cloud, data spaces, open standards, or platforms are no longer purely IT topics.

It’s now about political power in digital form.

📰Tech-News:

Big Tech Lobby Map

The new lobby map from the Center for Digital Rights and Democracy shows how closely Big Tech is intertwined with political and economic networks in Germany.

Google, Microsoft, Amazon, Meta, Apple, TikTok, or Palantir appear not just as individual companies. What becomes visible is the environment of business associations, lobby organizations, think tanks, and party-affiliated networks through which political influence is organized.

And this visualization explains why Europe has made little progress on digital sovereignty for years.

Because Big Tech doesn’t just lobby directly. The corporations are simultaneously part of business associations, industry associations, and lobby organizations involved in almost every relevant digital policy debate. According to the lobby register, Microsoft lists 50 memberships. Google lists 28.

Practically speaking: No matter where in Berlin discussions about platform regulation, Cloud infrastructure, AI, or data protection take place — Big Tech is almost always at the table.

The real issue is not lobbying itself. Lobbying is legal and part of democratic processes.

The problem is the extreme concentration of power behind it.

Because companies like Google, Amazon, or Microsoft now have resources that allow them to influence the legislative, executive, public, and economic structures simultaneously. According to the lobby register, the Big Five alone spent over 7 million euros on federal political advocacy in 2024.

The consequences are already visible in practice: Authorities rely on Microsoft infrastructures, AWS dominates public sector cloud projects, and Palantir is increasingly integrating into state systems.

Whoever controls digital infrastructure also controls political room for maneuver in the long term.

Particularly relevant is a statement from the operators themselves: This map shows only the tip of the iceberg. Not visible are law firms, PR agencies, product deals with authorities, or informal influence channels.

The real strength of this visualization lies elsewhere: It makes visible how systematically Big Tech has secured political power in Europe.

🔗 https://lobbylandkarte.digitalrechte.de

Europol to Get More Powers, More Staff, and More Budget

Just as it becomes known that the agency has apparently been operating allegedly illegal data analysis platforms for years.

According to the Correctiv investigation, vast amounts of personal data were processed there — including location data, financial data, phone connections, and ID documents. Sometimes even from people who were never under concrete suspicion.

And not in regular, transparently controlled systems, but allegedly in a shadow IT that largely escaped oversight.

Particularly noteworthy is the political reflex in Brussels: Not less power for Europol. More power for Europol.

While data protectionists have been sounding the alarm for years and internal warnings were apparently ignored, the EU Commission is already discussing expanding Europol into an even more operational police authority.

This reveals a fundamental problem in European security policy: Technical possibilities create facts — and legal control lags behind.

Because as soon as security agencies argue that more data means more security, data protection, control, and fundamental rights suddenly become surprisingly secondary.

🔗https://netzpolitik.org/2026/correctiv-recherche-europol-betreibt-mutmasslich-illegale-datenanalyseplattformen/

Europe Just Drew a Line for Big Tech

The EU Commission is awarding its new Sovereign Cloud tender worth 180 million euros predominantly to European providers: OVHcloud, STACKIT, Scaleway, and European consortia.

It was about time.

For years, Europe has outsourced its digital infrastructure to US hyperscalers — including data sovereignty, dependencies, and political control. AWS, Microsoft, and Google were treated as if there were no realistic alternative.

With the tender, something is happening now that was previously missing: The EU is defining concrete criteria for what digital sovereignty actually means.

The decisive factor is not the providers’ marketing, but the question of who ultimately controls infrastructure, operations, and supply chains.

Because the CLOUD Act does not disappear just because a data center is located in Europe. Anyone subject to US law remains potentially exposed to access by American authorities. Added to this are regulations like FISA 702 and the fundamental dependency on proprietary platforms, APIs, and pricing models of the hyperscalers.

This is precisely why transatlantic data protection agreements have repeatedly failed in European courts. And this is precisely why vendor lock-in is increasingly understood as a geopolitical risk.

This is what the Commission is now responding to.

Providers must prove that their services are not dependent on non-European actors. This significantly changes the market — because many previous models were built precisely on this dependency.

And suddenly it becomes clear how wrong the old narrative was that European providers were not technologically competitive.

OVHcloud, STACKIT, and Scaleway achieve high levels of security and sovereignty with their own technology and European control.

It is also interesting that Google indirectly remains part of the solution — through S3NS and European operating structures. But this also shows the European ambivalence on the topic of digital sovereignty.

Even in a tender explicitly intended to strengthen European independence, Europe remains technologically linked to US corporations at key points. The political will for sovereignty is visible — but at the same time, Europe continues to take the more convenient route of using existing hyperscaler technologies under European covers instead of consistently building its own alternatives.

In the short term, this may be pragmatic. In the long term, the actual dependency remains.

The direction is still clear: Europe is beginning to treat digital infrastructure not just as an IT issue, but as a strategic question of political and economic agency.

This has been talked about for years. Now, for the first time, concrete consequences are emerging.

🔗https://commission.europa.eu/news-and-media/news/commission-advances-cloud-sovereignty-through-strategic-procurement-2026-04-17_en

Vodafone Now Also Sells “Digital Sovereignty” Based on Hyperscaler

And that is precisely the problem. For years, European companies and politicians have been talking about becoming less dependent on US hyperscalers. And as soon as it becomes concrete, they end up back with Amazon Web Services (AWS), Microsoft, or Google — once again with “sovereign” added to the product name.

AWS talks about a “European Sovereign Cloud.” Vodafone talks about data sovereignty “Made in Brandenburg.” In the end, however, it still refers to an infrastructure that is technologically entirely based on Amazon.

The fundamental problem does not disappear as a result. Because digital sovereignty is still not determined by where a data center is located. It is determined by who controls the technology, who owns the platform, and what legal access it is subject to.

Because even an isolated AWS region in Brandenburg remains part of an American platform ecosystem subject to the CLOUD Act and surveillance regulations like FISA, whose proprietary services deliberately create long-term dependencies, and whose entire architecture is designed to bind companies technically, operationally, and economically ever deeper to the provider.

And that is why part of the current sovereignty debate now feels like #SovereignWashing

Existing dependencies are repackaged linguistically to make them politically more acceptable. An American cloud suddenly becomes a “European Sovereign Cloud,” even though technological and strategic control remains with a US corporation.

Europe discusses digital independence — and at the same time continues to build its critical infrastructure on American platforms.

Of course, it is easier to simply wrap existing hyperscaler technologies under European operating models. This reduces short-term risks, saves migration effort, and calms compliance departments.

But this very pragmatism has been part of the problem for years. Because every additional AWS dependency makes a later exit more difficult, more expensive, and more unrealistic. APIs, services, architectures, and operating models are deeply integrated into companies. This is precisely what the structural power of the hyperscalers is based on.

Particularly absurd is the narrative that European alternatives are not technologically competitive. At the same time, the EU Commission, with its own Sovereign Cloud tender, shows that providers like OVHcloud, STACKIT, or Scaleway are indeed capable of meeting demanding requirements.

The real problem is not the lack of technology. The problem is that Europe still reflexively chooses the most convenient path — even when officially wanting to reduce these dependencies.

🔗https://www.computerwoche.de/article/4168387/vodafone-setzt-bei-seinen-cloud-services-auf-aws.html