Weekly Backlog Week 27/2026
🧠 Editorial This week is about much more than just Cloud and AI: The EU is targeting AWS and Azure, …

This week is about much more than just Cloud and AI: The EU is targeting AWS and Azure, Palantir is once again sparking discussions, and the USA is making it clear that technological supremacy has long been a part of geopolitics. We also take a look at Open Source as a beacon of hope for Europe’s digital future and, as usual, gather exciting short news and recommendations.
A special highlight is the guest article by Bernhard Biedermann, who explains why digital sovereignty does not begin with Cloud strategies but with the fundamentals of IT security and technical understanding. A thought-provoking perspective shift that shows why this topic concerns us all.
The EU Commission initiated a decision yesterday with implications far beyond competition law.
It provisionally considers Amazon Web Services (AWS) and Microsoft Azure as gatekeepers under the Digital Markets Act (DMA). This means: The two largest Cloud platforms in Europe would be subject to special rules in the future because their market position significantly influences competition. The final decision is expected in the fall.
This is a signal that, in my opinion, was long overdue, as Cloud infrastructures are no longer an ordinary IT market. They form the foundation for business processes, public administration, and increasingly for AI applications. Whoever controls this infrastructure not only shapes prices but also the scope of action for their customers.
That is precisely why the Commission is focusing on the mechanisms by which market power is permanently secured. Not through better products alone, but through technical and economic barriers that make it difficult to switch providers.
If the classification is confirmed, AWS and Azure would have to dismantle these barriers and open their platforms more to competition. This does not dissolve Europe’s dependency on the hyperscalers, but it would be a first concrete step to prevent further entrenchment.
Digital sovereignty does not arise from political speeches. It arises where markets function again and companies regain real room for maneuver.
That is why this decision is much more than a regulatory process. It marks a change of course.
The current Golem article about the use of the Palantir platform VeRA in Bavaria confirms for me a development that has been foreseeable for years: From an allegedly narrowly limited solution for counter-terrorism, it is gradually becoming an analysis tool for significantly lower-level offenses. The Federal Constitutional Court has already warned against this lowering of the intervention threshold.
However, something else seems even more problematic to me.
Palantir Technologies does not simply deliver software. The company provides the infrastructure on which police authorities merge data, establish relationships, and prepare decisions. Whoever controls this infrastructure inevitably influences state actions.
Therefore, I am not convinced by the argument that the data is ultimately stored in one’s own data center. Digital sovereignty is not determined by the location of the servers but by whether a state truly understands, controls, and can independently develop the technology it relies on.
This is precisely not the case with Palantir.
The software is proprietary. Every program version comes exclusively from the manufacturer. Every update brings new code into a system whose functionality the state can neither fully comprehend nor independently verify. Anyone who believes they can control millions of lines of enterprise code after each update underestimates the technical reality.
Moreover, there is the geopolitical dimension.
Palantir is deeply embedded in the US security apparatus and is subject to American law, including the CLOUD Act. Even if data remains in Germany, strategic dependencies arise that are difficult to reconcile with the claim of European digital sovereignty.
For me, this case primarily shows one thing: Europe discusses digital sovereignty in office applications and Cloud storage but leaves precisely security-critical state core systems to a proprietary US corporation.
The term digital sovereignty could hardly be devalued more consistently.
GPT-5.6 will initially be accessible only to a small, selected group in the USA. Officially due to security concerns and potential misuse for cyberattacks. Practically, of course, purely coincidentally with a model that is supposed to massively accelerate productivity, software development, and research.
That an America First president wants to leave technological wonders to American users first does not surprise me. After last week’s Anthropic announcement, the direction was clear. The concern about simplified cyberattacks may play a role. I would still bet that it is primarily about one thing: a competitive advantage for the American economy.
I would be interested in how you assess this step.
Is this ultimately a curse or perhaps even a blessing for Europe? Can we even be grateful to Trump for laying the cards so openly on the table? Otherwise, Europe would have comfortably fallen into the next complete dependency anyway.
Because one thing this approach certainly creates: #Handlungszwang.
And maybe that is exactly the opportunity Europe needs to finally develop its own models.
Or is the whole thing simply a friendly gesture for Trump’s Big Tech buddies? Keyword “PR campaign”?
As in: “What? Your AI isn’t even good enough that the US government had to restrict its access?”
The current report from TNW about Donald Trump’s announcement to impose tariffs of up to 100 percent on states that persist with a digital tax on American tech companies highlights a development that has been emerging for years: Digital regulation is no longer merely an economic policy detail but a component of geopolitical power politics.
For me, however, the real problem lies even deeper.
The United States is increasingly making it clear that it no longer defends the economic interests of its major tech companies solely through market mechanisms but directly links them with its trade and foreign policy. When regulatory decisions of sovereign states are met with the threat of comprehensive tariffs, it is no longer about tax law but about the political enforcement of technological dominance.
That is why the discussion about a digital tax, in my view, falls short. It is not decided by whether Google, Meta, Apple, or Amazon should pay higher taxes, but by whether Europe is willing to make its regulatory decisions independently of economic pressure from Washington.
This is precisely where digital sovereignty lies.
In recent years, the European Union has begun to shape the digital single market according to its own rules with the Digital Markets Act, the Digital Services Act, and other regulations. This development is now openly questioned. Not through legal arguments, but through the announcement of economic countermeasures.
Moreover, there is the technological dimension. Europe remains dependent on American platforms, Cloud services, and software providers in key areas of digital infrastructure. As long as this structural dependency exists, political room for maneuver remains limited. Economic power, technological dominance, and foreign policy pressure now intertwine and reinforce each other.
For me, the current conflict primarily shows one thing: Digital sovereignty does not begin with European Cloud offerings or Open Source strategies. It begins where Europe is willing to enforce its own regulatory decisions even when Washington raises the price for it.
Otherwise, digital sovereignty remains a political buzzword.
Not a strategic reality.
🔗https://thenextweb.com/news/trump-100-tariff-digital-services-taxes-eu

This week, I would like to recommend a post by Dominik Rapacki, founder and CEO of meetergo and CrabClear. With his companies, he develops European alternatives to US software and has been advocating for digital sovereignty and privacy-friendly Cloud solutions for years.
In his current LinkedIn post, he assesses the impact of a US Supreme Court ruling that questions the independence of the US Federal Trade Commission (FTC). This independence is a central foundation of the EU-US Data Privacy Framework – the agreement that thousands of companies rely on when using services from Google, Microsoft, or AWS.
Dominik explains clearly why this decision is relevant far beyond the USA and why companies should no longer rely on existing legal frameworks to remain in place permanently.
A must-read for anyone interested in Cloud, data protection, and digital sovereignty.
Criticism of EU sovereignty labels: legal dependencies remain; a sovereign Cloud needs clear levels, not misleading labels.
Germany and France present a sovereignty plan, defining core areas and criteria; goal: European digital independence and strengthened infrastructure control.
Report by the Society for Informatics examines Germany’s router security and digital sovereignty, highlighting infrastructure dependencies, regulatory potentials, and the necessity of open standards for architectural self-determination.
🔗 <https://www.heise.de/news/Gesellschaft-fuer-Informatik-Studie-zu-Router-Sicherhei
🧠 Editorial This week is about much more than just Cloud and AI: The EU is targeting AWS and Azure, …
🧠 Editorial While outside the asphalt is slowly turning into lava, the tech industry is once again …
🧠 Editorial This week, I repeatedly asked myself whether we in IT are actually solving problems or …