Sovereign Cloud: Luxembourg, Belgium, and France Lead the Way

The EU is redrawing the map of the sovereign cloud in Europe… without turning its back on American technologies

The contract formalized by the European Commission on April 17 sets the direction for future legislation on sovereign cloud and AI. It was also presented as a “benchmark” intended to steer the entire sector toward European standards

€180 million over six years to provide sovereign cloud services to its institutions, bodies, and no fewer than 70 agencies. On Friday, the European Commission awarded a landmark framework contract. The selected providers are European but rely on hybrid technology partnerships. On one side, Post Telecom partnered with Clever Cloud and OVHcloud, StackIT, and Scaleway (Iliad’s cloud subsidiary). On the other, Proximus, which relies notably on S3NS, the joint venture between Thales and Google Cloud, as well as on Clarence and Mistral

Beyond the selected providers, it is above all the operational definition of the sovereign cloud that is taking shape. In fact, the bids were evaluated against the Cloud Sovereignty Framework—a framework defined by the European Commission, which is based on eight criteria covering strategic, legal, operational, and environmental dimensions.

Strength in Unity

“This project proves that there are solid alternatives in Europe capable of meeting the highest standards,” said Octave Klaba, President & CEO of OVHcloud. “This decision also demonstrates that when European players join forces, they make a difference.”

With OVHcloud and Clever Cloud, Sébastien Genesca, General Manager of DEEP by POST Group, believes they have developed an ambitious solution pursuing a common goal: “to build a sovereign cloud offering that leverages our technological expertise while sharing common European values.”

Disruption

The issue of digital sovereignty, particularly in the European public sector, has been increasingly debated in recent years. As many European governments are heavily dependent on U.S. cloud providers, their data is subject to the CLOUD Act, which authorizes the U.S. government to request access to any data hosted by U.S. companies.

Clearly, the awarding of this contract marks a break from technological dependence on the U.S. The European Commission is adopting a multi-vendor model, designed to strengthen resilience and avoid a new dependence on a single player.

The example of Proximus

This award also sends a signal to the European market. When launching the call for tenders, the Commission explained that it wanted to make this a benchmark for the sovereign cloud in the public sector.

It clearly is one. The Proximus Group’s bid illustrates this perfectly. The solution combines cloud sovereignty, advanced security, and European artificial intelligence, drawing on a robust ecosystem of European partners and technologies:

• Proximus and Proximus NXT in Belgium and Luxembourg, drawing on their experience as trusted partners of public institutions in the fields of telecommunications and ICT;
• S3NS, the trusted sovereign cloud platform, certified to the highest European security standards;
• Clarence, a joint venture between Proximus and LuxConnect, which provides a sovereign edge cloud that is fully disconnected and isolated from the network, with physical containment, local control, and high resilience;
• Mistral AI, which provides cutting-edge European artificial intelligence capabilities on sovereign cloud platforms;
• Thales, which provides a high-assurance security architecture and cyber threat intelligence.

A “benchmark”

It should be noted that the European Commission takes a fairly pragmatic view of sovereignty, based on governance, control , and compliance, rather than on the systematic exclusion of any non-European technological components.

Finally, with this call for tenders, the European Commission is not merely meeting its own needs. It is equally seeking to shape the market. The initiative has, in fact, been presented as a “benchmark” intended to steer the entire sector toward European standards.

Moreover, this contract points the way forward for future legislation on the cloud and AI. It aims to harmonize the definition of sovereignty within the single market and to facilitate the emergence of alternative offerings.