On 3 June 2026 the European Commission unveiled its Technological Sovereignty Package — a set of initiatives meant to reduce Europe’s dependence on non-EU suppliers across semiconductors, cloud, artificial intelligence and software. It is not a single law but a strategy bundled into one document, spanning the entire value chain: from the chip, through infrastructure, to software and AI. This explainer breaks down what the package actually is, what it contains and how it is supposed to work.
Key takeaways
- The package was announced on 3 June 2026 as the Communication on European Technological Sovereignty, filed under reference COM(2026) 503
- It consists of four interconnected initiatives: the Chips Act 2.0, the Cloud and AI Development Act (CADA), an Open Source Strategy, and a roadmap for digitalisation and AI in energy
- Two are legislative proposals (Chips Act 2.0 and CADA), while the other two are a strategy and a roadmap, meaning directional documents
- CADA targets at least tripling EU data centre capacity within 5–7 years and introduces a four-level framework for assessing cloud sovereignty
- The original Chips Act mobilised more than €52 billion in investment, and the global semiconductor market is expected to reach €1.37 trillion by 2030, with about 70% of that growth driven by AI-related components
- Polish and international media summarised the package as “three pillars”, but the official document describes four initiatives
What the technological sovereignty package is
The technological sovereignty package is an umbrella document from the European Commission aimed at strengthening Europe’s ability to independently develop and control key digital technologies. Formally, it is a Communication — a document setting out strategy and direction — accompanied by two concrete draft regulations and two strategic documents. The Commission explicitly calls it “a change in Europe’s approach to its tech ecosystems”.
The starting point is a diagnosis that is hard to dispute: Europe remains heavily dependent on suppliers outside the EU for core digital technologies — from advanced chips, through cloud services, to AI models. At the same time, demand for computing capacity is rising sharply as AI spreads. The package is designed to respond to this by reducing “structural dependencies” and giving businesses, citizens and public administrations wider choice in core technologies.
Commission President Ursula von der Leyen captured the logic of the package in a single sentence that conveys its tone well.
We cannot afford to depend on others for the technologies that keep our hospitals running, our energy grids stable and our services secure. This is about protecting our citizens, defending our interests and making our own choices.
One simplification is worth correcting upfront. Some press coverage — including in Poland — described the package as built on “three pillars”. The official Commission communication, however, lists four initiatives. The discrepancy stems from the fourth element, focused on energy, often being treated as a side note in media coverage.
How it is meant to work: the whole value chain
The key to understanding the package is the word “chain”. The Commission does not treat chips, infrastructure, software and AI as separate matters, but as successive links in a single value chain — from raw materials and semiconductors, through data centres and cloud, to the software layer and finished AI models. The premise is that sovereignty in one link counts for little if the neighbouring links remain fully dependent on external suppliers.
That is why each of the four initiatives covers a different segment of the chain, and all are meant to reinforce one another. The Chips Act 2.0 handles the silicon layer. CADA covers computing infrastructure as well as cloud and AI. The Open Source Strategy aims to reduce dependencies in the software layer. The energy roadmap connects all of this to the energy system, because without cheap and stable power, data centres will not be built. The package is also linked to earlier initiatives such as AI Factories and AI Gigafactories.
The diagram below shows how the four initiatives map onto the individual links of the value chain.
Diagram 1. The technological sovereignty package against the value chain — from chip to AI.
The diagram reflects the Commission’s official description, according to which the initiatives are “interconnected and mutually reinforcing across each stage of the value chain, from chips, to infrastructure, to software, cloud and AI”. Energy is a cross-cutting factor here, because it determines whether data centres can be built and run.
Key components: the four initiatives
The package should be read through the lens of its four components. Two are firmly legislative, two set direction.
Chips Act 2.0
This is a draft regulation that updates and expands the original European Chips Act. The Commission notes that the first version helped mobilise more than €52 billion in public and private investment and contributed to an estimated 46,000 direct and indirect jobs. Even so, the EU remains dependent on third countries for advanced chip manufacturing and design.
The stakes are high: the global semiconductor market is expected, according to the Commission, to reach €1.37 trillion by 2030, with around 70% of that growth driven by AI-related components. The Chips Act 2.0 has four main axes: improving conditions for investment (including cutting permitting procedures to a maximum of 12 months and “Grand Challenges” for AI chips), stimulating demand (Demand Accelerators), reinforcing the supply side (funding for “First-of-a-Kind” projects and a Semiconductor Regions of Excellence label), and increasing supply chain resilience. This is where the context highlighted by the media comes in: the CEO of Mistral AI, among others, has called for sovereignty in chip production, while today’s European ecosystem rests on the Dutch firm ASML and cooperation with Taiwan’s TSMC and America’s Intel.
Cloud and AI Development Act (CADA)
The second legislative proposal addresses computing infrastructure as well as cloud and AI. CADA has three main areas: research and innovation, capacity, and autonomy. Its most prominent element is the goal of at least tripling EU data centre capacity over the next 5–7 years, combined with simplifying and accelerating the permitting and deployment of data centres, and improving access to energy, land, water and financing.
The most interesting part of CADA, however, is the introduction of a single framework for assessing cloud and AI sovereignty. The Commission defines four assurance levels, to be used by public sector bodies based on their risk assessments. Cloud providers can be recognised at a given level by Member States after undergoing an audit. This is a concrete tool rather than a declaration — ranging from data location to full control over the software supply chain and the absence of third-country interference.
The diagram below orders these four levels, from the most lenient to the most stringent.
Diagram 2. The four levels of cloud sovereignty under CADA.
The logic is cumulative: each successive level adds stricter requirements. Level 1 concerns the physical location of data within the Union, Level 2 independence from third countries and transparency of the software chain, Level 3 EU ownership and control along with criteria such as staff citizenship, and Level 4 full control over the software supply chain and no possibility of interference from third countries.
Open Source Strategy
The third initiative places open source at the centre of technological sovereignty. The Open Source Strategy aims to promote European open alternatives to non-EU proprietary solutions in critical domains — from operating systems, through cloud and AI, to cybersecurity and semiconductors. The Commission adopts a “full lifecycle” approach covering development, deployment, and the long-term maintenance and security of critical components.
Concrete tools include the Open Internet Stack catalogue of solutions, a strengthened Open Source Programme Office (OSPO), an Open Source Maintenance Instrument to fund the upkeep of critical projects, and promotion of open source in public procurement. The official document also names categories of alternatives — workplace tools, secure email, decentralised social media — which the media illustrated with examples such as the Qwant search engine. In this model, public administrations are meant to act as “anchor” users and contributors to open solutions.
Roadmap: digitalisation and AI in energy
The fourth element, most often overlooked by the media, is the Strategic Roadmap for Digitalisation and AI in Energy. Its presence in the package is no accident: tripling data centre capacity is impossible without cheap, stable and resilient energy. The roadmap is meant to integrate digital technologies and AI into the EU energy system and improve its efficiency. This closes the chain into a whole — from the chip, through the data centre, to the grid that powers it.
How it differs from the previous approach
The most important difference is philosophical. For years, EU digital policy focused mainly on regulating the market — protecting data, competition and the security of services. The technological sovereignty package shifts the emphasis towards building Europe’s own capabilities: not just “how to protect citizens from technology”, but “how to produce technology in Europe and control it”. The Commission itself calls this a major shift in approach.
The second difference is integration. Earlier acts — the original Chips Act, cloud regulations or AI initiatives — were largely developed separately. Here, the four initiatives are deliberately bundled into one communication and a shared value-chain logic. The third difference is the presence of concrete assessment tools, such as the four-level cloud sovereignty framework, instead of only general directional declarations.
Unlike the American model, built on the dominance of private tech giants, and the Chinese model, heavily steered by the state, Europe is attempting a third path: a regulatory-and-investment approach, with an emphasis on open standards, public procurement as a demand lever, and keeping the market open to partners.
Applications: who actually gains, and what
The most direct beneficiary is meant to be public administration, which gains a framework for assessing the sovereignty of cloud providers and common procurement mechanisms that let Member States pool their purchasing power. For critical sectors — hospitals, energy grids, public services — this means the ability to choose providers with a verified level of independence.
The second group is businesses, especially small and medium-sized enterprises and start-ups. The Open Source Strategy is meant to lower entry barriers and provide access to shared innovation ecosystems, while the Chips Act 2.0 — through Demand Accelerators and innovation procurement — channels demand towards European technologies. The third group is developers and researchers, for whom the package promises open source funding in key areas and access to greater computing capacity. Citizens stand to benefit indirectly, through more transparent and secure digital services and wider choice.
Limitations and open questions
The most important caveat is procedural: this is still a proposal. The Chips Act 2.0 and CADA are draft regulations that must still pass through the European Parliament and the Council. The Open Source Strategy and the energy roadmap are directional documents, not binding law. Much depends on funding and the pace of implementation — the Commission has announced consultations on financing the ambitions and cooperation with the European Investment Bank Group.
The second caveat concerns the feasibility of the targets. Tripling data centre capacity in 5–7 years is an ambitious goal, constrained by access to energy, land and capital — the very barriers the package is only beginning to remove. In the chip layer, Europe remains structurally dependent on ASML, TSMC and Intel, and building a full, sovereign semiconductor chain is a matter of many years and enormous spending.
The third issue is the tension between sovereignty and an open market. The Commission declares that “the vast majority of the market remains open to our partners”, but Levels 3 and 4 of the CADA framework — with ownership and staff citizenship requirements — may raise questions about relations with non-EU suppliers. Some details, including specific application examples cited by the media, are journalistic interpretations rather than provisions of the official communication.
Why it matters
The technological sovereignty package is one of the clearest signals yet that the European Union treats technological dependence as a strategic problem, not merely an economic one. In a world where the United States and China are intensifying their rivalry over AI and semiconductors, Europe is trying to stop being solely a consumer of others’ technologies and start controlling their key links.
For the AI and robotics industry, this has a practical dimension: the availability of computing capacity, local chips and open software components translates directly into where, and on what terms, European models and systems will be built. Regardless of how much of the announcement survives the legislative process in its current shape, the direction itself — binding chips, cloud, software and energy into a single chain of sovereignty — sets the frame for European technology policy over the coming decade.
Sources
- European Commission — Commission proposes tech sovereignty package to strengthen Europe’s digital autonomy and resilience (3 June 2026)
- European Commission — Communication on European Tech Sovereignty, accompanied by an EU Open Source Strategy, COM(2026) 503
- European Commission — Cloud and AI Development Act (CADA)
- European Commission — Chips Act 2.0
- European Commission — The EU Open Source Strategy
