Skip to content
You can now search across every topic, entity and event.What's new
European Tech Sovereignty
30JUN

ORG brands UK tech dependency a risk

4 min read
17:31UTC

The Open Rights Group published 'Tech Giants and Giant Slayers' on 15 April, branding Britain's decade of US-tech dependency a national security vulnerability. It cites a CMA estimate that the UK wastes £500m a year on cloud lock-in alone.

TechnologyDeveloping
Key takeaway

The CMA figure means the entire Sovereign AI Fund is being burned every year on cloud lock-in alone.

The Open Rights Group published "Tech Giants and Giant Slayers" on 15 April 2026, arguing Britain's decade of US-tech dependency is a national security vulnerability 1. The report cites a Competition and Markets Authority (CMA) estimate that the UK wastes £500m a year on cloud services due to lock-in, switching barriers and project overruns 1. It flags the US CLOUD Act, the US federal law requiring disclosure of overseas data held by US-headquartered companies, as a mechanism that can compel UK data disclosure without UK consent, and points to Microsoft's documented shutdown of email services for individuals hit by ICC-related sanctions as concrete precedent 1. Palantir contracts, the report adds, are expanding rather than shrinking 1.

The CMA figure sits awkwardly next to the Sovereign AI Fund . In budget terms, the annual cloud waste matches the entire fund spent every year on lock-in alone, yet DSIT has not matched it with a single cloud-layer instrument. The CMA cloud investigation closed in July 2025 without DMA-equivalent enforcement powers, leaving the exposure untouched. Britain is solving the model layer at the margin while the cloud layer still bleeds at scale.

The CLOUD Act flag shifts the framing from commercial efficiency to legal exposure. ICC-sanctioned individuals losing Microsoft email access is not a hypothetical: it is precedent that a US statute can reach UK users through the infrastructure they already use, regardless of where the data sits. The report treats this as an analogue of the EU-level Draghi Report's 11.2% implementation rate after one year : stated ambition without the matching legal instrument. Britain is building a national champion upstairs and leaving the front door open downstairs.

Deep Analysis

In plain English

The Open Rights Group is a British digital rights organisation. In April 2026 it published a report arguing that Britain's dependence on American technology companies carries national security consequences beyond commercial inefficiency. The core of the argument: a US law called the CLOUD Act means American companies can be ordered by US courts to hand over data they hold on behalf of British customers, including government data, without UK courts being involved. The ORG cites Microsoft shutting down email accounts for people sanctioned by the International Criminal Court as a real-world example where US law reached into British infrastructure and cut off services. The Competition and Markets Authority (the UK's competition regulator) estimates that Britain wastes £500m a year on cloud services purely because of the difficulty of switching providers. The report argues that building a domestic AI sector while leaving this dependency unaddressed is building on a compromised foundation.

First Reported In

Update #2 · Brussels buys, Britain backs, Google unlocks

The Register / Open Rights Group· 19 Apr 2026
Read original
Causes and effects
This Event
ORG brands UK tech dependency a risk
The report puts a number on the cloud-layer gap the UK's sovereign AI strategy leaves untouched, and flags the US CLOUD Act as a legal mechanism that can compel UK data disclosure without UK consent.
Different Perspectives
Trump administration
Trump administration
Washington defends the MATCH Act as closing a loophole that lets ASML's DUV tools reach Chinese fabs indirectly, dismissing the Dutch Cabinet's June complaint of being treated with disregard. Officials expect the bill's progress through Congress to keep the DUV cross-subsidy question live regardless of ASML's Q2 numbers.
Bruegel
Bruegel
Brussels-based economists argue this week's deliverables, specialist fab aid and a digital euro that restricts no US firm, prove Europe's sovereignty agenda advances only where it meets no American resistance. They expect the leading-edge fabrication gap and dependence on US frontier AI models to persist absent a policy that directly confronts a named US interest.
German federal government
German federal government
Berlin welcomes the €659m tranche funding jobs across North Rhine-Westphalia, Schleswig-Holstein, Hesse and Bavaria, on top of the ESMC Dresden fab already under construction on TSMC-shipped tooling. Officials treat power and analogue capacity as the achievable near-term win while Dresden remains Germany's only bet on leading-edge logic.
House of Commons Science, Innovation and Technology Committee
House of Commons Science, Innovation and Technology Committee
The committee's 7 July report found the UK has "no coherent strategic framework" for sovereign technology and warns it "risks being cut off at whim", citing the June order that barred foreign access to Anthropic's Fable 5 and Mythos 5 as the trigger case. It expects no domestic hyperscaler or foundry response before the gap widens further.
European Commission
European Commission
The Commission cleared €659m in German state aid on 14 July, taking cumulative Chips Act support to roughly €14.2bn, and let the digital-euro mandate reach trilogue after ECON's floor-vote shortcut was overturned. Brussels presents both as sovereignty delivered, without addressing that neither funds leading-edge logic fabrication.
ASML
ASML
ASML raised FY2026 guidance to €43-45bn on 15 July and, for the first time since Q1, dropped the export-control hedge from its release even with the MATCH Act live in Congress. Fouquet frames the order book, 86 systems against 67 in Q1, as strong enough to outrun the DUV dispute rather than evidence it has cooled.