7MAY

CISPE moves first; Brussels misses again

4 min read

10:13UTC

Two weeks after Sovereign Tech Europe declared sovereignty moving from concept to construction, the construction came from a trade body and a retail conglomerate. The Commission's tech-sovereignty package slipped to 27 May. Seven European CEOs, Mistral included, told von der Leyen on 5 May to stop adding rules.

TechnologyAura SallaChi OnwurahXavier Coget

Key takeaway

The construction the conference described is happening; the Commission is not building it.

This briefing mapped

Loading map…

Regulatory

Economic

Competitive

Diplomatic

Domestic

CISPE ships rival sovereign cloud badge

Cloud Infrastructure Services Providers in Europe (CISPE) launched a 40-plus service certification framework on Friday 24 April, one day after the Brussels summit closed and four weeks before the Commission writes 'sovereign' into EU statute.

Sources profile:This story draws on neutral-leaning sources

Deep dive into this story →

CISPE launched its Sovereign and Resilient Cloud Services Framework on 24 April 2026, declaring 40-plus certified services under a binary Sovereign/Resilient distinction and certifying them through BYCYB (formerly LNE), explicitly positioning the framework as a direct challenge to the Commission's SEAL framework which CISPE called a 'murky sovereignty score'.

The framework arrives in time to pre-empt the Commission's CAIDA definition of sovereign infrastructure, due 27 May, and operationalises the trade body's earlier charge that the Commission's own SEAL tiers are sovereignty washing.

Sources:IT Pro

¹ IT Pro² IT Pro

Schwarz triangle closes at $20bn merger

Cohere and Aleph Alpha confirmed their merger on Friday 24 April at a $20 billion valuation; Germany's Schwarz Group anchored Cohere's Series E with $600 million, joining a sovereign cloud subsidiary it already owns.

Sources profile:This story draws on centre-leaning sources from Germany

LeftRight

Germany

Deep dive into this story →

Cohere and Aleph Alpha formally announced their merger on 24 April 2026, valuing the combined company at $20 billion, with Germany's Schwarz Group investing $600 million in Cohere's Series E as anchor investor; the deal requires Bundeskartellamt and Canadian Competition Bureau clearance and is expected to close in H2 2026.

No other private actor in Europe now spans cloud infrastructure, sovereign model, and captive enterprise demand simultaneously, which gives Berlin's German-deployment conditions on the deal real bite.

Sources:Handelsblatt

¹ TechCrunch² TechCrunch

Seven CEOs ask Brussels for less

After meeting Ursula von der Leyen in Brussels, the chief executives of ASML, Airbus, Ericsson, Mistral AI, Nokia, SAP and Siemens published a joint op-ed on Tuesday 5 May calling for simpler AI rules and looser merger control.

Sources profile:This story draws on neutral-leaning sources

Deep dive into this story →

Seven European chief executives — from ASML, Airbus, Ericsson, Mistral AI, Nokia, SAP, and Siemens — published a joint op-ed in Handelsblatt and Corriere della Sera on 5 May 2026 after meeting Ursula von der Leyen, calling for simplified AI rules, looser merger control, industrial-policy support, and tariff-style protection from subsidised rivals.

Mistral's signature lands three weeks before the Tech Sovereignty Package the Commission is preparing for the same industrial constituency, putting the sovereign-AI flagbearer on record asking for less of it.

Sources:Digital Watch Observatory

¹ Handelsblatt² CNBC

Sovereignty package slips to 27 May

Digital Watch Observatory's tracking confirms the EU Tech Sovereignty Package has slipped twice; the Commission is now logged for adoption on Wednesday 27 May, with no official giving a public reason for either of the earlier misses.

Sources profile:This story draws on neutral-leaning sources

Deep dive into this story →

The EU Tech Sovereignty Package missed its second consecutive deadline; it is now scheduled for Commission adoption on 27 May 2026 after slipping from March to April without any public explanation, carrying CAIDA, Chips Act 2, an open-source strategy, and an AI-in-energy roadmap.

Each delay hands the de facto sovereignty standard to whichever non-Commission actor moves first, and the cloud trade body has already moved.

Sources:OpenForum Europe

¹ Digital Watch Observatory² OpenForum Europe

Three EU-US deadlines collide in 9 days

USTR's Section 301 final determination on EU digital rules lands on Friday 24 July; the Commission's binding DMA decision on Google follows on Monday 27 July; AI Act GPAI enforcement activates on Sunday 2 August. Neither side has published a coordination plan.

Sources profile:This story draws on neutral-leaning sources

Deep dive into this story →

Three EU-US tech regulatory deadlines were confirmed inside a nine-day window in late July and early August 2026: the USTR Section 301 final determination on EU digital rules on 24 July, the Commission's binding DMA decision on Google search data on 27 July, and EU AI Act GPAI enforcement activation on 2 August — with no published coordination between Brussels and Washington.

Washington's tariff posture goes public three days before Brussels rules on Google and nine days before the AI Office can fine the same cohort of US frontier-model providers up to 3 percent of global turnover.

Sources:Computer Weekly

¹ CEPA² CEPA

Virkkunen picks Tokyo after EU summit

Henna Virkkunen co-chaired the fourth EU-Japan Digital Partnership Council in Brussels on Tuesday 5 May, signing a joint Data Strategy Working Group, continued AI-safety research, semiconductor cooperation and a new quantum initiative called Q Neko.

Sources profile:This story draws on centre-left-leaning sources from United States

United States

Deep dive into this story →

The fourth EU-Japan Digital Partnership Council met in Brussels on 5 May 2026, co-chaired by Henna Virkkunen, producing a joint Data Strategy Working Group, continued AI safety research collaboration, semiconductor cooperation on next-generation technologies, and a quantum initiative called Q Neko; it was Virkkunen's first major public outing since the Sovereign Tech Europe summit.

Virkkunen's first major public outing after the sovereignty summit was a partnership with Tokyo, not a sovereignty announcement, signalling the Commission's preferred frame is interdependence rather than decoupling.

Sources:CNBC

¹ European Commission

Meta breaches DSA on child safety

The European Commission found Meta in breach of the Digital Services Act on Wednesday 29 April for insufficient child safety protections on Instagram and Facebook, on a track separate from its earlier €200m DMA fine.

Deep dive into this story →

Meta was found in breach of the Digital Services Act on 29 April 2026 for insufficient child safety protections on Instagram and Facebook, on a track separate from its €200m DMA fine.

The finding adds a third active enforcement track against Meta in Brussels, alongside the DMA fine and the WhatsApp AI assistant objections, with each track carrying its own remedy timeline.

¹ European Commission

Onwurah: DSIT has no coherent strategy

Chi Onwurah, who chairs the Commons Science, Innovation and Technology Committee, published correspondence with DSIT minister Kanishka Narayan in which she said his sovereignty letter fails to set out a coherent strategy.

Sources profile:This story draws on neutral-leaning sources from Belgium

Belgium

Deep dive into this story →

Chi Onwurah MP, chair of the UK Commons Science, Innovation and Technology Committee, published correspondence with DSIT minister Kanishka Narayan in which she stated his sovereignty letter 'fails to set out a coherent strategy for achieving technology sovereignty'; Narayan cited the £500m Sovereign AI Unit and a proposed 'advanced market commitment' for AI hardware as the strategy.

Three weeks after the £500m Sovereign AI Unit named its first cohort, the parliamentary committee that scrutinises it is on the public record saying DSIT cannot describe its own approach.

Sources:European Commission

¹ Computer Weekly

Commission says DMA is fit, eyes cloud

The European Commission published its first Digital Markets Act review on Tuesday 28 April, finding the law fit for purpose and naming cloud services and AI as priorities for future enforcement expansion. The consultation received 450-plus responses.

Deep dive into this story →

The European Commission published its first DMA Review Report (COM(2026) 178) on 28 April 2026, finding the Act 'fit for purpose' and identifying cloud services and AI as critical priorities for future enforcement expansion; the consultation received 450-plus responses.

the Commission's review explicitly tees up cloud and AI as the next gatekeeper frontier, lining up the legal apparatus the CAIDA statute is meant to supply with sovereign-versus-resilient definitions.

¹ European Commission

Brussels keeps Google DMA replies sealed

The Commission's public consultation on Google's DMA Article 6(11) search-data obligation closed on Friday 1 May; Brussels has not published the submissions, citing Alphabet's right of reply.

Deep dive into this story →

The DMA.100209 public consultation on Google's search-data sharing obligation closed on 1 May 2026; the Commission has not published submissions, citing Alphabet's right of reply, with the binding decision due 27 July 2026.

The withheld responses are the only public window onto how Commission rivals and clients argue search-data interoperability before the binding decision lands on 27 July.

¹ European Commission

Closing comments

Direction: up. Section 301 publishes Washington's tariff posture on 24 July 2026; the DMA.100209 Google binding decision follows three days later on 27 July, testing whether the Commission moderates under a tariff threat; AI Act GPAI enforcement, with a fine ceiling of 3% of global turnover, activates six days after that on 2 August against the same US frontier-model providers. Neither DG COMP nor the AI Office has published coordination guidance for this nine-day window. The specific tip point: if the DMA.100209 text demands granular search-ranking data that rivals can use to train competitive retrieval models (not merely aggregated data that preserves Alphabet's ranking moat), Alphabet will file a General Court appeal before 2 August, and the overlap becomes a simultaneous enforcement-plus-litigation window across two independent EU directorates.

Tech Sovereignty Package contents (due 27 May)

Cloud and AI Development Act (CAIDA)primary cloud-AI sovereignty statute
Will define 'sovereign' infrastructure in EU law for the first time; no EP rapporteur assigned as of 20 April
Chips Act 2successor semiconductor industrial policy
Successor to original Chips Act; comes after the Magdeburg and Crolles cancellations stripped €37.5bn from the 20% market share target
Open-source strategyopen-source policy framework
Distinct from the proposed €350m EU Sovereign Tech Fund, which remains an OpenForum Europe civil-society proposal
AI-in-energy roadmapsectoral application policy
Applied-layer AI policy track consistent with the application-layer focus of the 21 April Digital Europe Programme calls

July-August 2026 enforcement collision

USTR Section 301 final determinationUS trade response to EU digital rules
Friday 24 July; could include retaliatory tariff thresholds against EU digital exports
DMA.100209 Google search-data binding decisionfirst DMA cloud-AI behavioural remedy
Monday 27 July; three days after Section 301 lands; consultation closed 1 May
EU AI Act GPAI enforcement activationAI Office gains fining power over GPAI providers
Sunday 2 August; fine ceiling 3% of global turnover; six days after the Google DMA decision

Schwarz Group sovereign-stack reach

StackITSEAL-3 sovereign cloud awardee
Schwarz IT subsidiary; named in the Commission's €180m framework on 17 April
Cohere/Aleph Alpha (post-merger)European sovereign AI model entity
Schwarz invested $600m in Cohere Series E; combined company valued at $20bn; Berlin sovereignty conditions remain attached
Lidl and Kauflandcaptive European enterprise customer base
Combined turnover above €175bn provides scale for sovereign cloud and model deployment

What’s Uncertain

CAIDA draft text not yet publicThe Cloud and AI Development Act draft is not public ahead of 27 May Commission adoption. Whether it adopts the CISPE binary or preserves SEAL tiers cannot be confirmed until the text appears.

DMA.100209 submissions withheldThe Commission has not published responses to the Google search-data consultation, citing Alphabet's right of reply. CISPE, AI search firms and publisher coalitions likely submitted; specific positions are not on record.

Bundeskartellamt filing on Cohere/Aleph AlphaNo formal Bundeskartellamt notification confirmed as of 7 May 2026; pre-notification dialogue may be under way but is not public. Berlin's sovereignty conditions remain stated preconditions, not deal terms.

Understand the Context

About Digital Omnibus?

Legislation

Will the April trilogue restore EU workers' right to understand workplace AI?

Deep dive →

Who are European Commission?

Organisation

Can the Commission absorb a LNG ban, REMIT recast, and windfall levy demand in nine days?

Deep dive →

Who are Airbus?

Organisation

Why has Airbus said nothing about the ESM valve anomaly that ran at ten times predictions?

Deep dive →

About Germany?

Place

Can Germany refill gas storage in time after still withdrawing in mid-April?

Deep dive →See all 78 entities →

Sources

9 centre

Belgium

Neutral

European Commission EU and Japan accelerate cooperation on AI, data, quantum and chipsExecutive body of the European Union

Neutral

European Commission First DMA Review Report COM(2026) 178 finalExecutive body of the European Union

Germany

Centre

Handelsblatt ASML, Airbus, Mistral lead CEO call for simpler EU AI rulesGerman financial and business newspaper

United States

Centre-left

CNBC ASML shares fall after proposed US export curbs target already fragile China marketUS financial and business cable news network

IT Pro · Digital Watch Observatory · OpenForum Europe · Aura Salla MEP · CEPA · Computer Weekly

Different Perspectives

European Commission (DG CNECT)

Cabinet-level representation at the Brussels summit from Virkkunen's office, not a Commissioner; the Tech Sovereignty Package has slipped to 27 May with no public explanation for two missed deadlines. The Commission's first DMA Review Report, published 28 April, declared the law fit for purpose and named cloud and AI as future enforcement priorities.

CISPE (Francisco Mingorance)

Mingorance launched the Sovereign and Resilient Cloud Services Framework on 24 April and called the SEAL tier system a "murky sovereignty score that averages the impossible with the irrelevant". The framework is the operational form of his earlier charge that the Commission's SEAL-2 award to the Thales-Google joint venture S3NS was sovereignty washing.

Schwarz Group / StackIT

Schwarz Group anchored the Cohere-Aleph Alpha merger with $600m and already holds StackIT at SEAL-3 in the Commission's €180m framework. Chief Digital Officer Karsten Wildberger called Berlin's backing of the deal "a very strong signal"; Berlin attached conditions that development services remain in Germany and infrastructure deployment remain sovereign.

Mistral AI / seven European CEOs

Arthur Mensch co-signed a 5 May joint op-ed in Handelsblatt and Corriere della Sera after meeting von der Leyen, calling for simplified AI rules and looser merger control. Mistral's signature is the politically significant one: it is the company Brussels most often cites as evidence that European AI sovereignty is viable.

ASML (Christophe Fouquet)

Fouquet told analysts that ASML's 2026 guidance already "accommodates potential outcomes of ongoing discussions around export controls", after China fell to 19% of system sales in Q1 2026 from 36%. ASML co-signed the CEO deregulation letter; the MATCH Act would remove its remaining DUV China revenue.

US Trade Representative (USTR)

USTR confirmed 24 July as the final determination date for its Section 301 investigation into EU digital rules; public hearings began in May. A USTR tariff threat published before the 27 July DMA Google ruling places direct political pressure on DG COMP to moderate its first cloud-AI enforcement decision.