Europe wanted technological sovereignty. On June 12, it got a demonstration of technological dependence.
That day, the U.S. government cut non-Americans off from access to two of the world’s most advanced AI models. Brussels’ flagship response to precisely this scenario—the Cloud and AI Development Act (CADA)—would not have helped.
As I argue in “Europe’s Sovereignty Stack: CADA, Compute, and the Limits of Autarky,” Europe needs to do two things instead: remove legal barriers and build serious computing capacity on the continent. That strategy would allow Europe to pursue two complementary goals.
First, it would give Europe leverage through mutual dependence, strengthening its hand in negotiations over access to cutting-edge AI capabilities that it has little realistic chance of developing domestically in the near term. Second, it would reduce dependence on foreign providers for “good enough” AI systems, which will remain economically important across a wide range of applications that do not require state-of-the-art models.
The Alliance, the Act, and the Kill Switch
A U.S. export-control directive ordered Anthropic, a leading American AI lab, to suspend non-U.S. access to its two most capable models—Fable 5 and Mythos 5—after a jailbreak exposed a security vulnerability. The company complied within hours, pulling the models globally for non-U.S. users while disputing the order’s proportionality. Its other models remained available.
That was not an isolated event. It followed a remarkable 10-day run.
On June 2, the White House issued an executive order granting the federal government up to 30 days of pre-release access to “covered frontier models”—advanced AI systems at the edge of current capability—and a role in choosing the “trusted partners” who get them first.
On June 3, the European Commission proposed CADA, the centerpiece of its Technological Sovereignty Package.
That same day, EU member states moved to join “Pax Silica,” the U.S.-led chip alliance, under an understanding to buy at least $40 billion in American AI chips.
So the European Union decided to bind itself more tightly to the American stack—the layers of chips, cloud infrastructure, and models that make modern AI possible—while CADA proposed walling its most sensitive workloads off from that same stack. Then the kill switch fired.
Open to the World, Closed to the Providers
CADA would create four “assurance levels” for public-sector cloud and AI services. The sensible part is that the framework is risk-based and applies only to the public sector.
At the highest assurance levels, though, CADA seeks to shield European buyers from third-country interference by effectively excluding even American-owned providers.
Henna Virkkunen, the European Commission vice president responsible for technology sovereignty, made that goal explicit. She told reporters that no provider handling critical workloads should have a “kill switch,” that “we want to make sure that our most critical sensitive data is stored in Europe,” and, according to press accounts, that U.S. firms would struggle to qualify for the highest sovereignty tier because of the U.S. CLOUD Act.
CADA contains a single statutory escape hatch from its ownership restrictions, and it does not apply at the highest assurance level. A provider’s home country can be recognized as an “associated third country,” but the criteria appear tailor-made to exclude the United States. One provision would disqualify countries that maintain measures that “impede the provision of state-of-the-art technologies.”
Read literally, that would disqualify a country for imposing the very export controls that underpin the Western technology alliance. It would exclude a partner for participating in the same system the European Union joined through Pax Silica during the very week CADA was unveiled.
In a communication accompanying the proposal, the Commission insisted that technological sovereignty “does not mean isolation, protectionism, or tech decoupling,” and promised that the European Union would remain “open to the world.” That assurance is difficult to reconcile with both the text of the proposal and Commissioner Virkkunen’s public statements.
The Problem Isn’t Dependence. It’s Leverage.
Perhaps the biggest flaw in CADA’s approach is that it effectively gives up access to the best AI capabilities precisely where they matter most: defense, intelligence, and other national-security applications.
To be sure, CADA includes a safety valve that permits exceptional purchases when “no adequate or reasonable alternative” exists. But the exemption comes with conditions—such as prior unsuccessful tenders—and appears deliberately designed to be difficult to use in practice. That is a curious approach given the Commission’s own analysis, which acknowledged that some degree of dependence is “inevitable.”
No amount of wishful thinking—or attempts to redefine the term—can change the reality that frontier AI is available only from the leading U.S. labs. Europe cannot develop comparable capabilities quickly enough to capture both the economic and military-intelligence benefits of being at the frontier.
In highly competitive domains such as cybersecurity, even a delay of a few months can matter. Nor is there an obvious alternative source. The strongest non-U.S. AI labs are largely based in China, not Europe, and most assessments place them at least several months behind the leading American firms, with larger gaps in some areas.
The June 12 export restriction exposed a deeper problem: the European Union has little leverage when it comes to negotiating access to state-of-the-art AI capabilities. Building that leverage—not restricting access to the technologies Europe already lacks—should be the real focus of European policy.
Build the Bargaining Chip, Not the Fantasy
The immediate answer is not a sovereign European frontier model. That capability is not arriving on any meaningful timeline, and focusing exclusively—or even primarily—on that goal would waste scarce time and political attention.
The better answer is to build the one thing Europe realistically can: compute capacity on European soil, measured in tens of gigawatts. What matters most is not who owns the accelerators or whose models run on them. It is where the metal sits.
European compute could provide the leverage Europe lacks. Demand for computing capacity will outstrip even American supply. A European Union with large, modern data-center capacity to offer—and a willingness to host U.S. firms’ workloads—would create the kind of mutual dependence that makes a future cutoff too costly to contemplate. If U.S. firms run not only European workloads but also U.S. workloads in European data centers, then cutting off Europe would not merely sacrifice non-U.S. revenue. It would directly harm U.S. customers.
To build that capacity—and win enough of the market to create real dependence—Europe needs to move fast. It needs permitting, including environmental permitting, and grid connections quick enough to make investing in the European Union more attractive than waiting elsewhere. In that legal environment, public subsidies may not be necessary. Without those changes, even large subsidies will not be enough.
On security, Europe should draw the line along the right axis. Instead of treating any third-country control as suspect, CADA should target adversary control. And the recognition decision should become an openly political judgment about allies and adversaries, not a legalistic trapdoor for excluding partners.
The main security burden should fall on measures that depend far less on the provider’s nationality: customer-held encryption keys, protection for data while it is being processed, vetted and security-cleared staff, anti-tamper controls, and portability.
Bolted to Our Floor
In CADA, the Commission got one thing right: the need to accelerate permitting for data centers and related infrastructure. It just was not nearly ambitious enough. The proposal pairs a modest fast-track with promises of insulation from foreign control that its own impact assessment all but concedes are unattainable, given Europe’s dependence on American frontier AI.
The report “Europe 2031,” written by researchers who want a more competitive Europe, sketches where a CADA-like strategy could lead. Public institutions most committed to “Buy European” become “the ones paying the ransoms,” outmatched by competitors using better foreign tools. The compute gap never closes. Washington rations access to frontier AI by alliance tier. Economic and political pressures mount as Europe finds itself with fewer options and less leverage.
The report’s prescription is simple: make sure the data centers that get built are “bolted to our floor.”
That is the real lesson of June 12. Europe does not need the illusion of autonomy. It needs leverage. And leverage comes not from pretending dependence can be wished away, but from building assets others cannot afford to lose.
