Europe is reshaping its digital economy around sovereignty, from satellite spectrum (new post-2027 auction rules for the 2GHz MSS band) and sovereign cloud (Google Cloud picks Telefónica to serve-up hybrid sovereignty on a US stack) citizen identity systems (the Dutch government blocks Kyndryl from acquiring Solvinity), building layered control over US technology rather than decoupling from it.
In sum – what to know:
Spectrum reform – The EC is redesigning satellite spectrum access after 2027, structurally favouring European operators, signalling a shift from open allocation to sovereignty-driven market design.
Hybrid clouds – Google Cloud’s hybrid setup with Telefónica in Spain is the dominant sovereign cloud model, where US firms provide infrastructure and European firms control access and compliance.
Digital ID blocks – The Netherlands’ decision to block Kyndryl’s acquisition of sovereign digital ID provider Solvinity shows Europe is willing to restrict even allied US firms from sensitive digital infrastructure.
Sovereignty is the name of the game right now, even if the game is a telco version of Tetris just to reorder the stack. In the newsletter intro yesterday, RCR wrote about a rush of items across the editorial desk: Ericsson’s decision to move home, just up the road in Stockholm; Telenor’s structural reorganisation, which appears to de-prioritize its farthest-flung markets; Huawei’s jockeying innovation to do it all by itself, to get around geopolitical supply-chain constraints; plus Deutsche Telekom’s ‘Deutschland Stack’, the sharpest telco sovereignty play anywhere, which has been in the news lots. Well today (or late yesterday), there’s a bunch more on the same theme.
Firstly, the European Commission (EC) has set some rules for the provision of prime 2 GHz ‘S-band’ spectrum for mobile satellite services (MSS) in its member-state territories after 2027. Basically, it says a third of the band will be dedicated to governmental use (critical comms in its broad sense, plus security and military services), and two thirds will go to commercial providers, for mobile-based direct-to-device (D2D) and internet-of-things (IoT) services. It adds a provision that the second tranche will be split evenly between EU-based entrants in the MSS space and… well, everyone else, effectively, including both EU and non-EU satellite operators. This is the most telling intrusion.
The new EC rules appear to effectively hold back a third of the 2GHz MSS band to new EU players – “to encourage the diversification of suppliers and incentivise entry into the market”, writes the EC. Which means the likes of US-based satellite stalwarts EchoStar, Viasat, and Globalstar, plus the upstart D2D operations belonging to Big Tech kingpins Starlink (with $17 billion of EchoStar’s 2GHz holdings, plus a deal to licence the assets to its Boost Mobile brand) and Amazon Leo and AST SpaceMobile (bringing up the rear), plus also a busy stable of EU satellite IoT firms, will share all the rest – a third, as well. The last group includes Sateliot and OQ Technology, plus others.
Richard Hass, spectrum policy consultant at LS Telecom UK said: “Unfortunately, it’s not a spectrum auction. Instead it’s a sort of beauty-contest hybrid with three separate tracks for the different types of licences on offer. It also includes a one-off payment offered in a sealed bid. However, this is not the only thing that determines a winner, and will therefore not be the only deciding factor. Hence why it can’t be called an auction.” He also raised questions about the transparency of the process, and whether a US firm like AST SpaceMobile might take an “EU-only” licence via its local Satellite Connect Europe subsidiary. Which is a classic sovereignty loophole, of course – as below.
Still, two thirds will go to EU firms. Bidders have to promise to serve 95 percent of the population within five years, as Hass observed. But the sovereignty play, contained as much in its one-third provision for local startups, is about control over US Big Tech, and sharper mechanisms to accommodate the bloc’s own economic interests. It has an agenda to enable competition, but also to avoid strategic dependence – on Starlink / SpaceX, say, as the new symbol of concentrated foreign power over critical infrastructure. Its post-2027 framework looks like a tougher ask for Starlink – for example – to acquire or consolidate any European MSS spectrum tied to its EchoStar deal.
Telco-hyperscaler hybrid
But the second item across the RCR news desk today is an(other) example of hybrid sovereignty, which shows how hyperscalers are adapting to Europe’s sovereignty demands. Telefónica, through its digital business unit Telefónica Tech, has announced a deal with Google Cloud to deliver a “new sovereign cloud offering” for Spanish public and private organisations to “maintain strict control over their data hosted on Google Cloud”. It is the same setup as Google Cloud’s headline sovereignty deal with French aerospace and defence group Thales, which is building a new independently-managed sovereign cloud in Germany based on the US firm’s tech.
Which is the same as the Thales PREMI3NS project in the company’s home country – and unlike Deutsche Telekom’s hyperscaler-free model in Germany (although similar, again, to its own hybrid track with hyperscalers). In Spain, Google Cloud is extending the capabilities of its Madrid region to offer ‘data boundary’ services to customers. Interestingly, the US firm picked the Spanish one – as “its trusted sovereignty partner in Spain to offer i[the] service and manage… verifiable controls over data protection, residency and personnel access”. Information held in Google Cloud is encrypted by keys generated and stored in Telefónica’s cloud, said a press note.
“In this way, the keys are generated and managed by a sovereign operator from Spanish territory, providing increased protection against unauthorised access from external jurisdictions.” Which gets around extra-territorial access rules in the US Cloud Act, allowing US law enforcement to compel US-based tech firms to produce stored user data, regardless of whether the data is physically hosted on their servers inside or outside of the US. Really, this hybrid model – with Google Cloud as the owner and the architect, and Telefónica as the compliance operator and trust broker – is currently the dominant telecom/cloud operator strategy in Europe.
As RCR discussed yesterday, and variously over a few months, Europe will not de-Americanize its critical cloud operations entirely; the market is rather just evolving, buffered by geopolitics, to localize certain operating layers
on top of global hyperscaler infrastructure.
“Politicization” of business
That said, the other news-just-in (May 27), maybe the most telling, is that US-based IBM spin-off integrator Kyndryl has been blocked by the Dutch government from buying local IT services provider Solvinity because Solvinity hosts sensitive government-linked infrastructure including the country’s DigiD system, used by Dutch citizens to access medical, tax, and pension information.
Which makes clear Europe is willing to intervene even against allied US companies when digital sovereignty is at stake. Kyndryl is not a random Chinese buyer; it might be IBM by another name. But Solvinity is Dutch, and already compliant; its data centres are based in the Netherlands. So don’t mess – is the message, marking a major escalation in Europe’s sovereignty posture. Kyndryl responded in a statement: “The politicization of this process has overshadowed the clear and important benefits this transaction would have brought to Solvinity’s customers and Dutch citizens.” It talked about its continuing work in the Netherlands to “modernize legacy systems”.
But digital citizen IDs are like the crown jewels in old Europe’s new digital statecraft, and the most symbolic manifestation of its government’s raison d’être; and clearly, this is a rebalancing rather than wild autarkic abandon; more about better autonomy, resilience, control – just brought into relief by the foreign and trade policies of the Trump administration in the US. Europe still wants US cloud and AI services, and global interoperability for whatever innovation it magics out of this. It just wants them to be under EU governance conditions and operational controls – and so reduced its geopolitical exposure.
