The EU's cloud project could still become a world standards setter, but is for now stalled by fights over data sovereignty.

Pádraig Belton, Contributor, Light Reading

December 15, 2021

6 Min Read
Cloud burst: How the EU's Gaia-X project went awry

For all the difficulties it has met along the way, Europe's cloud infrastructure project Gaia-X had impressive enough origins.

Not many tech startups, after all, get launched in the European Parliament, by the EU's president.

"We will build a European cloud as part of NextGenerationEU – based on Gaia-X," intoned Ursula von der Leyen in September 2020.

Figure 1: Ursula von der Leyen with a brolly ... because cloud, you see (Source: Michael Panse) Ursula von der Leyen with a brolly … because cloud, you see
(Source: Michael Panse)

It's now become bloated and behind schedule, the worst, most cautionary example of the potential hazards of doing things by committee in Brussels.

But months before von der Leyen's speech, in June, Germany's economics affairs minister Peter Altmaier – a trusted advisor to Angela Merkel who has been described as the most powerful man in Berlin – said Gaia-X would let Europe assert itself in the world.

Bruno Le Maire, France's minister for the economy and finance, who combines politics with a life as a prize-winning writer, appeared beside him and summoned the memory of France and Germany laying the foundation of the EU, with the European Coal and Steel Community.

Eleven German and 11 French companies were together laying "the foundations for a true European data infrastructure," he said, "based on the principles of openness, interoperability, transparency and trust."

These 22 quickly grew to over 320. Committees were hived off to write policies and rules. These are things Brussels is good at.

And part of the reason behind all this rhetoric and initial enthusiasm is the sobering fact that Europe is not a particularly big cloud player, even in its own backyard.

Deutsche Telekom is the largest European cloud provider in the European market, with a 2% market share.

By contrast, Amazon, Microsoft and Google make up 69% of Europe's market, a proportion which also appears to be only trending upwards.

This is because, in a game of scale where size matters, Amazon Web Services, Google Cloud and Microsoft Azure have plunged over €14 billion (US$15.7 billion) in just four quarters into European capital spending and the upgrade and expansion of their regional networks of data centers.

Meanwhile, Europe also lags the US in how many businesses even use the cloud.

In the EU, 21% of companies make broad use of cloud services. In North America, the equivalent figure is 33%, says market intelligence group IDC.

So if you're in Gaia-X's shoes, this shows EU companies are worrying about problems like data control, which a more homegrown alternative could maybe address.

I know a Gaia

But recently, the project has apparently given up even trying to meet its deadlines.

Updated policy rules were scheduled to come out in September. They still haven't.

Its CEO, Francesco Bonfiglio, admits his organization is struggling to deal with its workload and new massive scale.

But what's also stalling things is philosophical.

Is Gaia-X meant to be a project about data sovereignty, to keep EU citizens' data in the EU?

And, if so, how is this consistent with the recent partnerships between US cloud providers and European telcos – including, for that matter, board members of the Gaia-X project?

Both France's Orange and Germany's Deutsche Telekom, for example, have recently formed partnerships with Google over cloud services.

One sticking point about the current rules release is whether Gaia-X customers should be able to request their data to be stored and processed inside the EU.

Many telcos are less than keen to take measures to exclude US cloud providers from EU infrastructure – especially the ones who use US clouds themselves. But there still are enough Gaia-X members keen on data sovereignty to slow things down into a muddle.

Ultimately, though, even the data sovereignty cloud crowd are eyeing other fora than Gaia-X to push their premise.

The EU Digital Markets Act and the Data Act may offer ways of keeping EU data within the EU using the force of law, not the subtlety of trade standards.

Meanwhile, EU firms dissatisfied with Gaia-X's project, like Nextcloud and French cloud provider Scaleway, in June launched their own project, Euclidia.

Scaleway epically flounced out of the Gaia-X project in November, saying it was being "sidetracked and slowed down" in a way that benefits Amazon, Microsoft and Google.

Want to know more about 5G? Check out our dedicated 5G content channel here on Light Reading.

In its more high-minded rhetorical moments, though, Gaia-X was meant not to be just a grab for market share, or Europe's homegrown version of data sovereignty.

It was meant to represent Europe's open cooperative values against US corporate Big Tech on the one side and China's heavy government regulation on the other.

This is the spirit that, for instance, has seen US companies like Amazon Web Services participate in Gaia-X technical working groups.

Gaia-X also suffers from a rather complex model that can make it hard to describe without long-winded explanation.

What it isn't is a Euro-product, to compete with Amazon and Azure.

Instead, it's a set of federated systems, meant to encourage collaboration with cloud partners instead of locking customers into ironclad contracts with particular vendors.

And the operating system is being written in open source code.

These "federation services" include Identity and Trust Services, which handle authentication, credential management and verifying analog credentials.

A Federated Catalog bundles together all offers from authorized providers, so that users can find a service matching their needs.

Then, Sovereign Data Exchange Services regulate how data contracts are negotiated and enforced over the network.

And a set of Compliance Services define onboarding policies and monitor compliance by providers and services.

Together, all these are meant to organize data exchange within all the different segments of the cloud world, in a way that offers users transparency, openness and choice.

While these are Gaia-X's chief components, there are other bits soon to come online – like a labeling system, with a kitemark showing that a provider stores and processes their customers' data in Europe.

Seeking the edge

For all this, some see glimpses of potential in Gaia-X.

There's an argument its real niche could lie in edge computing.

With the bulk of data created at the edge of the cloud, there are – after all – technological and not just political reasons for wanting to process that data close to its source.

Gaia-X could follow the GDPR model. The slow, committee-driven development of its rules and protocols, which now seems so dispiriting and sluggish, ultimately could provide a compelling regulatory model that could shape digital regulation globally – like the GDPR has done in data privacy.

It could still happen.

Related posts:

— Padraig Belton, contributing editor, special to Light Reading

Read more about:

AsiaEurope

About the Author(s)

Pádraig Belton

Contributor, Light Reading

Contributor, Light Reading

Subscribe and receive the latest news from the industry.
Join 62,000+ members. Yes it's completely free.

You May Also Like