Belgium's Cybersecurity Chief Sounds Alarm on Europe's US Tech Dependence, Pushes for Digital Sovereignty

Brussels, Belgium – Belgium's top cybersecurity official has issued a stark warning to the European Union, describing the continent's heavy reliance on American technology giants as a "huge security problem" that undermines data control, stifles innovation, and exposes Europe to cyber vulnerabilities. The call for greater digital sovereignty comes amid escalating geopolitical tensions over technology dominance.

In a recent statement, Belgium's cybersecurity chief highlighted how Europe's digital infrastructure is overwhelmingly dependent on U.S.-based firms such as Amazon Web Services, Microsoft Azure, and Google Cloud. "Europe faces an enormous security problem, and it is American in nature," the official stated, according to reports. This dependency means the EU "has lost the internet," with no guarantees that sensitive data remains within European borders, potentially accessible to foreign intelligence under U.S. laws like the CLOUD Act.

The remarks, made public on January 5, 2026, underscore growing concerns within EU circles about technological autonomy. The cybersecurity chief argued that this reliance not only creates security risks but also hampers European innovation by locking developers into proprietary American ecosystems. "We cannot guarantee that data stays within the EU," the official emphasized, pointing to the need for the bloc to reclaim control over its digital future.

Mounting Concerns Over Data and Security

The warning aligns with longstanding EU frustrations over transatlantic data flows. European regulators have repeatedly clashed with U.S. tech firms on privacy grounds. The invalidation of the Privacy Shield framework by the European Court of Justice in the 2020 Schrems II ruling exposed vulnerabilities in data transfers to the U.S., where national security requests can compel companies to hand over information without sufficient oversight. Subsequent agreements like the EU-U.S. Data Privacy Framework, adopted in 2023, have faced legal challenges, further eroding trust.

Belgium, as host to key EU institutions including the European Commission and Council in Brussels, positions itself at the heart of these debates. The country's cybersecurity chief's intervention reflects a broader push among member states for "digital sovereignty" – a policy mantra championed by figures like European Commission President Ursula von der Leyen. Initiatives such as the Gaia-X cloud project, launched in 2019 by Germany and France, aim to build a federated European cloud infrastructure free from foreign dominance. However, adoption has been slow, with U.S. providers still holding over 70% market share in EU cloud services, per industry estimates from firms like Synergy Research Group.

Cyber threats amplify the urgency. Recent high-profile incidents, including the 2024 ransomware attacks on European critical infrastructure attributed to state-linked actors, have spotlighted supply chain risks in U.S.-dominated tech stacks. The cybersecurity chief noted that reliance on American software leaves Europe "vulnerable to cyber threats," as updates and patches are controlled externally, potentially introducing backdoors or delays in threat response.

Background: Europe's Quest for Tech Independence

The push for reduced U.S. dependency traces back to post-Snowden revelations in 2013, which revealed mass U.S. surveillance programs affecting EU allies. Since then, the EU has invested billions in sovereignty efforts. The Digital Markets Act (DMA) and Digital Services Act (DSA), both enforced from 2024, impose strict rules on "gatekeeper" tech firms, mostly American, to foster competition.

France and Germany have led with national champions: OVHcloud in France and Deutsche Telekom's T-Systems in Germany. The EU's €7 billion European High Performance Computing Joint Undertaking (EuroHPC) seeks to rival U.S. supercomputing prowess. Yet challenges persist. A 2025 European Commission report warned that without accelerated investment, Europe risks falling further behind in AI and cloud computing, where U.S. firms dominate 90% of generative AI models deployed in the region.

Belgium itself has bolstered its cybersecurity posture through the Centre for Cybersecurity Belgium (CCB), established in 2021, which coordinates national defenses and advises on strategic risks. The chief's statement builds on CCB's 2025 threat landscape report, which flagged foreign tech dependencies as a top vulnerability.

Implications for EU-US Relations and Future Outlook

This development occurs against a backdrop of shifting geopolitics. U.S. export controls on advanced chips since 2022 have spurred EU efforts to onshore semiconductor production via the European Chips Act, allocating €43 billion. Meanwhile, China's rising tech influence adds pressure, prompting the EU to balance diversification without alienating its closest ally.

Industry groups like EuroCloud Europe have welcomed the call but cautioned against outright decoupling, which could raise costs for businesses. U.S. tech lobbyists, via the Computer & Communications Industry Association, argue that their services enhance security through scale and expertise.

As the EU prepares for its 2026 digital strategy review, Belgium's voice could galvanize action. Commission officials have signaled plans to expand "trusted" cloud certifications under the EU Cloud Code of Conduct. Whether this translates into concrete mandates remains to be seen, but the cybersecurity chief's warning has reignited the sovereignty debate at a pivotal moment.

The statement risks straining transatlantic ties, especially with upcoming U.S. elections potentially altering tech policy. For Europe, achieving digital independence will require sustained investment and political will to counter the convenience of U.S. solutions.

(Word count: 712)