The European Commission unveiled its Technological Sovereignty Package on June 3, and the framing is the story. For most of the past decade, European digital policy meant rules: GDPR, the DMA, the DSA, the Data Act, the AI Act.
This package is about capacity instead. A revised Chips Act, a Cloud and AI Development Act, an Open Source Strategy, and a digitalisation roadmap for energy, all pointed at the same problem: Europe can write the rules but cannot yet build the stack they govern.
The honest question is whether capacity-building can move faster than the rules it complements. The same week, Brussels was quietly deferring AI Act deadlines it set a year ago, and its flagship Gigafactory tender was slipping again.
Policy & Regulation
A revised Chips Act bets on demand, not just fabs
The original 2023 Chips Act was a pandemic-era response built around manufacturing capacity. The revision recognises that fabs alone do not close the gap.
Chips Act 2.0 adds demand-side tools that lean on Europe's AI infrastructure and data-centre buildout to pull high-performance chip orders toward domestic suppliers. It designates "Strategic Projects" across the value chain for fast-track permitting and easier access to public investment, and floats a first EU advanced-node facility with pilot production targeted for 2030 to 2033.
There is also a quieter mechanism worth watching: a business-to-business platform for firms to share aggregated, non-sensitive supply-chain data and spot chokepoints early. Demand-pull is the right instinct, but a 2030 pilot line is a long runway against a market that moves in quarters. (Global Policy Watch) (techUK)
The Open Source Strategy is the most concrete lever in the package
Buried under the cloud and chip headlines is the most actionable item. The new Open Source Strategy introduces an "open source-first" principle for public-sector cloud and AI software purchases, following a "public money, public code" logic.
That turns procurement into industrial policy. Public buyers are one of the few demand levers Brussels controls directly, and steering them toward open, interoperable systems is a faster path to reducing vendor lock-in than any fab.
The strategy also commits to strengthening open-source ecosystems and interoperability standards for public administrations. The test is enforcement: an "open source-first" rule only bites if procurement officers have to justify departures from it. (Global Policy Watch) (European Commission)
The AI Act Omnibus defers the watermarking deadline this briefing flagged last week
Last week, the watermarking Code of Practice looked like the near-term document to read before an August 2 deadline. That deadline has moved.
The Digital Omnibus deal, provisionally agreed on May 7 and heading for formal adoption this month, pushes Article 50 transparency and labelling obligations from August 2 to December 2, and defers high-risk system duties to December 2027. It also adds a new Article 5 prohibition on AI that generates non-consensual intimate imagery and CSAM, effective December 2, 2026.
So the direction of travel is relief on timelines paired with one sharp new red line. Providers building generative image or video tools get four more months; anyone building a nudifier app gets a hard ban. (Global Policy Watch) (Council of the EU)
Capital & Investment
A Polish-Ukrainian radar startup draws Nordic defence capital
Molfar Defence Technologies closed the first €1.5 million tranche of a €2 million round on June 3, led by Sweden's Front Ventures as first institutional backer. The company builds tactical radar to detect small, low-flying drones, and works directly with the Ukrainian Armed Forces and a major Polish defence supplier.
This is the sovereignty package's logic playing out in the market without waiting for it. Operational feedback from the front line, a Polish-Ukrainian engineering base, and Swedish capital is exactly the cross-border defence-tech pattern Brussels is trying to scaffold from the top down. (Tech.eu) (AIN)
Compliance-as-code attracts capital as the rulebook keeps shifting
Munich's Bayshore raised $8 million in seed funding on June 2, led by Earlybird in a round that reportedly took two weeks. It turns legal and compliance rules into machine-readable code that constrains AI agents, and says several Global 2000 firms already run it.
There is a tidy irony here. The regulatory complexity that the Omnibus is trying to simplify is itself becoming a venture category, and the faster deadlines shift, the more valuable a system that re-encodes them on the fly becomes. (Tech.eu) (EU-Startups)
The price tag on the capacity bet is where the package gets real
The sovereignty package puts numbers on the ambition: roughly €120 billion for semiconductors, €200 billion for data centres by 2036, €100 billion for cloud and AI, and €2 billion for open-source software over seven years.
The Commission cannot write those cheques. Most of that has to come from private capital and member-state budgets, which is why the demand-side tools and procurement rules matter more than the headline figures. (CNBC) (Global Policy Watch)
One to Watch
The AI Gigafactory tender keeps slipping
For all the capacity language, the flagship project is stuck in the preparatory phase. The €20 billion InvestAI Gigafactory tender, originally due to close in late 2025, has drifted into 2026 and may now slip to summer.
The demand signal is not the problem: 76 expressions of interest represent over €230 billion in potential investment, more than ten times the public seed. The bottleneck is procurement design and energy siting, both squarely within the Commission's control.
Watch EuroHPC JU and DG CONNECT over the coming weeks. If the tender closes this summer, the capacity pivot has a flagship; if it slips again, the gap between rule-writing and stack-building stays Europe's defining weakness. (CTOL) (European Commission)