Europe is preparing new rules that would limit Microsoft, Amazon, and Google from handling certain sensitive government data in the public sector. Under the upcoming Tech Sovereignty Package, EU member states would be required to use “sovereign cloud infrastructure” for the highest-sensitivity categories: health records, financial data, and judicial or legal documents. Private companies and non-sensitive government workloads can continue using Azure, AWS, or Google Cloud. The restrictions apply only to public-sector handling of the most critical data. The main reason is long-standing concern over the U.S. CLOUD Act, which allows American authorities to compel U.S. companies to turn over data even data stored in Europe. European officials see this as a risk to strategic autonomy and data control. The move builds on years of EU efforts around digital sovereignty, including the EU Cybersecurity Certification Scheme for Cloud Services. It aims to reduce dependence on non-European technology for critical public infrastructure. Implementation would still require approval from EU member states and is likely to involve hybrid models with greater European oversight or local partners. Details may evolve when the full proposal is released later this month.