On March 17, the Innovation Makers Alliance played an AI-generated fake newscast to an amphitheatre at Station F.[1] IMA is a consortium of the CIOs, CDOs, and innovation directors at three-quarters of the CAC 40 — France’s top-40 listed companies — and major French government ministries, roughly 10,000 tech decision-makers from 165 organizations.[2] These are the people who sign the purchase orders for Europe’s US digital services. They are the dependency.

The scenario: Trump threatens to cut Europe off from all US digital services unless he gets the Greenland deal. Cloud collapses. Logistics freeze. Cards stop working. The audience, by the journalist’s account, went silent.[3]

Ten days later, Siemens CEO Roland Busch told the Financial Times that Europe’s push for AI sovereignty could be “a disaster.”[4] Siemens is investing €1 billion in AI tools and prioritizing that investment in the US and China.[5]

The Station F audience and the Siemens CEO are looking at the same dependency. They are drawing opposite conclusions. The audience sees the threat as disconnection; the CEO sees the dependency as manageable — use the best tools no and build European alternatives over time. The audience is wrong about the mechanism. The CEO underestimates the risk. A dependency that is commercially rational for both sides can still be strategically dangerous — and the coercion doesn’t require pulling the plug.

Act 1: Build (and never build). The sovereignty conversation is framed as though Europe fell behind during the cloud era. The deficit is older than that. Much older.

No European microprocessor architecture at commercial scale.[6] No operating system built on one. No productivity suite built on that. No search engine. No smartphone platform. No social network. No cloud hyperscaler. No GPU or AI accelerator. One European enterprise software company at a global scale — SAP, founded in 1972, nothing comparable since.[7] The stack builds upward. Europe is absent at every layer.

This is not a gap that opened in 2015 when AWS hit its stride. It is a fifty-year structural deficit in every software and platform layer above the physics. Europe builds excellent cars, trains, aircraft engines, turbines, nuclear reactors, satellites, and lithography machines. ASML makes the equipment without which no advanced chip on Earth gets fabricated.[8]

But Europe has never built the digital infrastructure that runs on top of the hardware. The reasons are structural — employment systems that penalize the job-hopping a software culture requires, compensation structures that undervalue engineering relative to finance and consulting, procurement cultures that optimize for buying over building, and capital markets that have never produced a venture ecosystem at US or Chinese scale.[9] The software layer — the layer that compounds, that scales at near-zero marginal cost, that creates platform lock-in — has been American for half a century, and increasingly Chinese in consumer platforms for the last fifteen years. Europe has been a customer at every layer, in every era.

European enterprises spend approximately €264 billion per year on US digital services, roughly 80% of their total digital expenditure.[10] That is not a gap that regulation can close. It is a market verdict, delivered annually, by European companies choosing American infrastructure with their own budgets, because nothing European competes at the same level.

Act 2: Regulate (what you can’t build). The AI Act entered into force in August 2024.[11] The Cloud and AI Development Act (CAIDA) was supposed to follow — initially scheduled for March 25, 2026, then delayed to April 15, then again to May 27.[12] Layer on the DMA, DSA, and the expanding stack of cloud certification and data sovereignty requirements. The regulatory architecture is formidable, but it is not a substitute for capability.

The regulations were not all designed as sovereignty instruments: the DMA targets market dominance, GDPR targets privacy, and the AI Act targets risk. The cumulative effect is the same regardless of intent: friction applied to tools that European enterprises depend on, without competitive European alternatives to switch to.

The sovereignty advocates would argue that the €264 billion isn’t a free-market verdict — it’s a network effects trap, where European enterprises choose AWS because everyone else does, and migration costs are prohibitive. That’s a legitimate diagnosis. But the prescription — regulate first, build alternatives later — still fails the competitiveness test. Who pays the productivity cost while Europe waits?

A French manufacturer running SAP on Azure with Copilot competes against a Chinese manufacturer running the same stack without the regulatory friction and an American manufacturer running it natively. Force the French manufacturer onto OVHcloud, Nextcloud, and Mistral — even assuming all three work flawlessly, which they don’t at the same scale today — and you’ve imposed a productivity tax on a company that’s already behind. Sovereignty purchased at the cost of competitiveness is a subsidy for your competitors.

Busch named this precisely. Europe’s approach is “miscalibrated,” he told the FT. The US is “a fast-flowing river.” Europe is “standing water.”[13] He is not arguing that sovereignty doesn’t matter. He is arguing that you don’t get there by throttling the tools your companies need today while waiting for European alternatives that don’t exist yet. Slowing European adoption of AI while the US and China accelerate widens the gap that the regulation claims to close. Both costs are real — the productivity cost of forced migration and the strategic cost of connected dependency — and no one has demonstrated a path that avoids both.

Last July, a group of Europe’s top CEOs wrote to Ursula von der Leyen, asking the Commission to pause obligations under the AI Act for high-risk AI and general-purpose AI (GPAI) models.[14] The CAIDA package has been delayed twice. The Commission is listening to industry on the timeline. But the direction of travel is unchanged: more rules, applied to someone else’s products. Regulation doesn’t make European tools better. It makes American tools harder to use. Those are not the same thing.

Act 3: Scare (when regulation isn’t fast enough). Since January 2026, a wave of “Trump déconnecte l’Europe” scenarios has swept French media — Le Point, Futura Sciences, France 24, L’Usine Digitale — all variations on the same premise.[15]

There is one problem with the premise: Trump has never threatened to disconnect Europe from US digital services. The scenario was manufactured by the French IT establishment. In April 2025, the Cigref — the association of IT directors at France’s largest companies and government ministries — commissioned a study from Nicolas Bouzou’s Asterès consultancy. The methodology: interviews with six CIOs, extrapolated to all of Europe. The result: the €264 billion dependency figure that now appears in every article on the subject.[21] Cigref’s own delegate general admitted the number “doesn’t appear in any official statistics.”[22] When Trump’s National Security Strategy (December 2025) used “civilizational erasure” language about Europe and the Greenland crisis escalated in January, the lobby had its hook. Within weeks, every major French outlet was running the same scenario, citing the same number, arriving at the same conclusion: buy European cloud. The beneficiaries are not hard to identify: OVHcloud, Scaleway, Clever Cloud, and the consulting firms that would manage the migration.

The format matches the premise. The Station F video is an AI-generated deepfake newscast — a format the EU’s own AI Act (Article 50) requires to be labeled as synthetic content.[20] The organizers described it as a parody. The audience’s reaction suggests they weren’t in on the joke. A deepfake video dramatizing a scenario no one has threatened, sourced to a number no official statistic confirms, presented to the 10,000 executives who would sign the procurement contracts. That is not an analysis. It is a sales pitch.

Which is a shame, because the real coercion cases the video cited deserve better framing. Thierry Breton was banned from entering the US after enforcing the DSA. French ICC judge Nicolas Guillou was cut off from Visa, Mastercard, Amazon, and Airbnb after authorizing arrest warrants for the Israeli prime minister.[16] Huawei lost access to Android and Google Play Services overnight due to an executive order. These are real. They are also the strongest argument against the scenario the video dramatizes, because every one of them was targeted, surgical, and connected. Not a continental blackout. You don’t cut the cord. You hold the scissors. The CLOUD Act’s compelled disclosure provision (18 U.S.C. § 2713) works because data flows through US-controlled infrastructure.[17] Disconnection destroys the leverage. Connection preserves it.

The economics confirm it. That €264 billion flows both ways. No American president orders Amazon, Microsoft, and Google to vaporize a quarter of a trillion dollars in annual revenue. The math wouldn’t survive the lobbying response.

The verdict. Build failed—not recently, but structurally, across 50 years and every platform layer. Regulate has legitimate objectives — safety, privacy, market fairness — but without competitive European alternatives, its cumulative effect is friction on the tools European companies depend on, taxing their competitiveness to protect an industry that doesn’t yet exist at an equivalent scale. Scare mobilizes by dramatizing a threat model that gets the mechanism exactly backwards.

Let’s be plain about what happened at Station F on March 17. A lobby group blamed Donald Trump for a threat he never made, projected a deepfake to an amphitheatre of 10,000 executives, and called it a wake-up call for European sovereignty. The €264 billion figure anchoring the entire evening was commissioned by the lobby itself, based on six interviews, and wasn’t confirmed by any official data source.[21][22] The executives in the room are the procurement decision-makers who would benefit from the migration that the event advocates. The format — an AI-generated fake newscast designed to provoke fear before being revealed as parody — is the definition of the disinformation the EU spent five years building the DSA and AI Act to combat.[20] Le Point sent its rédacteur en chef Sciences et Tech. He reported the fear. He listed the alternatives. He did not question the premise, the number, the format, or who benefits. He promised his readers he would write about Panoramax.[19]

The European Union has spent half a decade legislating against fake news, deepfakes, platform manipulation, and undisclosed lobbying. On March 17, at Station F, a fake news scenario was dramatized via deepfake, promoted by a registered lobby, amplified by uncritical press coverage, and presented to the audience most likely to act on it without scrutiny. This was not a failure of digital sovereignty. It was a post-truth evening organized in its name.

The threat to European digital autonomy is real. I mapped the actual coercion mechanism — three switches, all wired, all permanent — in “Access, Disable, Destroy.”[18] But the threat isn’t that someone pulls the plug. It’s that they never need to, because the dependency is too comfortable and too profitable for both sides to break — and because the people responsible for fixing it would rather blame Trump than explain why fifty years of European industrial policy never produced a cloud platform.

Notes

[1] Innovation Makers Alliance, event at Station F, Paris, March 17, 2026. ima-dt.org

[2] IMA is a loi 1901 non-profit consortium founded in 2015. Its membership includes the CIOs, CDOs, innovation directors, and digital transformation leads at approximately 165 organizations — three-quarters of the CAC 40 (L’Oréal, BNP Paribas, Crédit Agricole, AXA, among others), major French ministries, and mid-cap enterprises. As of January 2026, the consortium claims roughly 10,000 individual tech decision-makers. IMA is registered as a lobbying entity with the European Commission. Sources: IMA website and EU Transparency Register.

[3] Le Point, “Et si un jour Donald Trump décidait de déconnecter l’Europe,” March 2026.

[4] Roland Busch, CEO of Siemens, interview with the Financial Times, published March 25, 2026. Accessible summary at Cybernews.

[5] Siemens is investing €1 billion in AI tool development; Busch’s statements to the FT indicated the majority is directed at the US and China. For context, the European Commission allocated €1.3 billion for AI, cybersecurity, and digital skills investment in spring 2025. The comparison is directional, not exact — Siemens’s figure covers AI tools specifically; the Commission’s covers AI plus cybersecurity plus digital skills across the full EU. The scale proximity remains striking. Note: Busch has a direct commercial interest in frictionless access to US AI infrastructure. Siemens is a major consumer of the tools the sovereignty agenda would constrain.

[6] ARM was designed in Cambridge but is owned by SoftBank (Japan) and fabbed by TSMC (Taiwan). It is not a European-controlled architecture in any operational sense. RISC-V, an open-source instruction set architecture, has European champions (SiPearl for HPC; the RISC-V International association is incorporated in Switzerland), but no commercially dominant European RISC-V processor ships at scale as of early 2026. ASML makes lithography equipment — it does not design or fabricate chips.

[7] The inventory covers nine platform layers in the modern digital stack: processor architecture, operating system, search, productivity software, mobile platform, social network, enterprise SaaS, cloud infrastructure, AI accelerator. Europe is absent from eight of nine. SAP (founded 1972, Walldorf) is the sole European enterprise software company operating at global scale — and it is the exception that sharpens the question: why has nothing comparable followed in over fifty years? Europe is present at the physics and manufacturing layer (ASML, Airbus, automotive) — the layers below the platform stack, not within it.

[8] ASML holds a monopoly on extreme ultraviolet (EUV) lithography machines required for advanced chip fabrication below 7nm. Every advanced chip from TSMC, Samsung, and Intel depends on ASML equipment. This is a genuine and strategically significant European capability — at the hardware manufacturing layer, not the software platform layer. asml.com

[9] The structural mechanisms behind Europe’s software gap are examined in detail in the “Why Can’t It Build an LLM?” country series, particularly the Japan, South Korea, and France entries. The pattern recurs across countries: employment systems that penalize mobility, compensation structures that channel talent away from software, procurement cultures that optimize for buying over building, and venture ecosystems that have never matched US or Chinese scale. The gap is structural, not incidental — it reflects system design, not bad luck.

[10] Cigref/Asterès, “Le coût de la non-souveraineté numérique de l’Europe,” 2024/2025. The 80% figure was cited by Gilles Babinet, co-president of the Conseil national du numérique, at the IMA event.

[11] EU AI Act (Regulation 2024/1689) entered into force August 1, 2024. Full application by August 2027, with staggered compliance deadlines. A group of major European CEOs requested a pause on high-risk and GPAI obligations in July 2025.

[12] The tech sovereignty package (Cloud and AI Development Act, Chips Act 2, open-source software strategy, AI-in-energy roadmap) was initially planned for March 25, 2026, postponed to April 15, then rescheduled to May 27. Reported by Euractiv. Note: the Act is referred to as both “CAIDA” and “CADA” in coverage; this piece follows the Euractiv convention. The broader regulatory stack also includes the EU Cybersecurity Certification Scheme for Cloud Services (EUCS) and France’s SecNumCloud certification — both adding compliance requirements for cloud providers operating in European public-sector and sensitive-data contexts.

[13] Busch, FT interview, March 25, 2026. Cybernews summary.

[14] Letter from European CEOs to European Commission President Ursula von der Leyen, July 2025. Reported by Euronews, July 3, 2025.

[15] The January–March 2026 wave includes coverage in Le Point, Futura Sciences, France 24, L’Usine Digitale, La Libre Belgique, and numerous aggregators. The Cigref/Asterès dependency figures appear in nearly all of them.

[16] Thierry Breton was subject to a US visa ban on December 24, 2025, under Section 212(a)(3)(C) of the Immigration and Nationality Act, for his role in creating the DSA. Secretary of State Marco Rubio described the targets as “agents of the global censorship-industrial complex.” Widely reported (CNBC, CNN, NPR, Euronews). Nicolas Guillou, French judge on the ICC Pre-Trial Chamber, was sanctioned on August 20, 2025 via expansion of Executive Order 14203 for authorizing arrest warrants against Israeli Prime Minister Netanyahu. Guillou has publicly described being cut off from Visa, Mastercard, Amazon, Airbnb, PayPal, and Expedia — stating that sanctions are “like being sent back to the 1990s.” Source: Euronews, February 18, 2026; Verfassungsblog legal analysis, December 23, 2025. Both cases demonstrate targeted, surgical, connected coercion — not wholesale disconnection.

[17] The CLOUD Act’s compelled disclosure provision (18 U.S.C. § 2713) requires providers of electronic communication or remote computing services subject to US jurisdiction to produce data in their “possession, custody, or control” regardless of where that data is stored. The mechanism depends on connection, not disconnection. See “Access, Disable, Destroy” for the full three-switch model.

[18] “Access, Disable, Destroy: The Three Switches No One Models,” The AI Realist.

[19] Le Point, March 2026. The closing paragraph reads, in full: “J’ai trouvé ce débat, en plus d’offrir une opportunité pour l’économie européenne, passionnant. Et, j’essaierai au fur et à mesure de futurs articles, de vous faire connaître des solutions françaises ou européennes intéressantes, un peu comme Panoramax, qui sont encore trop peu connues et qui, peut-être, vous intéresseront?” This is the science and technology editor-in-chief of a major French newsweekly.

[20] EU AI Act, Article 50(4): deployers of AI systems that generate or manipulate content constituting a deep fake shall disclose that the content has been artificially generated or manipulated. An exemption exists for content that is “part of an evidently artistic, creative, satirical, fictional or analogous work or programme” — but “evidently” is the operative word. A deepfake newscast designed to produce a fear response before being revealed as synthetic is not evidently fictional at the moment of viewing. The Le Point journalist described the audience reaction as an “électrochoc” — which suggests the fictional framing was not evident to the audience when the video played. Whether the IMA event’s use of the video complied with Article 50 is a question no outlet covering the event has raised.

[21] Asterès, “La dépendance technologique aux softwares & cloud services américains: une estimation des conséquences économiques en Europe,” commissioned by Cigref, presented April 25, 2025, at the Rencontres Numérique de Strasbourg. Methodology: interviews with six CIOs from large French enterprises, extrapolated to the EU on the basis that cloud-software spending is proportional to GDP. The €264 billion figure covers BtoB software and cloud services purchased from US providers. The study was subsequently cited in the November 2025 Franco-German Digital Sovereignty Summit joint declaration and in virtually every French-language article on the “Trump disconnects Europe” scenario in January–March 2026. The IMA event at Station F (March 17, 2026) and the CISPE letter to the Commission were filed on the same day. The beneficiaries of a sovereignty-driven procurement shift — European cloud providers (OVHcloud, Scaleway, Clever Cloud) and consulting firms managing migration — are well represented in the organizations commissioning and amplifying the research.

[22] Henri d’Agrain, delegate general of the Cigref, acknowledged that the €264 billion figure “n’apparaissent dans aucune statistique officielle” (does not appear in any official statistics), attributing the opacity to profit repatriation structures routed through Ireland. The admission is significant: the single number anchoring the entire disconnection campaign is an estimate from a consultancy commissioned by the lobby it serves, based on six interviews, and confirmed by no official data source.