The European Union's antitrust enforcement arm has taken a significant step to regulate the cloud computing sector, designating Amazon Web Services and Microsoft Azure as "gatekeepers" under the Digital Markets Act following a seven-month investigation. This designation represents a major expansion of EU tech oversight beyond the social media platforms, search engines, and app stores that have traditionally borne the brunt of regulatory scrutiny in Brussels. By applying gatekeeper status to cloud infrastructure services, regulators are targeting what they view as fundamental gatekeeping layers that underpin the broader digital economy.
The preliminary finding imposes sweeping obligations on the two dominant cloud providers to curtail their market dominance. Among the mandated restrictions are prohibitions on self-preferencing—a practice where cloud providers favour their own services over competitors—alongside requirements for greater interoperability between different platforms and enhanced data portability for customers. These measures aim to prevent vendors from locking enterprises into proprietary ecosystems and reduce the switching costs that make migration from one provider to another prohibitively expensive.
EU Technology Chief Henna Virkkunen framed the decision as essential to European economic sovereignty and technological independence. With over half of European businesses now relying on cloud services and artificial intelligence emerging as a strategic priority for the continent, regulators contend that these foundational technologies cannot remain concentrated in the hands of a small number of American firms. The rationale reflects broader concerns within European policymaking circles about strategic dependence on non-EU technology providers and the need to nurture a competitive ecosystem that supports both incumbent and emerging players.
The two companies immediately pushed back against the regulatory overreach. Amazon Web Services argued that the EU's assessment fundamentally misrepresents the competitive landscape by ignoring the diversity of cloud options available to European customers, including offerings from Google, IBM, and regional providers. AWS further contended that additional regulation under the DMA would create an overlapping compliance burden on top of existing requirements under the EU's Data Act, thereby discouraging capital investment in European data centres and stifling innovation that would otherwise benefit the continent's competitiveness.
Microsoft took a different tack by shifting attention to Google's position in the cloud market. The company cautioned that concentrating regulatory enforcement on AWS and Azure while overlooking Google Cloud's expanding capabilities and its integration with artificial intelligence tools would inadvertently tilt competitive dynamics in Google's favour. This strategic deflection highlights the complex dynamics within the cloud market, where integration with generative AI platforms has become a decisive factor in purchasing decisions by large enterprises seeking unified solutions.
At the core of the Commission's reasoning lies the market structure of cloud provision. Both AWS and Microsoft Azure command disproportionate revenues, operational capacity, and investment levels relative to competitors, according to EU analysis. Beyond these quantitative advantages, the regulators identified significant barriers to exit, including high switching costs and substantial customer lock-in effects that make it difficult for clients to migrate their operations to alternative providers without incurring substantial expenses and operational disruptions.
The integration of artificial intelligence capabilities into cloud platforms emerged as a particularly important factor in the Commission's analysis. The AI tools bundled with AWS and Azure, combined with exclusive partnerships these firms have cultivated, have become central to how enterprises choose their cloud providers. This dynamic effectively transforms AI accessibility into a gatekeeping function controlled by the leading cloud operators, a development the Commission viewed as troubling for market competition and innovation prospects across Europe.
The designation of cloud services as a gatekeeper sector marks a conceptual shift in how Brussels approaches digital regulation. Previous enforcement actions focused on consumer-facing platforms where network effects and data accumulation created stark competitive advantages. Cloud infrastructure, by contrast, operates further upstream in the digital value chain, supporting thousands of downstream applications and services. Regulating at this foundational level potentially influences competitive conditions across the entire digital economy, affecting everything from fintech startups to healthcare providers relying on cloud backends.
For Malaysian and Southeast Asian businesses with operations in Europe or plans to expand into the region, this regulatory trajectory carries practical implications. European subsidiaries and joint ventures will face compliance obligations if they utilise AWS or Azure, and suppliers to European customers may need to ensure their cloud infrastructure choices satisfy DMA requirements. The decision also signals that Southeast Asian regulators monitoring EU precedents may eventually adopt similar approaches to regulate their own dominant cloud platforms, particularly as artificial intelligence becomes increasingly central to regional digital strategies.
Amazon and Microsoft now enter a contested phase where they can formally challenge the Commission's preliminary conclusions before final enforcement decisions emerge over the coming months. The companies will likely mobilise substantial resources to demonstrate that cloud markets remain sufficiently competitive and contestable, and that imposing gatekeeper obligations would impede rather than enhance European technological progress. Their counterarguments will test whether European regulators remain convinced that heavy-handed intervention better serves the continent's long-term interests than fostering organic competition among cloud providers seeking to capture growing demand for AI-integrated infrastructure.
This regulatory manoeuvre reflects the EU's broader philosophy that preventing market concentration at foundational technology layers serves essential strategic objectives. Whether this enforcement approach ultimately achieves its stated goals of fostering competition and protecting European sovereignty, or instead creates compliance burdens that undermine the continent's technology sector, will significantly influence how other jurisdictions approach regulation of critical digital infrastructure.
