EU Proposes Expanding DMA Oversight to Cloud Computing Power - Tech Giants Face New Compliance Challenges ​

Brussels, November 18, 2025 – The European Commission is advancing a major regulatory expansion plan, proposing to include the core computing power resources of global leading cloud service providers such as Amazon AWS, Microsoft Azure, and Google Cloud into the regulatory framework of the Digital Markets Act (DMA). This move marks the extension of the EU's digital antitrust regulation from traditional platform services to underlying technological infrastructure, putting the three tech giants under multiple pressures including compliance reviews, data openness requirements, and competitive constraints. The global cloud computing industry landscape may undergo structural adjustments.​

As the cornerstone legislation of the EU's digital governance, the DMA has designated seven companies including Alphabet, Amazon, and Microsoft as "gatekeepers" since its entry into force in March 2024, covering 22 types of platform services such as search engines and social networks. The proposal to incorporate cloud computing power into regulation stems from a policy brief released by the EU in September, which indicated that AI core infrastructure such as cloud computing and chips has formed a pattern of high market concentration. Leading enterprises may hinder industry innovation through computing power monopolies. The EU Commissioner for Competition stated that as the "water and electricity" of the digital economy, fair competition in cloud computing power is directly related to the security of Europe's digital sovereignty, and this expansion is a necessary upgrade for the DMA to adapt to technological development.​

According to the regulatory draft framework, after being incorporated into the DMA, the three major cloud service providers will need to fulfill three core obligations: first, openness of computing power resources, prohibiting the restriction of cross-platform data migration for enterprises through exclusive agreements; second, upgrading data portability, establishing standardized interfaces to ensure the free flow of user data between different cloud platforms; third, algorithmic transparency requirements, disclosing the core logic of computing power allocation to regulatory authorities. Enterprises violating the above regulations will face fines of up to 10% of their global turnover, with the maximum fine increasing to 20% for repeated violations.

This regulatory change has triggered strong reactions from the industry. Microsoft, Amazon, and other enterprises have launched internal assessments and set up special teams drawing on previous DMA compliance experience. According to the DMA Annual Compliance Report released in March 2025, Microsoft established an independent compliance management body to ensure compliance through internal training and governance mechanisms; Amazon customized data sharing tools and advertising pricing verification systems for the European market. However, cloud computing power regulation involves adjustments to underlying technical architectures, resulting in significantly higher compliance costs than traditional services. Industry analysts estimate that the cumulative technological transformation investment required by the three giants to meet data portability and computing power openness requirements may exceed 5 billion euros.

For European local enterprises, the regulatory expansion brings development opportunities. OCI, a European local cloud service provider, stated that the regulation will break the implicit barriers of leading enterprises and create a fair competitive environment for small and medium-sized enterprises (SMEs). Data from the European Commission shows that AWS, Azure, and Google Cloud collectively hold 78% of the market share in cloud computing services used by European enterprises. Strengthened regulation is expected to drive market share to tilt towards local service providers.​

Notably, this regulatory expansion will form a synergistic effect with the EU's Artificial Intelligence Act and Network Resilience Act. Similar to how the Network Resilience Act establishes a full-chain responsibility system through risk classification, cloud computing power regulation will also adopt a "risk-oriented" principle, implementing stricter compliance requirements for computing power services involving key areas such as healthcare and energy. The European Commission emphasized that regulation is not intended to restrict technological innovation but to prevent monopoly risks through clear rules. It is expected that the revision of relevant legislation will complete public consultation in the first quarter of 2026.​

The market is concerned that increased regulation may lead to the transfer of compliance costs. Some SMEs have feedback that cloud service providers may raise service prices to share compliance expenses. In response, the European Commission stated that it will establish a price monitoring mechanism and set up a special fund to support SMEs in adapting to new regulatory requirements. Industry experts point out that this regulatory expansion will reshape the global cloud computing industry rules, promoting the industry to enter a new stage of "balancing compliance and innovation" from "scale competition". It is expected that regions such as the United States and Asia-Pacific may follow up with similar regulatory measures, forming a global coordinated pattern of cloud computing power supervision.