• The European cloud computing market is worth €53bn and is set to climb to €300-500bn by 2027, generating 500,000+ jobs.
• 82% of the decision-makers surveyed said they had increased their use of the cloud in direct response to the pandemic.
•However, without tackling issues such as data sovereignty and competition from US Hyperscalers, Europe stands to lose up to half of its economic and social impact in this market.
The European cloud industry is booming but not very competitive
In Europe, the cloud computing market (organised around three types of services: Software-as-a-Service, Platform-as-a-Service and Infrastructure-as-a-Service) grew by 27% per year between 2017 and 2019. It was worth an estimated €53 billion in 2020 and is expected to climb to between €300 billion and €500 billion by 2027-2030. The Covid-19 pandemic further accelerated the use of cloud services, which proved their strategic importance as vital infrastructure that breeds resilience. 82% of the decision-makers surveyed said they had increased their use of the cloud in direct response to the pandemic.
The European cloud industry is dominated by three major operators (“hyperscalers”), which control 70% of the IaaS market: Amazon with AWS (53%), Microsoft with Azure (9%) and Google Cloud (8%). However, European cloud specialists and telecom operators are gradually increasing their foothold in their domestic markets. OVHcloud and Deutsche Telekom are ranked third and fourth in their respective countries in the markets for IaaS and PaaS.
Essential but restrictive migration
The migration of businesses and organisations to the cloud is being driven by operational and financial optimisation strategies. The main reasons cited in the White Paper for using cloud services are:
•Flexible capacity use;
•Collaboration between teams and secure data exchange;
•Agile and fluid roll-out;
•Security and resilience;
•Agile roll-out of strategic activities.
For decision-makers, GDPR compliance and data sovereignty are important criteria when selecting a cloud service provider.
The thorny data sovereignty issue
A spate of data protection regulations has come into force in the United States and the European Union since 2016 (GDPR, US-EU Privacy Shield, the Cloud Act, etc.), aimed at setting a strict legal framework for data traffic. However, the CJEU’s (Court of Justice of the European Union) 2020 ruling invalidating the EU-US Privacy Shield highlighted what appear to be irreconcilable incompatibilities between the US regulations and the principles of the GDPR.
As a result, in the vast majority of cases, companies that transfer European citizens’ personal data to the servers of non-European companies (even those with operations in Europe) no longer have a reliable legal basis for doing so, and are exposed to both legal and industrial risks, bearing in mind that global cloud service providers often have access to their confidential data and intellectual property. The financial and operational implications of this situation go far beyond the remit of individual IT departments, making data sovereignty a key issue in corporate governance.
European data sovereignty hinges on a combination of eight criteria, which must be taken as a whole, in order to ensure full compliance and comprehensive risk prevention. Data sovereignty could well become a commercial issue due to European consumers’ mounting expectations in this area.
Five scenarios for the European market
With all this in mind, the situation in the European cloud industry needs to evolve. A number of scenarios are possible. KPMG has pinpointed five scenarios in its White Paper:
• The treatment of the cloud as a shared resource, with more voluntary interoperability between cloud services, or even a federation of operators structured around shared sector-based cloud ecosystems.
• The rise of European operators, propelled by the emergence of new market segments; edge computing, the development of artificial intelligence, particularly for industrial applications; sovereign data services, etc.
• The emergence of a powerful regulatory drive, notably with the creation of a cloud regulatory authority, stricter regulation of business practices, forced interoperability between operators imposed by the regulator and greater regulation of cloud-based or cloud-derived innovation.
• A “Europeanisation” of the operations of the major non-European cloud players, whereby they would be governed by regulations that would ensure effective regional value creation for Europe, and be required to strictly comply with European regulations.
•A functional or structural separation of operators’ cloud activities from their other activities, including the creation of separate legal entities, echoing the current calls for talks on the Big Tech firms in the United States.
The White Paper shows that the future of the European cloud industry could lie in a combination of some of these scenarios over various time horizons. In the absence of a major game-changer, if the hyperscalers were to become even more powerful, Europe could lose out on 20% to 50% of the estimated economic impact of the cloud computing market.