EU Cloud Act to Triple Data Center Capacity by 2031, Reshaping Vendor Strategy
Europe's new Cloud and AI Development Act mandates a 3× increase in EU data center capacity within 5–7 years. For enterprise buyers, this transforms cloud vendor selection from a technology decision into a regulatory compliance issue.
EU legislates a 3× data center capacity build-out
The European Commission's Cloud and AI Development Act (CADA) requires at least tripling EU data center capacity in the next 5–7 years, with full sovereignty over business and public-sector cloud needs by 2035. The mandate arrives as part of a broader European Technological Sovereignty Package covering semiconductors, AI, cloud infrastructure, and open source.
For enterprise buyers, CADA is not a recommendation. It is a structural demand signal that will reshape where workloads run, which vendors compete effectively in EU markets, and how much regulatory risk attaches to cloud vendor decisions. The Act follows NIS2 and DORA, which already tightened security, resilience, and data localization requirements for financial services, critical infrastructure, and digital service providers. CADA formalizes the expectation that EU workloads should run on EU-governed infrastructure.
This is a regulatory strategy issue, not just a technology choice. CIOs and procurement officers need to revisit region strategy, data residency commitments, and sovereign cloud roadmaps now, because the cost and risk of non-compliance or forced migration later will be higher.
What changes for vendor selection and contract strategy
CADA strengthens the competitive position of EU-based cloud providers—OVHcloud, Deutsche Telekom, Orange, Atos—relative to AWS, Microsoft Azure, and Google Cloud. Hyperscalers will build EU capacity to meet the mandate, but sovereign cloud providers gain a regulatory tailwind that did not exist at this scale before. The EU also launched EURO-3C, a €75 million federated telco-edge cloud project, signaling that telecom operators and edge platforms will compete for EU workloads alongside hyperscalers.
For buyers, this means multi-cloud and exit strategies are no longer optional. Regulatory lock-in risk increases when capacity requirements and data sovereignty rules intersect. If your workloads are anchored to a single hyperscaler with limited EU footprint, the cost and complexity of meeting CADA compliance could force a migration. Contracts signed now should include:
- Explicit commitments on EU-region capacity availability and pricing over multi-year terms. - Data portability and egress terms that do not penalize movement to compliant alternatives. - Service-level agreements that cover NIS2 and DORA resilience requirements, not just uptime.
The legislated capacity expansion implies more supply in-region over the medium term, which should moderate long-run price pressure. But near-term, expect higher costs. AI-driven infrastructure demand, sustainability compliance, and the capital expense of tripling capacity will push prices up before they stabilize.
New capacity outside Europe shifts regional availability
While Europe tightens regulatory control, Asia-Pacific and Africa are adding massive new data center capacity that changes the calculus for enterprises with workloads in those regions.
CDC Data Centres secured a 555 MW contract in Australia—the largest in the country's history, equivalent to 40% of Australia's total operating data center capacity in 2025. The customer is unnamed but likely a hyperscaler or AI company. Operations begin in FY28–FY29. This matters because a single contract absorbed a huge block of future capacity, which will increase scarcity and pricing pressure for other buyers in Australia until additional campuses come online.
Gorilla Technology Group announced a 200 MW AI campus in Korat, Thailand, designed for six data halls supporting 150 MW of IT load and approximately 76,000 GPUs at full deployment. TikTok committed $29 billion to Thailand's digital infrastructure, aiming to make the country a regional hub for data centers, cloud services, and AI. In Nigeria, Kasi Cloud opened its Lekki campus in Lagos, described as West Africa's first hyperscale-ready, AI-capable, carrier-neutral platform.
For enterprises with Asia-Pacific or Africa operations, these projects provide new options for low-latency AI workloads, data residency, and hybrid strategies. But most of this capacity arrives mid- to late-decade. Buyers negotiating multi-year cloud or colocation contracts now should structure terms that allow rebalancing toward these new locations when they go live. Fixed-term contracts that lock you into older regions or higher-cost facilities before this capacity is available create unnecessary cost and performance drag.
What to watch
CADA's implementation details—especially funding mechanisms, compliance timelines, and penalties for non-EU capacity reliance—will emerge over the next 12–18 months. If your organization operates in regulated sectors or depends on EU customers, start mapping which workloads must move to EU-governed infrastructure and what that costs versus your current architecture.
In Asia-Pacific, watch for capacity shortages and price increases in Australia before CDC's 555 MW comes online. If you have growth plans in that market, secure capacity commitments now or build contingency plans around alternative providers in Singapore or Japan.
The broader pattern is clear: cloud infrastructure is fragmenting along regulatory and sovereignty lines. The era of borderless hyperscale cloud is over. Your vendor strategy needs to account for where data legally must reside, not just where it runs cheapest or fastest.
Technology decisions, clearly explained.
Weekly analysis of the tools, platforms, and strategies that matter to B2B technology buyers. No fluff, no vendor spin.
