Tory EvansBrussels Is Picking a Tech Fight That European Companies Don't Actually Want
March 13, 2026
I want to start with something that I think gets overlooked in almost every piece written about the EU's war on Big Tech. There are two separate fights happening simultaneously in Brussels right now. One is the fight Brussels says it's fighting - a heroic regulatory crusade to protect consumers, level digital markets, and claw back European sovereignty from Silicon Valley. The other is the fight European companies are actually asking for - which is to please, for the love of everything, simplify the rulebook so they can stop spending half their budget on compliance lawyers and start building things.
Brussels chose the first fight. European businesses needed the second one.
I've been watching this story develop for a while and I'll tell you my read: the European Commission has become so committed to its identity as the world's fearless tech regulator that it has started confusing that identity with actual strategy. These are not the same thing. Punching Google is not the same as helping a German SaaS startup scale. And right now, the continent desperately needs more of the second and could honestly use a pause on the first.
What Brussels Is Actually Doing
With landmark legislation including the AI Act, Digital Services Act, and Digital Markets Act, the European Union has established itself as a global leader in tech regulation. That part is true and not nothing. This year, the bloc stepped up enforcement of these rules to rein in the power of companies such as Amazon, Apple, Google, Meta, and Microsoft.
The fines have been real. The DMA fines amounted to €500 million for Apple and €200 million for Meta. Elon Musk's X was hit with the first fine under the DSA on December 5, a €120 million penalty for a lack of transparency over its "blue checkmark" for supposedly verified accounts as well as its failure to provide researchers access to public data. The Commission opened a formal antitrust investigation into how Google uses content to train its AI models. The enforcement calendar for 2026 is genuinely aggressive.
And Teresa Ribera, the EU's competition chief, has been absolutely unapologetic about it. Ribera has made clear that Brussels will not compromise its regulatory framework, telling the Financial Times that US tactics amount to "blackmail" and insisting the European digital rulebook is "not up for negotiation."
I understand the impulse. I really do. The US is applying pressure in ways that go well beyond normal diplomatic disagreement. The Trump administration took its fight with the EU over tech regulation to a new level, denying visas to five Europeans and accusing them of seeking to censor "American viewpoints." When your geopolitical adversary starts banning your regulators from entering the country, the instinct to hold the line is completely natural.
But here's the part Brussels doesn't want to hear: the European companies they're supposedly protecting are not cheering.
The People This Is Supposed to Help Are Exhausted
I want you to sit with a specific number for a second. Out of Mario Draghi's 383 competitiveness recommendations for Europe, only 43 - 11.2% - have been fully implemented, with 87 still completely untouched. Draghi himself called the AI Act "a source of uncertainty" and called for a pause on European AI rules to assess potential drawbacks.
This is not some right-wing deregulation guy. This is the former head of the European Central Bank, the man credited with holding the eurozone together, commissioned by von der Leyen herself to diagnose Europe's problems. And his diagnosis was blunt: Draghi underlined Europe's failure to develop an innovative tech sector by pointing to the increasing productivity gap between the EU and the United States, concluding this was mainly due to "Europe's failure to capitalise on the first digital revolution led by the internet - both in terms of generating new tech companies and diffusing digital tech into the economy."
The complaints coming from inside the European tech community are not manufactured. In July 2025, 56 EU-based AI companies - including France's Mistral AI and Germany's Aleph Alpha - signed a public letter urging the Commission to pause and simplify parts of the AI Act. These companies warned that compliance costs could stifle innovation if left unaddressed.
Mistral and Aleph Alpha. These are the exact companies Brussels should be nurturing as European AI champions. They're not asking to be free of all rules. They're asking for clarity, for simplified procedures, for a regulatory environment they can actually navigate while also shipping product.
I had a client - I do business coaching alongside my B2B work - who spent three months trying to get a software product GDPR-compliant across multiple EU member states. Not because the rules were wrong, but because each law has different deadlines, reporting procedures, and authorities. The GDPR and other regulations are enforced at Member State level, while exclusive power to enforce GPAI rules rests with the Commission, and high-risk AI rules fall to national level - so the GDPR, AI Act, and other regulations all rely on different enforcers. He burned through budget that should have gone into development. He ended up pivoting to the US market first. Brussels lost him without even noticing.
The most pressing issues for European businesses remain fragmented rules across the EU, heavy regulatory burden, high compliance costs, and regulatory uncertainty - all of which lead European companies to focus on compliance instead of scaling. Draghi mentioned in September that simplifying the GDPR remains "one of the clearest demands" among European companies, noting the GDPR has "raised the cost of data by about 20% for EU firms, compared with US peers."
That's not a talking point. That's a tax. A 20% data cost handicap before you've written a line of code.
The Infrastructure Problem Nobody Wants to Talk About
Here's what gets me the most. While Brussels is busy issuing press releases about fining Meta and protecting European consumers, the actual underlying infrastructure of the European digital economy has been quietly handed over. An estimated 90% of Europe's digital infrastructure - cloud, compute, and software - is now controlled by non-European, predominantly American, companies.
Ninety percent. And the Commission's own situation isn't better than the private sector. Just 1% of the European Commission's own cloud stack runs on a homegrown champion - OVHCloud - with the remaining 99% beholden to US firms.
So Brussels is writing aggressive enforcement decisions against American companies while simultaneously running almost entirely on American cloud infrastructure. I'm not saying that's hypocritical exactly - I'm saying it reveals what the real problem is. The problem was never that Meta made you click through a consent banner. The problem is that the big three American hyperscalers account for nearly two-thirds of Europe's cloud market, while the share European providers hold has dropped from 27% in 2017 to 15% today.
Derek in our office said something dumb this week - he always does, it's his gift - but he said something accidentally smart: "Why does Brussels keep writing tickets for the cars parked on their lawn when they don't own any cars?" I think about that more than I should.
The enforcement model Brussels has chosen is essentially a fine-based deterrence strategy. Violators can face fines of up to 6% of global turnover, and the EU has the power to ban offending platforms from Europe for repeated non-compliance. But some analysts dismiss the Digital Markets Act and antitrust cases as ineffective distractions from the real structural issue: Europe doesn't build, it regulates. It doesn't fund at scale, it penalizes. The path forward requires a fundamental shift in mindset: from talking to building, from regulating to investing, from passivity to action.
The Omnibus Was Supposed to Fix This
To be fair to Brussels, they know something is wrong. The Digital Omnibus - a package meant to streamline and simplify Europe's overlapping digital rulebooks - was an acknowledgment that the regulatory architecture had gotten out of hand. The Computer and Communications Industry Association Europe warned that failing to support and strengthen the Omnibus - the EU's first serious attempt to simplify its complex digital rulebook - risks compounding Europe's competitiveness problems.
But then something predictable happened. Those closely watching concluded that past efforts to simplify EU tech rules have faltered due to political infighting, inconsistent implementation, and national gold-plating. Tech companies have shown tremendous patience in navigating today's regulatory patchwork, but that patience has reached its limit.
I genuinely believe the patience thing. I run a small coaching practice alongside this work, and I've started using software to manage client outreach and follow-ups. (For what it's worth, tools built for European markets have gotten noticeably more conservative in what data they'll handle since the AI Act provisions kicked in - not necessarily bad, but the friction is real. Anyone doing B2B lead generation in European markets right now knows exactly what I'm talking about.) The compliance overhead for smaller European operators isn't an abstraction. It's Tuesday night at 11pm trying to figure out which data handler rule applies to your CRM sync.
Linda showed me a thread last week where founders from Estonia, the Netherlands, and Portugal were comparing notes on how many full-time compliance hires they needed before they could even think about Series A. Linda said Gerald's nephew is starting a fintech company and has already spent more on legal advice than on engineering. She said it with the same tone she uses when she thinks something is deeply broken but is too polite to say so directly. Gerald's nephew is not raising that issue because of Meta's advertising model. He's raising it because of the same patchwork that Draghi flagged and that the Omnibus has so far failed to actually simplify.
The Geopolitical Framing Is Being Used to Avoid the Harder Conversation
Here's my actual take, the one I keep coming back to: Brussels has found a geopolitical narrative that lets it avoid accountability for its own failures.
When you frame every conversation about EU tech regulation as "Europe vs. Silicon Valley," you get to position yourself as the defender of democratic values. You get standing ovations at Davos. You get to call US pressure "blackmail" and mean it. And none of that is entirely wrong - the Trump administration's open hostility to the EU and close connections with tech CEOs brought long-simmering transatlantic tensions over how to regulate Big Tech to a boil. The geopolitical pressure is real.
But it is also extremely convenient. Because every time someone asks why European cloud market share fell from 27% to 15%, or why many innovative European enterprises end up moving to the United States or elsewhere, with the most popular rationale being overregulation, Brussels can just point to Elon Musk or Trump's tariff threats and change the subject.
Many speculated that the DMA fines were kept low because Brussels was trying to avoid escalating tensions with the Trump administration, whose administration threatened trade retaliation against the bloc if it continued antitrust action against US companies. So the enforcement is tough on rhetoric and soft on penalty. The fines are real but calculated not to actually trigger consequences. It's all theater until it isn't, and by the time it isn't, the infrastructure dependency is even worse.
Chris asked me last week if I thought the EU would ever actually break up a US tech giant. I told him I thought it was about as likely as me getting my car back through sheer optimism. He laughed because he thought I was joking. I was not entirely joking.
What This Means If You're Running a Business
If you operate across any EU market - whether you're a European company or an international one selling into Europe - the picture is actually more complicated than the headlines make it seem, and more expensive than you might have budgeted for.
The compliance costs are not going away. The AI Act rules on general-purpose AI became effective in August 2025 and more provisions are rolling out through 2027. The EU is considering a one-year pause on implementing many of its provisions on high-risk AI - a move that is likely to please both US and European firms - but "considering" is doing a lot of work in that sentence. Anyone who has watched the Digital Omnibus process knows that "considering" can last years.
If you're building outbound processes, European contact databases, or customer communication workflows that touch EU users, you need to think about this carefully. Not because Brussels is going to come for you specifically, but because the rules are fragmented and inconsistently enforced at national levels - and that creates real risk exposure that compounds at scale. The kind of email finder tools and outbound infrastructure you're using almost certainly has European compliance implications that the vendor summary doesn't fully address.
The regulatory compression happening across SaaS markets is already reshaping how vendors approach European customers - shorter data retention defaults, more conservative enrichment, less aggressive behavioral tracking. That's the Brussels Effect in practice, whether or not Brussels is winning the broader fight.
My Read on Where This Ends
Brussels is not going to win the war it thinks it's fighting. You cannot fine your way to digital sovereignty. Building a European competitor to Amazon Web Services or Microsoft Azure now, in markets already dominated by hyperscalers with colossal economies of scale, is "pie in the sky." That's not pessimism, that's arithmetic.
What Brussels could do - what it should have been doing while it was busy writing the DSA and the DMA and the AI Act - is fund European technology development, with public bodies acting as launching customers to create initial demand and prove viability, with the goal not of autarky but of resilience - reclaiming a meaningful share of its own market.
Instead, it built the most elaborate regulatory architecture in the history of digital markets and then watched its own cloud market share cut nearly in half over the same period. I don't want to be cruel about it. I understand the instinct behind every single one of these laws. But intentions aren't outcomes, and the outcome is that European companies are spending more on compliance than on shipping, while the infrastructure quietly becomes more American by the quarter.
The tech fight Brussels is picking isn't wrong exactly. It's just aimed at the wrong target. The threat to European companies isn't that Meta runs ads without enough transparency. It's that European companies can't scale fast enough to matter. One of those problems generates press releases. The other one generates emigration to California.
I sent my 6am motivational text from the parking garage this morning, same as always. The wifi still reaches even without the car. Sometimes you maintain the infrastructure even when the thing you built it around is gone. I thought about that longer than was probably healthy, and then I thought: Brussels, that's your whole strategy.
At some point you have to build the car back.