preloader

· aws azure cloud eu digital-markets-act compliance regulation europe infrastructure

EU Issues Formal Gatekeeper Objections Against AWS and Azure, Triggering Six-Month Compliance Countdown

Source: European Commission / resultsense.com / Windows News

The European Commission issued a formal Statement of Objections to Amazon Web Services and Microsoft Azure on June 25, 2026, setting in motion the first formal application of the Digital Markets Act to cloud computing infrastructure. This is a significant escalation from the investigation and preliminary findings phases covered in earlier reporting: it is now official EU regulatory action with a defined legal timeline.

What a Statement of Objections means in practice

Under the Digital Markets Act process, a Statement of Objections is the document the Commission issues when it has reached a formal preliminary conclusion that a company meets the criteria for gatekeeper designation. Receiving this document is not a final ruling, but it is not a preliminary inquiry either.

AWS and Microsoft now have eight weeks to respond in writing. After receiving written responses, both companies can request an oral hearing. The Commission is expected to issue a final designation decision by late October 2026. Once designated, a gatekeeper enters a six-month compliance countdown to implement the full set of DMA obligations. Non-compliance after that window is subject to fines of up to 10 percent of global annual turnover, and repeated or serious infringement can trigger structural remedies.

Why cloud infrastructure is in scope

The Commission’s preliminary assessment found that AWS and Azure together hold over 70 percent of the EU cloud infrastructure market. AWS is estimated at 35 to 40 percent of that market, Azure at 30 to 35 percent. Both figures exceed the DMA’s quantitative thresholds for gatekeeper designation.

The Commission also explicitly named AI tools and AI-cloud partnerships as a decisive factor in cloud procurement decisions. The argument is that organisations already invested in AWS or Azure AI services face compounding switching costs: moving a workload without also moving the AI stack is operationally difficult, and the AI stack increasingly runs natively on the underlying cloud. The Commission views this combination as a structural form of lock-in that the DMA is designed to address across digital markets.

What obligations would follow designation

If the final decision confirms the Statement of Objections, AWS and Azure would be required to:

Interoperability. Provide technical interfaces enabling customers and third-party services to connect workloads across cloud platforms. Proprietary APIs that create friction when moving workloads would need to be accompanied by open interoperability mechanisms available at no extra charge.

Data portability. Guarantee that customers can export their data and workloads in formats compatible with other providers, without disproportionate technical or contractual barriers. This applies to stored data, configuration data, and operational data generated by services running on the platform.

No self-preferencing. AWS and Azure would be prohibited from favouring their own services over equivalent third-party offerings running on their infrastructure, whether through technical design, pricing, or commercial terms.

Both Amazon and Microsoft have indicated they intend to engage with the process before the final decision. Amazon argued that the DMA was designed for consumer-facing platforms and that enterprise cloud is inherently competitive. Microsoft warned that blanket interoperability mandates could compromise security architecture and slow the deployment of critical updates.

What this means for European organisations

The DMA designation, if confirmed, will eventually make the legal framework around cloud switching more favourable. Data portability requirements mean cloud providers will face legal obligations to facilitate customer departures rather than create friction around them.

In practice, however, the value of legally mandated portability depends on an organisation’s ability to act on it. Workloads that were built tightly coupled to provider-specific managed services, proprietary data formats, or platform-native AI tooling will not become straightforwardly portable because the regulation says they should be. The effort required to disentangle provider-specific dependencies is technical and organisational, not legal.

European organisations running significant infrastructure on AWS or Azure should be assessing their current exposure to provider-specific lock-in now, not after the final designation decision. A useful starting point is identifying which services in the current stack have equivalent alternatives on other platforms, what data formats are in use, whether configuration-as-code practices are already in place, and what the realistic cost and timeline of migration to an alternative provider would look like.

The DMA creates an opening. Organisations that have done the architectural groundwork will be positioned to use it. Organisations that have deferred that groundwork will face a gap between what the regulation enables and what they are operationally capable of doing.

If your organisation wants to understand its current cloud dependency profile, assess portability constraints in its existing infrastructure, or plan an architecture that reduces exposure to a single provider, contact Excello Digital. We help European organisations evaluate their cloud infrastructure strategy in light of both current operational requirements and the regulatory direction that the DMA designation process represents.

These news items are automatically aggregated from industry sources and are not individually reviewed. Any inaccuracies are unintentional — let us know and we'll correct or remove it.

Back to news

We’ll help you resolve your infrastructure challenges

Our team of experts is ready to help you with your infrastructure challenges. We’ll give you honest and personal treatment. Get in touch to learn more.

Get in touch!