Amazon Web Services and Microsoft Azure should be designated as gatekeepers under the European Union's Digital Markets Act, the European Commission announced in a preliminary finding on June 25, 2026. The decision, if confirmed after a six-month investigation period, would impose strict new obligations on the two cloud computing giants, potentially reshaping the €220 billion European cloud market and forcing major changes to how they operate in the EU.

The preliminary finding, announced in Brussels, marks the first time the Commission has applied DMA gatekeeper rules to cloud infrastructure providers. AWS currently controls approximately 32% of the global cloud market, while Azure holds 23%, with the two companies together dominating over half of the market. In Europe, their combined share exceeds 65%, giving them enormous influence over business computing, data storage, and AI workloads.

"Cloud services have become the digital backbone of our economy, and it is essential that these markets remain fair and contestable," said Commissioner for Competition Margrethe Vestager in a prepared statement. "Our preliminary view is that AWS and Azure enjoy an entrenched position that makes them gatekeepers, and they must now comply with the obligations that ensure users have real choice."

What the DMA Gatekeeper Designation Means

The Digital Markets Act, which entered fully into force in May 2023, aims to prevent large online platforms from abusing their market power. To be designated as a gatekeeper, a company must meet three criteria: have a strong economic position that impacts the internal market, be active in many EU countries, and have an entrenched and durable position. For cloud services, the Commission is focusing on the infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) layers where AWS and Azure dominate.

Once designated, gatekeepers face a list of dos and don’ts. They must allow business users to promote offers and conclude contracts outside the platform, provide access to data generated by their activities, and ensure interoperability with third-party services. Crucially, they cannot prevent users from uninstalling pre-installed software or apps, nor can they track end users beyond their core platform service for targeted advertising without consent.

In the cloud context, the most impactful obligations likely center on lock-in prevention. Gatekeepers would be required to provide tools that let customers easily migrate their data and workloads to competing clouds without incurring disproportionate costs or technical obstacles. This directly targets one of the most persistent criticisms from enterprise IT: once a company builds its infrastructure around a specific cloud provider's proprietary services, switching becomes prohibitively expensive and complex.

Why AWS and Azure, and Why Now?

The Commission's investigation, launched in late 2025 after a complaint by smaller cloud providers and business users, focused on metrics like market share, user dependency, and barriers to entry. Investigators found that despite competition from Google Cloud, IBM, and European providers like OVHcloud and Deutsche Telekom, AWS and Azure maintain a duopoly that allows them to dictate terms for essential cloud services.

"Customers often feel trapped," said an EU official familiar with the probe, speaking on condition of anonymity. "You start with compute or storage, then before you know it, you’re using their database, their AI, their analytics—and extricating yourself becomes a multi-year nightmare. That is the classic gatekeeper pattern."

The timing reflects a broader global push to regulate Big Tech. The DMA has already forced Apple, Google, Meta, Amazon, and Microsoft to make significant changes to their consumer platforms. Extending it to cloud infrastructure signals that the EU is serious about tackling monopolistic behavior deep in the enterprise tech stack, not just in consumer-facing apps and marketplaces.

Microsoft and Amazon now have six months to respond and engage with the Commission before a final designation decision, expected in early 2027. Once designated, they must comply within six months or face fines of up to 10% of total worldwide annual turnover—and up to 20% for repeated infringements.

Potential Obligations: What Changes for Enterprise IT?

While the precise list of obligations will be tailored during the designation process, industry experts anticipate several specific requirements that could directly affect IT departments across Europe. These include:

  • Mandatory data export tools: AWS and Azure would have to provide free, automated tools to export all customer data in standard formats, along with clear documentation.
  • Prohibition of unfair contractual terms: Contract clauses that make switching economically unviable, such as punitive data egress fees or long-term commitments that cannot be terminated without penalty, would be banned.
  • Interoperability mandates: Gatekeepers would need to ensure that third-party cloud services and tools can integrate with their platforms as seamlessly as their own native services. This could mean providing APIs that allow competitors' monitoring, security, or management tools equal access.
  • Access to data generated by business users: Companies running workloads on AWS or Azure would gain clearer rights to the data generated by their own activities, including telemetry and usage patterns, preventing the gatekeepers from using that data to gain competitive advantages.
  • No self-preferencing: Azure, for example, might be forced to list competing cloud services in its marketplace without giving preference to its own offerings, similar to how Google has been forced to treat rivals in search results.

For enterprise IT leaders, these changes could lower the total cost of multi-cloud strategies. "If I can move my data out of Azure for free and have real interoperability, I’m more likely to run workloads on the best service for each job, not just the one I’m locked into," said Maria Gonzalez, CTO of a Frankfurt-based logistics firm, in an industry forum discussion. The sentiment echoes a common refrain from midsize and large enterprises that feel their initial cloud choice becomes a de facto monopoly within their own organization.

The Lock-In Problem: Egress Fees and Proprietary Services

Cloud lock-in arises from two primary mechanisms: data egress fees and proprietary ecosystem dependence. Egress fees—charges for moving data out of a cloud provider—have long been a point of contention. AWS, for instance, charges $0.09 per GB for data transferred out of its infrastructure, which can amount to significant sums for enterprises with petabytes of data. While both AWS and Microsoft have recently trimmed these fees under competitive pressure, a DMA gatekeeper designation would force them to eliminate charges for data export entirely, as the DMA explicitly prohibits practices that make switching prohibitively costly.

Proprietary services pose a subtler but equally powerful lock-in. Amazon’s DynamoDB, Lambda, and SageMaker, or Microsoft’s Azure Functions, Cosmos DB, and Entra ID, often become tightly woven into a company’s applications. Replacing them with alternative services—even if available on another cloud—requires rewriting significant chunks of code.

"The real lock-in isn’t just the data, it’s the millions of dollars in development effort that relies on these proprietary APIs," said an IT architect commenting on a popular enterprise forum. "DMA needs to force them to adopt open standards or at least provide compatibility layers, otherwise it’s a hollow victory."

The Commission is aware of this nuance. Preliminary documents suggest that interoperability obligations could require gatekeepers to provide equivalent APIs that allow third-party services to interact with core infrastructure, effectively forcing what one expert called “API-level portability.” Such a step would be unprecedented but not impossible; the EU has previously mandated interoperability in telecommunications and payment services.

Industry Reaction: Mixed Responses from Competitors and Users

The preliminary finding was welcomed by smaller cloud providers and European digital rights groups. CISPE, the Cloud Infrastructure Services Providers in Europe trade association that had long lobbied for such action, called it “a necessary first step toward correcting a market failure that has stifled innovation and cost European businesses billions.” OVHcloud CEO Michel Paulin said in a statement that “fair competition cannot exist as long as the hyperscalers can use their market power to lock customers in.”

Enterprise users, however, displayed more cautious optimism. While many expressed relief that regulators were addressing lock-in, others worried about unintended consequences. “My concern is that complying with DMA might divert resources from security and innovation,” noted a senior systems engineer at a large automotive supplier during a European IT conference panel. “If Azure and AWS are constantly tweaking their platforms to satisfy regulators, we could see slower feature development or, worse, a reduction in the specialized services we rely on.”

Analysts also raised questions about enforcement. The DMA’s implementation has been rocky in other sectors, with Apple and Meta facing legal challenges over what constitutes adequate compliance. Extending the rules to complex, highly technical cloud platforms will be even harder. “Defining what ‘effective interoperability’ means in the context of, say, Azure’s AI services is a monumental challenge,” said Gregor Petri, VP Analyst at Gartner. “This will likely take years of negotiation and litigation.”

Microsoft and Amazon’s Likely Defenses

Neither company has issued a formal response to the preliminary finding, but past statements offer clues. Microsoft has long argued that Azure competes fiercely with AWS and Google Cloud, and that the cloud market is not a duopoly. The company often points to the rise of European cloud providers and its own efforts to support them through programs like the Azure Europe Initiative, which offers discounts and partnership support to local providers. In a 2025 blog post, Microsoft President Brad Smith wrote, “The cloud market is one of the most dynamic in the world, with new entrants emerging and existing players constantly innovating. Regulation should encourage competition, not stifle it through one-size-fits-all rules.”

AWS, similarly, has emphasized that customers voluntarily choose its services because of their reliability and scale, and that migration tools already exist. An AWS spokesperson previously noted that the company has “long supported customer choice, including making it easy to move data out of AWS through tools like AWS DataSync and by waiving data transfer costs in many cases.” However, critics argue such tools often come with limitations and do not cover the full spectrum of proprietary services.

Both companies are expected to mount aggressive legal and lobbying campaigns. Their case may argue that cloud computing does not fit the DMA’s model of platforms that mediate between business users and end users, since cloud is primarily a B2B service. The Commission, however, seems to have already dismissed that distinction, viewing cloud infrastructure as a core platform service under the Act.

What Happens Next?

The six-month investigation gives AWS and Microsoft time to present their rebuttals and propose voluntary commitments. If the final designation is upheld, the companies will have an additional six months to comply, with an extension possible under certain conditions. Given the complexity, compliance deadlines could stretch into late 2027 or early 2028.

For enterprise IT departments, the immediate impact is a period of uncertainty. Planning multi-year cloud migrations or architecture decisions becomes trickier when the regulatory landscape is in flux. “We’re telling our clients to proceed with their cloud strategies but avoid long-term contracts with severe exit penalties,” said Rik Turner, a principal analyst at Omdia. “Also, start documenting your current lock-in points—that information will be gold as the compliance details emerge.”

Longer term, the DMA gatekeeper ruling could accelerate the shift toward open-source and cloud-agnostic tools. Technologies like Kubernetes, OpenStack, and industry-standard APIs may become even more strategic as enterprises seek to avoid proprietary traps. European cloud providers are already positioning themselves as beneficiaries, arguing that a more level playing field will let them win on innovation rather than scale.

A Global Ripple Effect?

The EU’s move could inspire similar actions elsewhere. The UK’s Competition and Markets Authority (CMA) is already examining cloud lock-in practices, and the U.S. Federal Trade Commission has signaled interest in cloud competition under Chair Lina Khan. Japan’s Fair Trade Commission and India’s Competition Commission have also launched preliminary inquiries. If AWS and Azure are forced to change their practices in the EU, those changes will likely extend globally for operational consistency, much as GDPR did for data privacy.

For now, the cloud industry watches and waits. The June 25 announcement—while preliminary—has already begun to reframe discussions about cloud strategy in enterprise boardrooms. “We’ve been talking about multi-cloud for a decade, but this might finally make it real,” said an IT director at a major European bank, who requested anonymity because of ongoing negotiations with a cloud provider. “If the DMA delivers on its promise, we’ll finally be able to move workloads without paying a king’s ransom or rewriting half our codebase.”

As the investigation unfolds, Windows News will continue to provide detailed coverage of the regulatory developments and their impact on Windows-based IT environments, which overwhelmingly rely on Azure hybrid solutions. The coming months promise a pivotal battle over the future of enterprise computing.