For a digitally independent Europe: Major European cloud providers join forces to define new open API standard

• SECA (Sovereign European Cloud API) is the new open Cloud industry standard API, initiated by Aruba, IONOS and Dynamo.
• The standard is designed to be open and inclusive, with an invitation to all European cloud providers to adopt and contribute to its development.
• This best-in-class standard promotes digital sovereignty and independence for European businesses and the public sector, allowing them to deploy and manage cloud infrastructure without vendor lock-in and loss of data-control.
• The benefits of SECA include improved interoperability, scalability, and security, as well as increased independence and flexibility for customers for the long term.
• The SECA API provides a crucial building block for the EuroStack initiative, enabling the creation of a sovereign and interoperable digital infrastructure for Europe.

Milan, Italy – 5^th March 2025.

In a pioneering effort to advance cloud services as the foundation of true digital sovereignty across Europe – Aruba, IONOS and Dynamo together have announced a new Application Programming Interface (API) specification for Cloud Infrastructure Management during the Dynamo Cloud Business Forum in Milan, Italy. The Sovereign European Cloud API (called SECA), in its first iteration, is now available to all European cloud providers, offering free access and zero operational costs. This collaboration aims to enhance data interoperability between cloud services, enabling users to deploy and run workloads and applications seamlessly across different cloud environments of their choice. It also ensures seamless access to the respective platforms, while upholding the highest levels of security, control, and data sovereignty in full compliance with stringent European standards.

At the same time, this will enable enterprises to leverage integrated solutions that drive greater efficiency and innovation, all while ensuring full compliance with European regulations. Aruba and IONOS will be the first two European Cloud Service Providers (CSP) to make the new SECA API available to their customers. Dynamo, the all-in-one platform for integrating multiple operators into a unified B2B marketplace open to EU providers under European legislation, will implement connectors based on SECA to automate the provisioning process for all compatible providers joining the network. The SECA standard will be open, inviting all European cloud providers to adopt it, ensuring uniform access for all providers who choose to integrate with it.

Industry Leaders Weigh In: SECA Sets Stage for European Digital Sovereignty

Achim Weiss, CEO of IONOS, said, “IONOS, as Europe’s number one digitalisation partner for SMBs, is committed to ensuring that our businesses and citizens have the digital independence they need to thrive. AI and Cloud are transforming the global economy, and Europe cannot afford to be left behind. Europe needs a strong, sovereign digital ecosystem. SECA is a critical step in building a secure, independent, and future-proof digital infrastructure – one that keeps Europe strong, competitive, and in control.”

Stefano Cecconi, CEO of Aruba S.p.A., stated, “It’s an industry-led initiative, and Aruba is proud to be a key part of it. The creation of these common APIs – with Aruba and IONOS as first movers – marks a pivotal and voluntary step for the European cloud industry towards enhanced interoperability, strengthening the continent’s cloud services ecosystem.”

Francesco Bonfiglio, CEO of Dynamo, commenting on the initiative, said, “Sovereign APIs,  like SECA, establish a de-facto standard, driven by large providers like IONOS and Aruba, to build uniform access and control of data by those that will adopt it. A strong handshake of trust between customers and providers. We are proud to be part of the SECA initiative and excited to announce it today at the Dynamo Cloud Business Forum in Milan.”

Building a Level Playing Field for Successful and Growing European Cloud Providers

The European cloud market has grown significantly, now estimated to be six times larger than at the beginning of 2017. Projections suggest that it will continue on this upward trajectory, with an expected market compound annual growth rate of 21.3% by 2030, driven by digital transformation initiatives and increasing demand for secure, sovereign, and scalable cloud solutions across industries. However, European-based cloud service providers face challenges in keeping pace with overall market growth within Europe. Despite growing demand for cloud solutions, they are being outpaced by a high concentration of large global competitors, the so-called hyperscalers, which benefit from economies of scale, advanced infrastructure, extensive service portfolios, and strong lock-in effects, and may not always align their business practices with EU regulatory requirements until pressured.

Creating a level playing field and ensuring fair competition are essential to fostering innovation and sustainable growth within any market. This means setting fair standards, access, and regulations that allow all players — large and small — to compete based on merit rather than market dominance or unfair advantage.

SECA is expected to play a key role in the creation of the EuroStack

The growing EuroStack initiative (https://euro-stack.eu/a-pitch-paper/) seeks to create an open, interoperable, and sovereign digital infrastructure for Europe, a complete digital ecosystem made and supplied in Europe, supported by the technical capabilities of the SECA API and the Dynamo platform.

A EuroStack for cloud is crucial for European digital sovereignty, data privacy, regulatory compliance, innovation, and security. Backed by an expanding network of contributors across the continent, it actively encourages open participation at this pivotal moment, as Europe identifies the gaps that must be addressed to regain independence and achieve a leadership position in the sovereign cloud space. By doing so, it will enable Europe to build its own cloud ecosystem, independent from external control, while fostering a competitive, sustainable, and democratic digital economy.

High market concentration and lack of interoperability pose a number of challenges for Europe and risks for the end user

High market concentration and limited interoperability pose significant challenges for Europe and risks for end-users. For example, following a recent merger, a major provider of virtualised IT infrastructure has started requiring users to sign new licensing agreements that may not be in their best interests, increasing dependence on a single vendor and significantly increasing licensing or switching costs. Similar risks and challenges are increasingly evident in the European cloud platform market. An example is the trend of U.S.-based IT corporations acquiring companies that own essential tools for Infrastructure-as-Code pipelines, showcasing the appeal of independent, agnostic APIs.

One of the most pressing concerns is US cloud providers granting US authorities access to any data and information stored regardless of where the data is physically located. This presents a significant risk for European businesses, institutions, and governments, as sensitive data hosted by American hyperscalers remains subject to extraterritorial legal reach. Without truly European cloud alternatives, European companies are left exposed to potential breaches of confidentiality, regulatory conflicts, and loss of control over critical infrastructure.

Moreover, today’s market dynamics reveal that each hyperscaler has introduced its own proprietary interpretation of a ‘sovereign cloud’, yet none provide the level of interoperability, reversibility, and control required by Europe’s next phase of digital regulations, including the Digital Markets Act (DMA), Digital Services Act (DSA), and the forthcoming AI Act.

In this context, compliance and standardisation can serve as a competitive advantage for EU companies, positioning Europe as a frontrunner in the emerging hyper-distributed cloud model.

Compliance and interoperability as a competitive advantage for European players

Instead of advocating for even more EU regulation, the SECA initiative will move forward with a new API that will not only help providers move towards technical convergence, but also regulatory convergence by enabling faster movement of data and applications.

SECA provides a standardised interface that allows platforms from participating organisations to operate based on a common core API specification: Open API. Initially deployed at the Infrastructure-as-a-Service (IaaS) layer, this common foundation allows organisations to develop tools and automation with consistent standards, fostering interoperability and ensuring a cohesive approach across the European cloud ecosystem.

The European Data Act, set to come into effect in September 2025, will usher in a new era of data accessibility, fostering a more fluid exchange of information across sectors and increasing demand from cloud customers for enhanced data control. This shift will finally enable SMEs to have their fair share in this upcoming data economy.

Concrete benefits of SECA adoption

Key features of the SECA API:

• Flexible access to a truly sovereign, safe, and European cloud ecosystem, adhering to all European regulations and data protection standards
• Effortless appliance, faster cloud provider comparison and easier testing
• Better multi-cloud interoperability thanks to mutually agreed standards
• Powerful magnet for software developers to connect applications
• No vendor lock-in for enhanced, sustained economic ‘punch’
• Faster training, quick adoption for new cloud providers, and easy onboarding
• Fair, inexpensive access to cloud benefits for both businesses & public sector
• Crucial foundational element for the EuroStack initiative, delivering a set of concrete and tangible components

Collaboration and Leadership: Aruba and IONOS driving clear development roadmap, inviting European cloud industry to participate and shape

Each EU cloud operator will be able to contribute uniquely based on their technology and expertise, creating a robust network that will initially include first movers headquartered in Italy, Germany, and Spain, and eventually extend to the entire EU/EEC territory. This networked approach mitigates the risk of vendor lock-in, enabling operators to deliver cloud services that provide customers with true freedom of choice, avoiding dependency on a single vendor and supporting a more open, competitive European cloud ecosystem.

In addition, collaboration between cloud market players will create a common set of public subroutines, methods, and requests that users can implement to interact with a single, open-source, versioned API, rather than navigating each provider’s unique applications.