As the US and China vie for global power and influence, nowhere is this competition more intense than in the area of technology. Just like the flow of digital information itself, the manufacturing, trade, and use of this technology cuts across national borders. Asma Mhalla speaks to Edouard Gaudot about how Europe has sought to assert itself through regulation in response to this escalation, in a bid to enforce its norms and protect the privacy and data of its citizens.  

Edouard Gaudot: How do you see US President Joe Biden’s latest announcement of restrictions on semiconductor sales to Chinese-owned firms? What is its industrial and geopolitical significance? 

Asma Mhalla: First, we need to put things in context. This isn’t a one-off executive order, but one of a series of decisions taken in this area since the end of August that must be understood in the context of longer-running and wider strategic competition between the United States and China that goes back to the Obama administration. Semiconductors are microchips that are essential for certain devices like phones, PCs, microwaves, and cars to work: they are their brain. 

In the semiconductor world, there are various generations: the oldest are wider, and the latest thinner – around 3 nanometres currently, with the goal of reaching 2 nanometres. They form the nervous system of much of the digital economy. Furthermore, they are by nature “dual” technologies, in other words, both civilian and military. So they’re strategic. During the Covid-19 crisis, supply-chain problems alerted all the world’s economies, including Europe’s, to their vulnerability in this area, particularly their dependence on China. 

At the end of August, Biden signed the CHIPS and Science Act, allocating 54 billion dollars to the semiconductor industry. It involves reshoring production to the United States and closing the design gap for the latest generations of microchips. This ambitious governmental plan aims to give the US maximum independence, given that the country is currently an importer of this technology. In addition, the export ban seeks to curb the transfer of technology to China, especially high-value technology. It sanctions individuals and companies who help the Chinese economy in this regard, as well as prohibiting Chinese firms from investing in this sector in the US. It’s a protectionist measure that de-globalises the value chain in this industry. 

What is the impact of this sequence of events on Europe? 

Today, the semiconductor supply chain is split between six major countries: China, Taiwan, South Korea, Japan, the United States, and the Netherlands. Continental China produces and designs old generations but in small quantities and therefore at a lower value. Taiwan’s TSMC firm is an industry leader, while South Korea has Samsung. The US is a leader in patents. In Europe, ASML in the Netherlands is a leader in design and produces advanced ultraviolet technology that enables the production of nanochips. There are interconnections and interdependencies between designers and producers in these six centres.1 Thanks to the Netherlands, which is positioned in a key micro-segment, Europe has not been left behind, but these recent decisions have politicised and militarised the industry and have put political pressure on Europe. 

China is doing the same, but the US has taken a more aggressive approach, with Taiwan becoming the battleground this summer when Nancy Pelosi made an official visit. One of the first stops on her itinerary was TSMC, which has also opened a factory in Arizona, underlining the strategy aimed at reshoring to the US and moving towards technological sovereignty. 

For its part, Europe doesn’t have sovereignty in this industry. ASML and Franco-Italian firm STMicroelectronics, which focuses on older generations, do not make up for the lack of vision and the gap that has grown in this area. Europe is lagging behind the US. It realised this during the pandemic. Hence the “Breton Plan” was launched by the European Commission to allocate 54 billion euros to a European CHIPS Act.  

Europe is faced with two challenges: first, to reduce its dependence on the US so that it doesn’t have to toe the line when it comes to defending American interests, which would threaten its pursuit of balance in Sino-American tensions. This security dilemma was highlighted by the Huawei episode during the Trump administration. On semiconductors, there’s the same risk. For example, ASML’s production chain is totally integrated across the three continents: if one stakeholder stops being cooperative, the whole chain grinds to a halt.  

So the second challenge is: which camp do you choose if you have no independence and ability to refuse to take sides in this confrontation? Lastly, Biden is just continuing Trump’s aggressive and protectionist policy slightly more politely. Because Trump did not go as far as signing executive orders prohibiting, isolating, and blocking development in China.  

So taking Taiwan isn’t just a geostrategic objective for China to gain access to the Pacific Ocean; it’s also about controlling a key link in the semiconductor value chain? 

Taiwan is, without a doubt, primarily a territorial question for Beijing. But TSMC and Taiwan perfectly symbolise the “security dilemma” over semiconductors. The industry’s entire global value chain would face collapse in the event of a Chinese attack. The restrictions that Washington is imposing on China may lead to greater geopolitical and territorial tension around Taiwan. For example, earlier this year the CEO of TSMC, Mark Liu, threatened to sabotage the company if China were to invade. And, paradoxically, they are spurring China to accelerate the development of its own capabilities.  

Europe’s problem is that it doesn’t have the technologies, so it makes up for it with rules for industries.

The second area of transatlantic tension is the regulation of the cloud and data transfers. Here, technology rubs up against rule of law because data is used in different ways on either side of the Atlantic. What do you think are the issues raised by this tension, and what solutions do you see

This is another very complicated question. Ever since the European Court of Justice invalidated the Privacy Shield (a framework that protects personal data of EU citizens when transferred to the US for commercial purposes), we’ve needed an agreement that ensures Europeans receive equivalent treatment in terms of security in the US. Why is this problematic? Because some of our data pass through the cloud in America, where the CLOUD Act and FISA [Foreign Intelligence Surveillance Act] enable American federal agencies to access the personal data of European citizens. 

A recent report commissioned by the Dutch Ministry of Justice and Security showed that this example of American extra-territoriality was even more it intrusive than previously thought. Today, European technology sovereignty is very limited, especially when it comes to the cloud: the infrastructure that enables data to be hosted, stored and, above all, exploited thanks to a SaaS layer [a cloud-based method of providing services, like Netflix] boosted by artificial intelligence (AI), which is at the root of economic value creation. Yet, in this cloud world, the most advanced players in AI or even cybersecurity are American. The European – and French – market is basically controlled by AWS, Microsoft Azur, and Google. 

The ECJ’s invalidation of the Privacy Shield was based on a judgement that the security provided for European citizens’ data by the US diverged too strongly from that required in the EU. Since then, there’s been a legal vacuum, which is why October’s executive order was keenly awaited. It’s a very clever text. It responds to criticisms of the Privacy Shield by providing a process and administrative points of contact for safeguarding the rights enshrined in the GDPR or remedies in the event of an investigation. But apart from that, it does nothing to change the ultra-dominant position of the US through their big tech firms, particularly those that control the cloud infrastructure: if there is no longer any legal obstacle to the flow of data under the same security conditions, then the market can continue to operate unchanged and will continue using AWS and Azur. From this point of view, the law – American, in this case – is a weapon that serves American power.  

With this text, some of the arguments made by French and European cloud companies have been turned against them. The US has responded to criticisms and to provisions of European law. What’s playing out, then, is an asymmetric power struggle and a tug-of-war between American sovereignty and the prospect of European sovereignty where the key issue of infrastructure and data security is, and will be, crucial in political compromise. 

Competition with the US for technological leadership is therefore generalised and favours the EU little. There is, however, one area in which Europe does lead: green technologies and their role in the ecological transition. But does Europe have the means to achieve its ambitions?  

The problem on all these issues is the same: what’s the vision? On green tech, semiconductors, and the cloud, Europe is in a position of relative weakness. Without a strategic state, like China or the US, we’ll never get there. Unless the EU has a coherent and strategic vision of mechanisms and ecosystems, it won’t be able to participate in the game being played by China and the US. It will become the prize instead. Fundamentally, it isn’t about developing green tech. It’s about taking the time to analyse each industry, one by one, to identify its assets, strengths, and weaknesses, and how to incorporate it into the technological value chain to make it indispensable. 

This issue for Europe isn’t so much its sovereignty in the strictest sense as its strategic autonomy – its ability to maintain the balance of power with allies and adversaries alike.  

One of the issues of tech isn’t tech itself. It’s the ideology that’s behind it; the vision of the world, the rules, the standards that are promoted in the design of technology. Europe’s problem is that it doesn’t have the technologies, so it makes up for it with rules for industries. This is illustrated by the Digital Services Act (DSA) and the Digital Markets Act (DMA) [EU-wide regulation on online platforms, covering illegal content, advertising, and disinformation and regulation on digital markets to promote fair practices, respectively]. The point of these laws, without going into detail, was to clearly address the problem of sovereignty vis-à-vis the giant American gatekeepers. The DSA territorialises and anchors transnational companies with American roots. This means that when platforms like Facebook, Google, Twitter, and Amazon operate in Europe, they are subject to European values, standards, and regulations. From this point of view, it’s “defensive normative sovereignty”: we’re making up for the lack of offensive industrial sovereignty by maintaining control over American firms.  

At this stage, we need to accompany this vision of normative sovereignty with a targeted industrial and technological policy to avoid the harmful effects of spreading budgetary resources too thinly. This inevitably involves choices that aren’t easy to make, including scrapping certain things. Put simply, political courage.  

There is a delicate line to be drawn for the respect of freedom of expression in public spaces.

Billionaire Elon Musk just bought Twitter, the number one forum for political and policy debate in the West. What are the implications for the European Union of his purchase of this hugely influential media company? 

It’s essential to separate the legal and political context of the United States from that of the European Union. It is amusing to see how Europe is importing a (justified) American panic. It’s a source bias because our sources are the New York Times, the Washington Post, etc. However, the legal frameworks and philosophies are completely different. In the US, we have a vision of maximalist freedom of expression, enshrined in the first constitutional amendment, which protects the freedom of expression of the platforms themselves, therefore their latitudes in moderation. In Europe, on the contrary, we have a much more standardised and regulated freedom of expression, and the safeguards are much clearer – they are set by the DSA, which will come into force in a few months. So Twitter does not have a free hand from a legal point of view in Europe but will be subject to the DSA as well as, if necessary, to the national jurisdictions. In France, for example, the 1881 press freedom law, the penal law, and the entire legal corpus on anti-fake news laws, disinformation, and the removal of terrorist content are some of the laws which apply. So, theoretically, the policies around platform moderation, responsibility, and accountability will be completely different in the US and Europe.  

One problem that will arise in Europe is the feasibility of applying and enforcing the DSA, which is not at all straightforward. The governance is still under construction and the question of financial and human resources and skills for the regulatory bodies is not settled either. It is critical to making the text operational. 

The other, non-legal aspect, which appeared when Musk announced the takeover, concerns the banning of accounts that peddle conspiracy theories or that are far right. We cannot put a moderator behind each citizen, that would obviously be madness, but hunting down hateful content on a daily basis is really challenging. In these times when we talk a lot about the “splinternet” and the breakdown of the informational sphere into ideological blocs, the fundamental question for liberal democracies is how to guard against abuse and articulate their social contract and the rule of law around technology. There is a delicate line to be drawn for the respect of freedom of expression in public spaces. 

But still, the European case and the American case must be distinguished. 

Cookies on our website allow us to deliver better content by enhancing our understanding of what pages are visited. Data from cookies is stored anonymously and only shared with analytics partners in an anonymised form.

Find out more about our use of cookies in our privacy policy.