Table of contents
- What is CISPE and why its opinion matters
- CISPE’s concerns about Broadcom’s VMware licensing
- The «kill-switch» controversy
- Legal challenges mount across Europe
- SAP and Citrix are also under scrutiny
- The EU Cloud sovereignty framework under fire
- A call for a stronger European framework
- Why this matters for businesses planning cloud migration
- How Hystax can help
What is CISPE and why its opinion matters
The Cloud Infrastructure Services Providers in Europe (CISPE) is a leading European trade association representing cloud infrastructure vendors—companies that provide the fundamental layers of cloud computing, including compute, storage, and networking.
CISPE advocates for fair competition, data protection compliance, and European digital sovereignty, ensuring that EU cloud providers can compete on a level playing field with global hyperscalers.
This month, CISPE published its third European Cloud Competition Observatory (ECCO) report, and its findings made waves across the IT world.
The organization gave Broadcom a «red alert» rating—its most critical warning—over alleged anticompetitive behavior following its acquisition of VMware. The report also criticized the European Union’s Cloud Sovereignty Framework, suggesting that the EU’s current approach risks undermining smaller, homegrown cloud companies.
CISPE’s concerns about Broadcom’s VMware licensing
Since Broadcom completed its acquisition of VMware, many European customers have reported significant price increases and new restrictions on software licensing. CISPE’s ECCO report claims that the situation has «only deteriorated», introducing what it describes as unfair licensing behavior that harms both cloud vendors and end customers across Europe.
According to CISPE, the trade group contacted Broadcom in an attempt to resolve these issues, raising several demands:
- Ensuring end-customer privacy and data protection;
- Providing better channel program access for smaller cloud service providers;
- Offering more licensing flexibility for large cloud vendors;
- Guaranteeing at least a six-month notice period for any pricing or contractual changes;
- Addressing the price hikes allegedly caused by forced product bundling.
The «kill-switch» controversy
One of the most alarming points in the ECCO report is CISPE’s mention of rumors about a potential «kill switch» or «time bomb» mechanism in VMware software.
Such functionality, if true, could remotely disable or limit VMware features if customers fail to report usage data according to Broadcom’s requirements.
While these claims remain unconfirmed, the mere suggestion has raised significant concern among CSPs (Cloud Service Providers) and enterprises relying on VMware infrastructure for critical workloads.
Broadcom, for its part, strongly denies all allegations of misconduct, emphasizing that its acquisition of VMware was reviewed and approved by 13 global regulators, including the European Commission.
Legal challenges mount across Europe
The CISPE report comes amid growing legal and commercial backlash. Major enterprises, such as Tesco and Computacenter, have reportedly filed legal actions against Broadcom, citing the disruptive licensing changes introduced after the acquisition.
This dispute reflects a broader trend in Europe, where software licensing models are increasingly viewed as a barrier to innovation and cloud adoption. By limiting flexibility or forcing bundles, vendors can make it harder for organizations to manage costs or adopt a multi-cloud strategy — something the EU’s Data Act specifically aims to encourage.
SAP and Citrix are also under scrutiny
Broadcom wasn’t the only target in CISPE’s ECCO report. The association also criticized SAP and Citrix for following similar strategies.
- SAP was accused of «squeezing out European clouds» by certifying only major U.S. hyperscalers — Microsoft, AWS, and Google Cloud — for its hosting and infrastructure operations.
- Citrix, meanwhile, was cited for «following aspects of the Broadcom playbook» as it transitions from a perpetual licensing model to a subscription-based one.
The EU Cloud sovereignty framework under fire
Beyond individual companies, CISPE also criticized the European Union’s own Cloud Sovereignty Framework, arguing that it fails to protect European interests effectively. According to CISPE, the EU’s approach introduces a «murky sovereignty score» that combines unrealistic technical goals—such as requiring complete EU control of hardware components—with vague policy ideas, including «assurances against change of control.»
The concern, CISPE says, is that foreign hyperscalers could still score highly on this sovereignty scale simply by investing or participating in EU initiatives. In contrast, smaller European providers might score lower despite being locally owned and operated. This, the group warns, could «muddy the waters» and ultimately favor non-European vendors.
A call for a stronger European framework
CISPE is urging the EU to strengthen and clarify its sovereignty standards by building on existing frameworks such as Gaia-X, which aims to create a federated and secure environment for sovereign data exchange in Europe.
The trade group proposes more explicit definitions between sovereign clouds (fully protected from foreign control) and operationally resilient clouds (focused on reliability and compliance).
The timing of this call is crucial. The EU Data Act, which entered into force last month, is designed to reduce vendor lock-in and ensure customers can easily migrate to public cloud providers of their choice. The Act also mandates that cloud service providers make data portable and interoperable across platforms—an effort to prevent the kind of market concentration CISPE’s report highlights.
We’ll help you migrate your workloads safely and efficiently — from VMware to any public cloud, or OpenStack — with minimal downtime and no data loss.
Thank you for your request!
We will be in touch soon.
We respect your privacy. See our Privacy Policy. You can unsubscribe at any time.
Why this matters for businesses planning cloud migration
For enterprises relying on VMware-based infrastructure, these developments underscore the importance of migration planning and flexibility.
Rising licensing costs, potential compatibility risks, and uncertain vendor strategies can all jeopardize long-term cloud initiatives.
Organizations across Europe are therefore re-evaluating how to:
- Transition from on-prem to cloud migration smoothly and securely,
- Execute a VM migration to AWS or a VM migration to GCP while maintaining performance and compliance,
- Manage VM migration in OpenStack or hybrid cloud environments without disrupting operations,
- And generally approach moving to the cloud in a way that minimizes lock-in and maximizes business continuity.
These topics have become critical not only for cost control but also for data sovereignty and operational resilience — two key priorities in the post-VMware era.
How Hystax can help
At Hystax, we’ve been helping global and regional enterprises migrate to public cloud securely and predictably for years.
Our flagship solution, Hystax Acura, offers agentless, fully automated workload migration, ensuring complete data integrity and minimizing downtime across all major platforms, including AWS, Azure, Google Cloud, OpenStack, and more.
If your organization is affected by recent VMware licensing changes, or if you’re planning a migration to public cloud but aren’t sure where to start, our experts can help you design a cost-efficient and risk-free strategy.
