Digital Sovereignty
Beyond the Buzzwords
The Call for Digital Sovereignty: More Than Just Buzzwords
The call for digital sovereignty is not new, but it seems to be growing louder. Two topics that consistently come up in this context are Open Source and “local” or EU-based clouds. However, the issue is multi-layered and cannot be reduced to a few buzzwords.
Beyond the Internet: The Infrastructure Layer
I’ll set aside the internet as a whole for now—although critical developments are observable there as well. Even a fundamentally decentralized medium can become more centralized and create dependencies through individual ISPs or premium interconnections.
The concept becomes more tangible when we look at service infrastructure. Here, the choice of hosting provider or cloud platform ultimately determines who has control—over availability, access, and, ultimately, over the data stored there.
The Platform Dilemma: Complexity and Expertise
The next layer consists of the platforms and tools we use to operate our services. Do I use proprietary PaaS offerings or open, yet complex, standards like Kubernetes? How dependent am I on the continued development and maintenance of these platforms? And crucially: Will there even be enough people who can understand and maintain them in a few years?
The Dependency Spiral in Application Code
Then comes the actual building of our applications. How many external dependencies do I have? Is my project composed of hundreds or thousands of libraries, often maintained by individuals or small teams in their spare time? Or do I manage to get by with a few, well-understood components? Particularly in some ecosystems, it has become clear that the sheer mass of transitive dependencies can pose a significant risk—both technically and organizationally.
The Core Asset: Data Sovereignty
And finally, perhaps the most critical layer: the data itself. Where is it located physically and under which jurisdiction? Who has access—not just technically, but also by law or contract? Even encrypted data is of little use if I can no longer access it when needed, or if I lose the authority to decide what happens to it. Data is the actual asset; everything else is just the packaging.
Conscious Decisions Over Convenient Shortcuts
At every layer, our decisions have consequences. Conscious decisions are not a problem—those who know what they are doing and why are already halfway to achieving sovereignty. The problems arise when dependencies form out of convenience, time pressure, or a lack of engagement.
A Pragmatic Path to Independence
A simple example from the programming world makes this tangible: While some languages and ecosystems encourage importing an external library for every minor problem, there are ways to consciously work differently. Go, for instance, was designed from the start with a large, stable standard library and the principle of “less magic.” The result is often a statically linked binary with no external runtime dependencies—something that can be built exactly the same way in ten years as it is today. This isn’t ideology; it’s a pragmatic form of independence.
A similar principle applies to platforms and infrastructure: the minimally sufficient solution is almost always the more robust one. You don’t buy a truck for your daily commute just because you occasionally need to do a big grocery shop. And when it comes to data, sovereignty primarily means keeping it where you can ultimately make the decisions yourself.
The Essence of Sovereignty
For me, therefore, sovereignty means one thing above all: deciding consciously. Being aware of the consequences—and being willing to bear them. Many of today’s dependencies were not created by some malevolent force, but by earlier shortcuts: to save money, to finish faster, to delegate responsibility. Those who now find that sovereignty is hard to reclaim in certain areas have usually simply started thinking about it too late.
The good news: It’s never too late to at least approach the next decisions more consciously.