How sovereign do you want to be?
Sovereignty is a great word, and it has a nice ring to it. Everyone would like to be sovereign, but being so comes with costs and inconveniences. Therefore, it’s useful to break down the concept to see what we really mean by it and what we’d be prepared to do to be “sovereign”.
Confidentiality is often the first thing that comes to mind. Who can read all our communications and files? And will they sell our data? Or feed it to their AI? The Dutch Senate and House of Representatives recently decided that it’s no problem if Microsoft and the US government have access to their data. The Dutch government cloud policy requires a careful risk analysis for such a decision. Unfortunately, many parts of the government don’t actually fall under this policy, and therefore such a risk assessment is not publicly available for our houses of parliament, or it might not even exist.
It would be nice to read that though, because either it says “we don’t mind the Americans having access” or “we think they could spy on us but won’t”. Both would look pretty weird on paper .
Confidentiality is more exciting for a government than for a shoe store, so it’s not the most important aspect of sovereignty for everyone from a practical perspective.
Another aspect is flexibility: can I still make my own choices? If you outsource an entire EV charging infrastructure to a large company in a far-off country, you’ll face an uphill battle to get them to take your local needs seriously. If you want dynamic pricing based on your new special tax system, for example, custom work will be needed. But if you’re completely dependent on them and clearly have no other place to go, the chances of getting your customizations (for an affordable rate) are small. If you had your own local/national industry, you’d be a much more important customer, because you’re a large and nearby market for them. And they likely also want to innovate together with you.
A third factor is whether you can still repair your stuff when it breaks, for example in times of panic, chaos, or war. How resilient are you? Recently, Ukraine’s largest phone company was completely hacked by the Russians. Two days later, Kyivstar was back online. The company managed to restore the destroyed infrastructure together with the government and local computer security industry.
If this would’ve happened in the Netherlands, we’d have to open a ticket with our support partners working from Asia and ask them to take a look at what’s going on. If we can still open a ticket, that is, because maybe we can’t reach their systems anymore. And who knows if the country where the support comes from has such close ties with Russia that it’s weird to ask a “friend of Russia” like China to rescue us from Russian hackers. And apart from that, does your partner far away have time for you when there are crises elsewhere as well?
In conclusion, to make good decisions on sovereignty, it’s necessary to consider these three aspects separately. Because confidentiality, flexibility, and resilience all require different considerations and solutions.